Azure-in-bullet-points

Azure Backup

• Backs up to Recovery Services Vault
• Online storage entity in Azure used to hold data such as backup copies, recovery points and backup policies.
• Storage account is automatically created an configured
  • Comes with LRS and GRS storage account.
    • Configure in Vault -> Backup Infrastructure -> Backup Configuration
• All backups are listed and globally controlled in Backup Jobs
  • You can monitor status and get reports
  • You can filter the jobs
• Backup policy
  • Settings
    • Policy type
      • Azure VM
      • Azure File Share
      • SQL Server in Azure VM
    • Backup frequency
    • Retention range: daily, weekly, monthly, yearly
• You can set inbuilt RBAC roles to vault
  • Backup Operator: Manage backups but cannot remove backup, create vault, give any roles.
  • Others e.g. : Backup Reader, Monitoring Reader
• Backup Alerts
  • Vault -> Backup Alerts -> Configure notifications -> Enable e-mail notifications, choose severities (critical, warning, information), select notification (per alert or hourly digest)
• Enable MFA
  • Properties -> Security settings -> Enable
  • ❗ Cannot be disabled when enabled once.
• You generate Security PIN for critical options and Azure Backup will prompt for the pin (Properties -> Security settings)
• When creating a VM back-up you can enable back-ups and choose a vault and policy.
  • ❗ VM must be in same location as recovery vault
• To delete a vault, ensure all backups are stopped, delete backup agents/servers
• You can configure Azure Backup Reports in Vault -> Backup Reports -> Diagnostic Settings -> Turn on diagnostics
  • You can save reports in you can archive reports in storage accounts, stream to event hubs, send to Log Analytics
  • After you configure a storage account for reports by using a Recovery Services vault, you can connect Azure Backup from Power BI and get a dashboard.

Benefits

• Automatic storage management
• Unlimited scaling
• Application-consistent backup
  • Each and every recovery point it has information for what it needs to go back to recovery point
• Data encryption both in-rest and and in-transit
• Unlimited data transfer
• Long-term retention without any time limit

Pricing

• Pay as you go storage model
• You pay per Protected Instance
  • Protected instance is an application server/workload or computer that’s been configured to back up to Microsoft Azure

Components

Microsoft Azure IaaS VM Backup

• Features
  • Policy-driven backup and retention
    • Scheduled and on-demand backups, multiple recovery points
    • You can hwoever use to backup directly with Backup Now
  • Application-consistent backup
    • No impact on production environment and no shutdown of VMs
  • Fabric level backup
    • Multiple backups, centralized management, detailed tracking
• ❗ New VM created by backup won’t have backup policy associated with it.
• Restoring and file-recovery manually
  • Go to back-up blade for VM.
    • Two alternatives:
      1. Back Up Items -> Select backup -> Restore VM -> Select snapshot
      2. VM -> Back-up
  • Different alternatives:
    1. Restore VM
       • Two alternatives:
         1. Create new VM
         2. Restore disks
    2. File recovery
       1. Select recovery point
       2. Download script and execute on VM
          • Mounts disks from the selected recovery point
          • 💡 If files are larger than 100 GB, restore whole VM instead
       3. Unmount disks after recovery

Microsoft Azure Backup MARS Agent

• Called also Recovery Services Agent.
• For backing up on-premises computers to Azure
  • Install back-up agent on local machine
  • Need connectivity to Microsoft Azure
• Same configuration and control
  • Centralized management of all on-premises back-ups
• Secure backup and recovery
  • Protected Instance is registered with Azure
• Flow:
  1. In recovery services in portal
     1. Back-up
        • Where is your wokload running: On-premises
        • What do you want to back-up:
          • Files and folders, Hyper-V, VMware, Microsoft SQL Server, Sharepoint, Exchange, System State, Bare Metal Recovery.
     2. Backup files and folders and system state
     3. Download Recovery Services Agent from link provided
     4. Download credentials to enter in the workstation
     5. Transfer credentials & agents to the workstation
  2. Install the Azure backup client
     • Select a password for encryption
  3. Setup the backup
     • Click on Schedule Backup in agent
     • Select files/folders
     • Specify retention settings and policy
  4. Backup and restore file
     • Click on Backup Now in agent
     • Click on Recover Nwo in agent

Microsoft Azure Backup Server

• Centralized installation
  • Can be installed on a server in Azure or on-premises
• Free
• Similar functionality as Data Protection Manager (DPM)
• Backup a variety of instances
  • Workloads, VMWare and Hyper-V VM’s, hosts, files, application workloads and barebone backups
• Flow:
  1. Create Backup in Site Recovery Service
     • Go to Vault -> Backup
     • Get link for Azure Backup Server
  2. Install Azure Backup Server
     • Installs SQL server
  3. Configure Azure Backup Server
     1. Select management
     2. Protection Servers -> Register a server
     3. Disk Servers -> Add a disk for configuration files
     4. Create protection group
        • Add servers, workstations and workloads to the group
        • Can back-up to online and/or locally
     5. Enable disk for backup data
  4. Recover with Azure Backup Server
     • Select server -> Click on Recover Now

This site is open source. Improve this page.