Skip to main content

The cloud has got your back(up): A primer on Azure Backup

 Azure backup offers a comprehensive cloud based  hybrid backup solution that enables backup of not only your Azure VMs, but your files, folders, applications etc both on prem and in Azure. This solution can be used to replace your chunky on-prem backup solutions,  tape drives , backup tapes and the likes. In this blog, I will give a brief overview of the Azure backup service, its advantages and scenarios that it can cater to currently

Service highlights:

Azure backup is offered as a complete backup as a service offering. Lets take a look at few highlights of the service

Cost effective

You need not own any backup infrastructure, say services , tools and devices to use this service. You can directly subscribe to the service and pay based on your usage. There are no additional compute charges involved in the service. You pay a fixed charge for each protected instance, and also for the storage that you consume in the cloud for storing your backup data. The egress traffic for restore is also free, in addition to the free ingress backup traffic to cloud. Only the first backup is full backup  The data being backed up from on prem and transferred to Azure is compressed before the transfer . This will reduce the storage space used in azure for storing the backup, thereby reducing the storage cost

Resilient

 It offers the flexibility of centralized backup operations management from the cloud. Since the backup is stored in the cloud, you can leverage its unlimited scale and high availability capabilities.The backed up data can be stored in either an locally redundant storage or a globally redundant storage. LRS will keep three copies of your data in a given location, and will be suitable for cost conscious customers. GRS , in addition to the 3 local copies will store 3 additional copies in a different geography. This provides additional resiliency incase of an Azure site level disaster

Secure

Ample emphasis is given on the security aspect as well while designing the service. The backup data is encrypted using a passphrase that will be available only locally. The data in transit and rest is encrypted. Only an administrator who possesses the passphrase can decrypt the data.

Consistent

The backup data can be application consistent, file consistent or crash consistent depending on your backup scenario . Application consistent backups in windows ensure that you need not do additional fixes in your application when you restore it. This greatly reduces the recovery time in case of a disaster. This makes use of VSS technology in windows. Since VSS is not present in Linux, backup of Linux machines will be file consistent. Crash consistent backups are those backups taken when your machine is shutdown

Long term retention

You can store the backup data in cloud for as long as 99 years!!


 Backup scenarios

When you sign up for azure backup service, you will first create a backup vault in the cloud. It is nothing but a storage space for your backup. You can choose LRS or GRS storage depending on your resiliency preferences. Azure backup makes use of different components in different backup scenarios. For eg, file and folder level backup needs a different tool than a VM level backup. Let us take a look at the different components of Azure backup


Azure backup agent

This is a standalone agent that can be installed for taking file, folder and volume level backup on a Windows OS. The machine can be physical or virtual and can reside either on-prem or in Azure. You can download the agent from the management interface of you backup service in Azure and install in target location. The agent should be registered with the vault using a vault credentials. Also a passphrase is created during the installation that will encrypt data in transit and at rest. You can restore the data to either the same machine or to a different machine. You will have to provide the passphrase to initiate the restore process

System center Data protection manager + Azure backup agent

System center DPM can work in conjunction with the Azure backup agent to backup your workload to Azure. It supports all major MS workloads like SQL, SharePoint, AD, Exchange etc in addition to file/folder backup and VM backups.This option is more suited for customers who already have an investment on system center suite of tools. They can install the backup agent in the DPM server and take backup of files, folders, VMs and applications to Azure. The DPM can be hosted either in on-prem or in Azure. It also supports VM level backup of Linux machines hosted in Hyper-V. It makes use of app aware VSS snapshots to ensure consistency of backed up data.


Azure backup server

This can be considered as a stripped down version of the DPM option. It provides all the functionality of DPM+ Backup agent, except the following
- It doesn't not need a system center integration
- Tape drive is not supported
- An azure backup subscription is required

Azure backup server supports pretty much all workloads supported by DPM. If you don't want to backup to cloud, you can even use it for an on-prem disk to disk protection. You can consider it a subscription based backup service where you are charged based on the number of protected instances. If you are backing up to cloud you will be charged for the cloud storage as well

Azure IaaS VM backup

This is very straight forward VM level backup of VMs that you host in Azure using the backup service. You can backup both Linux and Windows VMs using this service with no additional agent installation


That is Azure backup in a nutshell. You can refer the official Azure documentation here to understand more about each scenarios and the service capabilities

Keep watching this space for more articles on Azure!!!





Comments

Popular posts from this blog

Install nested KVM in VMware ESXi 5.1

In this blog, I will explain the steps required to run a nested KVM hypervisor on  Vmware ESXi. The installation of KVM is done on Ubuntu 13.10(64 bit). Note: It is assumed that you have already installed your Ubuntu 13.10 VM in ESXi, and hence we will not look into the Ubuntu installation part. 1) Upgrade VM Hardware version to 9. In my ESXi server, the default VM hardware version was 8. So I had to shutdown my VM and upgrade the Hardware version to 9 to get the KVM hypervisor working. You can right click the VM and select the Upgrade hardware option to do this. 2)In the ESXi host In /etc/vmware edit the 'config' file and add the following setting vhv.enable = "TRUE" 3)Edit the VM settings and go to VM settings > Options  > CPU/MMU Virtualization . Select the Intel EPT option 4) Go to Options->CPUID mask> Advanced-> Level 1, add the following CPU mask level ECX  ---- ---- ---- ---- ---- ---- --H- ---- 5) Open the vmx

Windows server 2012: where is my start button??

If you have been using Windows Server OS for a while, the one thing that will strike you most when you login to a Windows server 2012 is that there is no start button!!.. What??..How am I going to manage it?? Microsoft feels that you really dont need a start button, since you can do almost everything from your server  manager or even remotely from your desktop. After all the initial configurations are done, you could also do away with the GUI and go back to server core option.(In server 2012, there is an option to add and remove GUI). So does that mean, you need to learn to live without a start button. Actually no, the start button is very much there .Lets start looking for it. Option 1: There is "charms" bar on the side of your deskop, where you will find a "start" option. You can use the "Windows +C" shortcut to pop out the charms bar Option 2: There is a hidden "start area"in  the bottom left corner of your desktop

Virtual fibre channel in Hyper V

Virtual fibre channel option in Hyper V allows the connection to pass through from physical  fibre channel HBA to virtual fibre channel HBA, and still have the flexibilities like live migration. Pre-requisites: VM should be running Windows Server 2008, 2008 R2 or Windows Server 2012 Supported physical HBA with N_Port Virtualization(NPIV) enabled in the HBA. This can be enabled using any management utility provided by the SAN manufacturer. If you need to enable live migration, each host should be having two physical HBAs and each HBA should have two World Wide Names(WWN). WWN is used to established connectivity to FC storage.When you perform migration, the second node can use the second WWN to connect to the storage and then the first node can release its connection. Thereby the storage connectivity is maintained during live migration Configuring virtual fibre channel is a two step process Step 1: Create a Virtual SAN in the Hyper-V host First you need to click on Virtual