Veeam Backup For Azure – Integrating with Veeam Backup and Replication

Veeam, , , ,

In this blog post we will cover the following topics;

- Adding your Azure Repository to Veeam Backup and Replication
- Viewing your protected data
- What can you do with your data?
- - Backup Copy to another repository
- - File Level Recovery
- - Veeam Explorer - Application Item restore
- - Instant Virtual Machine recovery to vSphere and Hyper-v
- - Restore to Amazon EC2 or Microsoft Azure

The follow up blog posts are;

- Getting started with Veeam Backup for Azure
- - Configuring the backup infrastructure
- - Monitoring
- - Protecting your installation
- - System and session logs
- Configuring a backup policy
- - Viewing and Running a Backup Policy 
- - Looking at Session logs
- Restoring a Backup 
- - Viewing protected data 
- - File Level Recovery 
- - Virtual Machine Disk Restore 
- - Full VM Restore

If you have an Veeam Backup and Replication install up and running, either on-premise to protect VMware or Hyper-V workloads, or even running in a Public cloud to provide resiliency to your infrastructure, then it’s simple enough to integrate that deployment with the data protected by Veeam Backup for Microsoft Azure.

By linking your Veeam Backup for Azure repository (Azure Storage Account) to your Veeam Backup and Replication environment, you then get access to a whole host of options.

  • File level recovery via Veeam Backup and Replication console
  • Instant VM recovery to vSphere/Hyper-V
  • Restore VM to Amazon EC2
  • Restore VM to Microsoft Azure
  • Perform a Backup Copy to another location such as a Cloud Connect Partner.
Adding your Azure Repository to Veeam Backup and Replication

Open your Veeam Backup and Replication console > Go to the “Backup Infrastructure” tab, and right click on External Repositories > Click “Add external repositories”, this will open up the wizard.

Select “Veeam Backup for Microsoft Azure”

Continue reading Veeam Backup For Azure – Integrating with Veeam Backup and Replication

Veeam Backup for Azure – Configuring your first Backup Policy

Veeam, , , ,

In this blog post we will cover the following topics

- How a backup policy works
- Creating a Backup Policy
- Viewing and Running a Backup Policy
- - Looking at Session logs
- Summary and next steps

The follow up blog posts are;

- Getting started with Veeam Backup for Azure
- - Configuring the backup infrastructure
- - Monitoring
- - Protecting your installation
- - System and session logs
- Restoring a backup
- - Viewing protected data 
- - File Level Recovery 
- - Virtual Machine Disk Restore 
- - Full VM Restore
- Integrating with Veeam Backup and Replication
- - Adding your Azure Repository to Veeam Backup and Replication
- - Viewing your protected data
- - What can you do with your data?
- - - Restore/Recover/Protect
How a backup policy works

Veeam Backup for Microsoft Azure, allows you to create the following types of snapshots and backups:

  • Snapshots; managed & unmanaged VHDs of Microsoft Azure VMs, which includes the configuration of a VM.
  • Backups of managed & unmanaged VHDs of Microsoft Azure VMs, which includes the configuration of a VM.

When you run a backup policy (A.k.a Backup Job), the Veeam services will perform the following tasks;

  1. Retrieve the configuration of your Microsoft Azure VMs, that are selected in the policy.
  2. Create either a backup or snapshot for the Microsoft Azure VMs, depending on the policy configuration
    • Backups – Both managed/unmanaged VHDs are saved to the configured Backup Repository.
    • Snapshots
      • Managed VHDs – snapshot saved to resource group of source VM,
      • Unmanaged VHDs – snapshots saved to Azure Storage Account of source VHD

For both backups and snapshots, the VM configuration is saved to the Veeam Backup for Microsoft Azure configuration database.

The backup services running on the workers, encrypt & compresses data that you back up to backup repositories.

(Image Source)

Creating a Backup Policy

If you are in configuration mode, you can select the “exit configuration” in the top left of the UI.

Under Management, Select Policies > Add

  • Set your Policy name and description

  • Select your Azure Active Directories where your workloads are located

Continue reading Veeam Backup for Azure – Configuring your first Backup Policy

Veeam Backup for Microsoft Azure – Restoring a Backup

Veeam, , , ,

In this blog post we will cover the following topics

- Restoring a Backup
- - Viewing protected data
- - File Level Recovery
- - - File Level Recovery Session Log
- - Virtual Machine Disk Restore
- - Full VM Restore

The follow up blog posts are;

- Getting started with Veeam Backup for Azure
- - Configuring the backup infrastructure
- - Monitoring
- - Protecting your installation
- - System and session logs
- Configuring a backup policy
- - How a backup policy works 
- - Creating a Backup Policy 
- - Viewing and Running a Backup Policy
- Integrating with Veeam Backup and Replication
- - Adding your Azure Repository to Veeam Backup and Replication
- - Viewing your protected data
- - What can you do with your data?
- - - Restore/Recover/Protect
Viewing Protected Data

Once you have a successful backup policy run, you will find that by navigating to “Protected Data” in the left-hand navigation pane, you will find details of your protected workloads and the backups stored.

Highlighted in the purple box above, we are able to click on each of our protected virtual machines and see the details of the restore points held.

The available restore options are;

  • VM Restore
    • Restore a full virtual machine to the same or a different location. This restore uses both the VM configuration and VHD backups.
  • Disk Restore
    • Restore only a virtual machines hard drive to the same or a different location, these will not be attached to any virtual machines when the restore is complete.
  • File-Level Recovery
    • Restore of files and folders from protected instances, which are available to download to your local machine.

Below, we can see the available restore points for my “Ubuntu01” virtual machine. As the backup policy has only run once, I have a single snapshot held with the VM itself, and a single backup of the full virtual machine (VHDS and VM configuration, which are located in my configured Repository.

  • Backups – Both managed/unmanaged VHDs are saved to the configured Backup Repository.
  • Snapshots
    • Managed VHDs – snapshot saved to resource group of source VM,
    • Unmanaged VHDs – snapshots saved to Azure Storage Account of source VHD

From this view, we can select to restore the Full VM, the individual VHDs, under the Restore option, or we can perform a file-level Recovery under the second self-named option.

File Level Recovery

You can enter a file level recovery as per the above screenshot, or from the main screen by highlighting your protected VMs and clicking file level recovery.

By clicking “Change Restore Point” you will of course see the various points in time available.

Continue reading Veeam Backup for Microsoft Azure – Restoring a Backup

Veeam Backup for Microsoft Azure – Getting Started: Setting up the Infrastructure

Veeam, , ,

In this blog post we will cover the following topics;

- What is Veeam Backup for Azure
- Getting Started
- - Architecture
- - Deploying from Azure Marketplace
- - Logging on for the first time
- - Connecting to your Microsoft Azure Subscriptions and Storage - - Accounts
- - Configuring a repository account
- Deploying worker VMs
- Monitoring
- Protecting your Veeam Backup for Azure Appliance
- Download Logs

The follow up blog posts are;

- Configuring your first Backup Policy
- - How a backup policy works 
- - Creating a Backup Policy 
- - Viewing and Running a Backup Policy
- Restoring a backup
- - Viewing protected data 
- - File Level Recovery 
- - Virtual Machine Disk Restore 
- - Full VM Restore
- Integrating with Veeam Backup and Replication
- - Adding your Azure Repository to Veeam Backup and Replication 
- - Viewing your protected data 
- - What can you do with your data? 
- - - Restore/Recover/Protect

What is Veeam Backup for Azure?

If we look at the Microsoft document “Shared responsibility in the cloud“, we can see the very open comment;

  • Regardless of the type of deployment, the following responsibilities are always retained by you:
    • Data
    • Endpoints
    • Account
    • Access management

So, if you are always responsible for your data, that means you are responsible for protecting it, at both a security and backup point of view.

Veeam Backup for Azure is a turnkey solution that provides you a backup solution which can quickly and securely protect your data, available within the Azure Marketplace itself. Removing the need to spend hours on designing a solution and configuring the software.

Architecture

There are three main components;

  • Controller Server

A Linux VM deployed into Azure, which runs the Veeam Backup for Azure software.

  • Backup Repositories

Azure blob storage accounts where your Azure VM backups will be saved. The following storage accounts are supported currently;

Image Source

  • Workers

These are Azure VMs which are deployed automatically or manually by Veeam Backup for Azure server and are used for backing up and restoring the data. There is the capability to scale up and scale down the number of workers as needed.

The Azure region that worker VMs are deployed to, depend on the storage account they are linked to.

Each worker can process a single VM at a time, if a worker is idle for 10 minutes or more, then it is decommissioned (when setup to auto scale). Worker VMs, run the following services; A Worker service, which is responsible for fetching data from Azure; File-level recovery service, used for mounting data from a backup to the worker VM to initiate file-level recovery.

(Image Source)

Deploy Veeam Backup for Azure from the Azure Marketplace

The options to access the solution, which is driven via a web portal;

  • Direct via Public IP address
    • I recommend setting up firewall rules if you do this
  • Accessing the portal via a private IP address via the use of a VPN or Azure Express route.
    • If you need a VPN solution, check out VeeamPN.
    • This removes the need to publicly expose the solution.

Logging into the Veeam Backup for Azure Console

Your first login, you’ll provide the username and password configured during the deployment from the marketplace.

In my example, I will be using the publicly assigned IP address to log into the Portal UI. Upon first logon you will need to accept the EULA.

The interface is heavily wizard driven, which makes it simple to use and consume as a solution. If you’ve used Veeam Availability Orchestrator in the past, you’ll recognise similarities with the interface.

Logging into the solution for the first time, you’ll see this getting started screen, which makes it easy to understand how to operationalise the solution and start protecting your data.

Connecting to your Microsoft Azure Subscriptions and Storage Accounts

From the getting started page, we’ll click the first task to connect our Veeam Backup for Azure solution to our Microsoft Azure platform, which takes us to the screen shown below.

Continue reading Veeam Backup for Microsoft Azure – Getting Started: Setting up the Infrastructure

Veeam Backup for Azure – Service Endpoint from virtual network to Microsoft.Storage doesn’t exist

Veeam, , , ,

The Issue

After deploying a new Veeam Backup for Azure setup via the Microsoft Azure Marketplace, I was going through the configuration and when deploying my worker instances, which are used for performing the backup of the virtual machines.

I hit the following error;

The Service Endpoint from virtual network {VNET} and subnet {Name} to Microsoft.Storage doesn't exist.

The Cause

This was caused as I was using an existing storage account in a seperate resource group which I created manually. Which meant the pre-reqs were not met.

The Fix

Quick and easy fix, log into your Azure Portal, browse to your storage account where you are deploying the Worker Instances.

  • Click on “Firewalls and Virtual Networks”
  • Select “Selected Networks”
    • This is recommended from a security perspective
  • Click “Add existing virtual network”
  • Input the details of the virtual network to be used by the Worker Instances
  • Click the “Enable” button
    • This will enable the Service Endpoint on your selected network

Once the Service Endpoint is enabled, you see see a status message in the green text box highlighted, and the status changed to enabled.

  • Click the “Add” button
  • And remember to click save on the “Firewalls and virtual networks” pane.

Going back to your Veeam Backup for Azure portal, you can click “Check Again” on the Worker Configuration Status, and you should see this is successful.

 

Regards

Dean Lewis