Implement backup and recovery Flashcards
What are the different backup solution in azure?
Azure data backup solutions are:
1.MARS
2.MABS
3. Azure site recovery
4. Azure managed disks snapshots
5. Azure backup
6. Azure backup for Azure vm
7. Azure backup files
Azure backup service
https://learn.microsoft.com/en-us/azure/backup/backup-overview
https://azure.microsoft.com/en-us/updates/soft-delete-virtual-machine-backup/
Is a solution that provides solutions to backup your data and recover it from the azure cloud.
What can be backed up using azure backup:
1. On prem
2. Azure vm’s
3. Azure managed disks
4. azure file shares
5. SQL server in azure vm’s
6. SAP HANA databases
7. Azure blobs
*With soft delete, even if a user deletes the backup (all the recovery points) of a VM, the backup data is retained for 14 additional days, allowing the recovery with no data loss.
- Azure Backup doesn’t limit the amount of inbound or outbound data you transfer, or charge for the data that’s transferred. Outbound data refers to data transferred from a Recovery Services vault during a restore operation. If you perform an offline initial backup by using the Azure Import/Export service to import large amounts of data, there’s a cost associated with inbound data.
*
Backup on prem machines
- You can back up on prem Windows machines by using the the MARS ( Azure Backup Microsoft Azure Recovery Services) agent. Linux machines are not supported using this tool
- You can backup on prem machines to a backup server by using MABS( Microsoft Azure Backup Server) or DPM(System center data protection manager).
*The backup server can then be backed up to a recovery services vault.
Backup Azure VM’S
- You can backup vm directly by installing the backup extension to the azure vm agent that running on the vm.
- The extension backups the entire vm. - You can backup files and folders by using the MARS agent
Where is the data backed up?
Azure backup stores the backed up data in vaults such as recovery service vaults or backup vaults.
A vault is a storage entity that used to hold data , such as backup copies , recovery points and backup policies.
How is the data replicated in the vault?
- Locally redundant storage(LRS)
- Protects data from server rack and drive failures.
- Replicates the data three times within a single data center in primary region. - Geo Redundant storage ( GRS)
- Protects against region wide outages
- Replicates your data to a secondary region - Zone redundant Storage(ZRS)
- Replicates data in availability zones , this provides data residency and resiliency in the same region.
By default Recovery services vaults use GRS
* Recovery services vault can have up to 500 vaults*
What are the Backup Agents?
Azure backup provides different backup agents depending on the machine being backed up.
- MARS agent
- Can Run on individual on prem windows server machines to back up files , folders and system state.
- Can run on azure vm to back up files , folders and system state
- Can run on DPM/MABS servers to backup the DPM/MABS local storage disk to azure. - Azure VM extension
- Runs azure VM to backup them up to a vault.
What are the Backup types?
- Full backup
- Contains the entire data source takes more network bandwidth.
- Used for initial backup - Differential
-Stores the blocks that changed since initial full backup.
Not used by azure backup - Incremental
- Stores only the blocks of data that changed since the previous backup.
Used by DMP/MABS for disk backups
* Used in all backups to azure*
Not used for SQL server backups
Implement Backup center for azure backup
Back up center is a dashboard where you can govern , monitor , operate and analyze backups.
Things to consider when using backup center:
1. Range capabilities
Spans across multiple workload types such as vaults , subscriptions , regions , tenants
- Data source centric management
you can filter views by data source specific properties including subscription , resource groups and tags. - Connected experiences
Uses azure policy to to help govern your backups
Uses Workbooks of azure monitor and Azure monitor logs for detailed reports on backups. - supported in various tools
-Azure vm backup which includes SQL and SAP HANA
-Azure files backup , azure blob storage backup , azure managed disks backup
-Azure database for postgre SQL
What is a recovery services vault?
Stores recovery points that are created overtime and provides an interface to perform backup related operation such as on demand backups , performing restores and creating backup policies
Things to know about recovery services vault
https://learn.microsoft.com/en-us/azure/backup/backup-create-recovery-services-vault
https://learn.microsoft.com/en-us/azure/backup/backup-azure-delete-vault?tabs=portal
- Can be used to backup Azure file shares or on prem files and folders
- Stores backup data for various azure services such as IaaS linux or windows VM’s and Azure SQL in azure vm’s
- Supports system center data protection manager , windows server , Azure backup server (MABS)
*Select the geographic region for the vault. For you to create a vault to help protect any data source, the vault must be in the same region as the data source.
** The default period for daily backups is 30 days
What is Azure MARS agent?
Is used to backup files , folders and system data from your on prem machines or Azure vm’s.
Note: The Primary method for backing up Azure VM’s is to use the Azure backup extension but if you want to backup specific folders/files then you install the MARS agent in azure VM’s
Things to know about MARS agent
- Azure backup for files and folders relies on the MARS agent be installed on your Windows client or Windows Server
- You can backup files and folders on windows vm’s or physical machines. Vm can be on prem or azure
- MARS does not require a sperate backup server
- Not application aware. You can restore files and folders from backups or volume level restore.
Things to Consider when using MARS agent
Several ways you can run the MARS agent:
- On prem direct backup
Run the MARS agent on the on prem windows machines to backup your data directly to the Recovery services vault. - Backup for specific Files and Folders
Run MARS agent on Azure VM to backup specific files and folders on your VM. The VM must run side by side with azure VM backup extension - Back up to MABS or system center DPM
Run the MARS agent on MABS instance or DPM server. Backup you machines and workloads to MABS or DPM by using the MARS agent to back up to a recovery service vault.
Azure MARS Backup scenarios
- Files and Folders
Protects windows files and folders - Volume level
Protects the entire windows volume - System level
Protect entire windows system state.
Azure MARS Recovery Scenarios
- Same server
- Alternative Server
Use MARS to backup on prem files and folder
The following steps need to be done to backup your on prem Files and folders.
Step 1 Create Recovery Services vault
The vault must be created within your azure subscription.
Step 2 : Download MARS agent and credential file
From backup center dashboard , the recovery service vault page provides a link t download the MARS agent.
- To complete the MARS installation you need to download the Vault credential file
Step 3: Install and register MARS agent
Download the credential file to register the agent
The MARS agent is installed on your local machine
Step: Configure backups
Now you can use the MARS agent to create a backup policy. You can schedule when to create the backup , what data to backup and how long too keep the backup items
Backup options for Virtual Machines
There are 4 options for backing up your virtual machines and they are Azure backup , Azure site recovery , Azure managed disks snapshot and Azure managed disk image.
Backup Option 1 for Virtual machines - Azure backup
Configuration scenarios
1. Back up azure VM’s running workloads
2. Create backups for both windows and Linux VM’S
Description
Azure backup takes a snapshot of your virtual machine and stores the data as recovery points in geo redundant recovery vaults.
When you restore your VM you have the choice t recover the entire vm or specific c files/folders.
Backup Option 2 for Virtual machines - Azure Site recovery
Configuration scenarios:
1. Recover specific applications
2. Replicate to azure region of your choice
Description
Protects your vm form major disaster scenario when an entire region experiences an outage.
Backup option 3 for virtual machines - Azure managed disks snapshots
- Backup your vm that use managed disks at any time
- Support development and test environments
-Azure managed disk snapshot is a read only full copy of a managed disk that’s stored as a standard managed disk by default.
- Independent from the source disk and can be used to create new managed disks
- Each snapshot is billed according to the actual sized used. You only billed on how much you use.
Backup option 4 for virtual machines - Azure managed disks Images
1.Create an image from a custom VHD in azure storage account or generalized vm
- Create hundreds of vm using the custom image without copying any storage account
Azure managed disks also supports creating a managed custom image. captures a single image that contains all managed disks associated with the vm
Things to consider when creating images vs snapshots
- Consider images
can use an image of a generalized vm thats been deallocated. This image will include all the disks that attached to the vm. - Consider snapshots
Is a copy of a disk at a point in time.
Only applies to 1 disk of the vm. So if there is multiple disks attached to the vm it will only take a snapshot of the one you taking a snapshot of.
Does not support snapshots of disks that are setup in striping etc. - Consider OS disk backups
if vm has one disk attached you can take a snapshot or image of the disk.
Create virtual machine snapshot in azure backup
Azure backup creates a snapshot for vm in 2 steps:
Step 1 . Take a snapshot of the vm data
Step 2 Transfer snapshot to azure recovery services vault
Things to know about snapshots and recovery points
- by default , Azure backup keeps snapshots for 2 days . Local retention reduces the time required to transform and copy data back to azure recovery services vault
- You can set the default retention value from one and five days
- Incremental snapshots are stored as azure page blobs
- Recovery points for a vm are available only after both steps of azure backup job is complete
- After a snapshot is taken , the recovery points are identified with snapshot recovery point type
- After the snapshot is transferred to recovery services vault the recovery point type changes to snapshot and vault
Things to consider when using snapshots and recovery points
- Consider recovery after step 1
- Consider disk type , sizing and pricing
Use disk sizes up to 32 TB. If using premium storage accounts you have up to 10 TB.
Azure backup doesn’t recommends resizing disks - Snapshot retention and cost savings
Configure how long your snapshots are kept.
If you set your retention to one day this can help save costs
Things to know about Recovery services vault
You are required to create an Azure recovery services vault in each Azure geographic region. As azure recovery services vault has to be paired with the same region as data source. so if you have multiple vms in different region you have to create a recovery service vault for each region.
- Stores backup data for different services such as IaaS vm for Linux and windows and SQL databases
- Supports DPM , windows server , MABS.
- can be used to back up your in prem vm’s , such as hyper v , vmware, system state and bare metal recovery
Steps to backup your VM’s
Step 1: Create a recovery services vault
The vault must be created within your subscription and the region you want to store the data.
- You need to specify how you want to replicate your storage either geo redundant ( Default) or locally redundant.
*GRS( Geo redundant storage) use if aure is the primary storage endpoint
*Locally Redundant (LRS) used if azure isn’t your primary backup storage endpoint , use to reduce your storage costs
Step 2 : define your backup policy options
Backup policy is where you can define:
1.when to take snapshots
2.how long to store the snapshots
3.Where you can specify to trigger a backup from 1 to 5 times per day
-Snapshots produce recovery points that are stored in the recovery services vault.
Step 3 : Back up your VM
In order to run the backup job , The azure extension requires your VM to be running the Microsoft Azure Virtual Machine agent.
*If the vm was created from azure gallery then the agents is installed by default
*If vm was migrated from on prem data center , you need to manually install the agent on your vm’s
Restore your VM’S
After the vm have been backed up the snapshots and recovery points are stored in the recovery services vault and can be accessed to restore your vm’s to a specific c point in time by using the recovery points.
- When a restore operation is triggered , azure backup creates a job to track the restore op
- Azure backup create a temporary notification display about the the restore op and can be monitored.
Implement system center DPM and Azure Backup server
MABS and DPM is another way to backup you vm’s.
They are used to backup specialized workloads , vm’s or files folders and volumes.
- Specialized workloads include data from SharePoint , Microsoft exchange and SQL server*.
Things to know about using system center DPM and MABS
- When you set up protection for DPM or MABS you have to:
- First backup to the MABS or DPM local disk for short term storage
- and then to azure online protection.
- Once that’s done you can specify when to run the backup to local DPM or MABS disk and then when to run the online backup to azure
2.To protect on prem machines , the DPM oir MABS needs to be installed on the on prem machines
- To protect your azure vm’s , the MABS instance must run as an azure vm in azure
- The DPM or MABS agent must be installed on each machine you want to protect
- Then the machines must be added to the DPM protection group
- When the backup is triggered the disks of the protected vm is backed up:
first to the local MABS or DPM disks and then they are backed up to the recovery services vault by the MARS agent running on the DPM or MABS instance
Things to consider when using DPM and MABS
- Optimized app aware backups
- Backups for on prem machines
- Flexibility and scheduling
- Consolidated management
MARS agent vs Azure backup server
1.MARS backup agent:
Benefits
-Back up files and folders on physical or vm machines running windows
-No backup server required
Limits
-no support for linux
-Backup triggered 3x per day
-not application aware
-File , folder and volume level only
-Backups stored in Azure recovery services vault
2.Azure backup agent
Benefits
-App aware snapshots
-Full flexibility for when backups are triggered
-Linux support on hyper v and vmware
-Backup and restore VMware virtual machines
-No system center license required
Limits
Always requires an active azure subscription
No backups for oracle workloads
no support for tape backup
Implement soft delete for vm’s
Soft delete allows for the recovery of data that has been modified or deleted
The data is available until 14 days after deletion.
Things to know about soft delete for backups
- Stop backup job
Before you can delete or retain data for vm , backup job must be stopped , once that is done you can delete or retain the data - Apply soft delete state
The data is retained for 14 days. - View soft delete in the vault
during the 14 day retention period the recovery services vault displays soft deleted vm by indicating it with a red icon. - undelete backup items
Before the data can be restored the data must be undeleted first - restore items
After the vm data has been undeleted it can then be restored - resume backups
Resume backup operation retrieves the backup item in the active state
Implement Azure site recovery
https://learn.microsoft.com/en-us/azure/site-recovery/concepts-network-security-group-with-site-recovery
https://learn.microsoft.com/en-us/azure/site-recovery/concepts-traffic-manager-with-site-recovery
https://learn.microsoft.com/en-us/azure/site-recovery/concepts-expressroute-with-site-recovery
Azure site recovery replicates workloads from primary site to a secondary location.
Things to know about site azure site recovery
- Replicate your vm from one region to another
- Replicate your on prem VMware machines , Hyper v , physical windows and linux servers and azure stack vm’s to azure.
- Replcate AWS windows imnstances to azure
- Replicate on prem VMware machines , Hyper V , Physical to a secondary site
Things to consider when using Site Recovery
- Consolidated management
setup and manage replication , failover and failback in one location - reduced costs and complexity
- Replication resilience
- Continues replication
- Snapshot recovery points
- Failover ad easy fall back
- Integration
