19 backup.pdf - Table of Contents Overview What is Azure...

  • No School
  • AA 1
  • darylpillay
  • 437

This preview shows page 1 out of 437 pages.

Unformatted text preview: Table of Contents Overview What is Azure Backup? Get started Back up files and folders Back up Azure virtual machines Protect Azure VMs FAQ How to Automate Backup using PowerShell Azure VMs in Azure portal Azure VMs in classic portal DPM in Azure portal DPM in classic portal Windows Server in Azure portal Windows Server in classic portal Back up application workloads Prepare DPM workloads in Azure portal Prepare DPM workloads in classic portal Prepare Azure Backup Server workloads in Azure portal Prepare Azure Backup Server workloads in classic portal Use System Center DPM to back up Exchange server Recover data in the Backup vault to an alternate DPM server Use DPM to back up SQL Server workloads Use DPM to back up a SharePoint farm Recovery Services vault - FAQ Back up Azure VMs Prepare Azure virtual machines Prepare Resource Manager-deployed virtual machines Plan VM backup infrastructure Back up Azure virtual machines to Backup vault Back up Azure virtual machines to a Recovery Services vault Back up and restore encrypted virtual machines Manage and monitor Azure VM backups in classic portal Manage Azure VM backups in Azure portal Monitor alerts for Azure VM backups in Azure portal Restore virtual machines in Azure Restore Resource Manager-deployed VMs in Azure portal Back up Windows machines Windows Server using the classic deployment model Windows Server using the Resource Manager deployment model Manage Backup vaults using the classic deployment model Monitor and manage Recovery Services vaults Recover files to a Windows Server using Resource Manager deployment model Recover files to a Windows Server using the classic deployment model Delete an Azure Backup vault Configure offline-backup Use Azure Backup to replace your tape infrastructure Troubleshoot Azure VM backup problems in Azure portal Azure VM backup problems in classic portal Azure VM Backup fails: Could not communicate with the VM agent for snapshot status - Snapshot VM sub task timed out Slow backup of files and folders in Azure Backup Resources Pricing MSDN forum Videos Service updates What is Azure Backup? 11/22/2016 • 15 min to read • Edit on GitHub Contributors Markgal • Theano Petersen • Kim Whitlatch (Beyondsoft Corporation) • Tyson Nevil • Trinadh Kotturu • Jim-Parker • MarkDeichmiller • Aashish Ramdas Azure Backup is the Azure-based service you can use to back up (or protect) and restore your data in the Microsoft cloud. Azure Backup replaces your existing on-premises or off-site backup solution with a cloud-based solution that is reliable, secure, and cost-competitive. Azure Backup offers multiple components that you download and deploy on the appropriate computer, server, or in the cloud. The component, or agent, that you deploy depends on what you want to protect. All Azure Backup components (no matter whether you're protecting data on-premises or in the cloud) can be used to back up data to a Backup vault in Azure. See the Azure Backup components table (later in this article) for information about which component to use to protect specific data, applications, or workloads. Watch a video overview of Azure Backup Why use Azure Backup? Traditional backup solutions have evolved to treat the cloud as an endpoint, or static storage destination, similar to disks or tape. While this approach is simple, it is limited and doesn't take full advantage of an underlying cloud platform, which translates to an expensive, inefficient solution. Other solutions are expensive because you end up paying for the wrong type of storage, or storage that you don't need. Other solutions are often inefficient because they don't offer you the type or amount of storage you need, or administrative tasks require too much time. In contrast, Azure Backup delivers these key benefits: Autom atic storage m anagem ent - Hybrid environments often require heterogeneous storage - some onpremises and some in the cloud. With Azure Backup, there is no cost for using on-premises storage devices. Azure Backup automatically allocates and manages backup storage, and it uses a pay-as-you-use model. Pay-as-you-use means that you only pay for the storage that you consume. For more information, see the Azure pricing article. Unlim ited scaling - Azure Backup uses the underlying power and unlimited scale of the Azure cloud to deliver high-availability - with no maintenance or monitoring overhead. You can set up alerts to provide information about events, but you don't need to worry about high-availability for your data in the cloud. Multiple storage options - An aspect of high-availability is storage replication. Azure Backup offers two types of replication: locally-redundant storage and geo-replicated storage. Choose the backup storage option based on need: Locally redundant storage (LRS) replicates your data three times (it creates three copies of your data) in a paired datacenter in the same region. LRS is a low-cost option and is ideal for price-conscious customers because it protects data against local hardware failures. Geo-replication storage (GRS) replicates your data to a secondary region (hundreds of miles away from the primary location of the source data). GRS costs more than LRS, but it provides a higher level of durability for your data, even if there is a regional outage. Unlim ited data transfer - Azure Backup does not limit the amount of inbound or outbound data you transfer. Azure Backup also does not charge for the data that is transferred. However, if you use the Azure Import/Export service to import large amounts of data, there is a cost associated with inbound data. For more information about this cost, see Offline-backup workflow in Azure Backup. Outbound data refers to data transferred from a Backup vault during a restore operation. Data encryption - Data encryption allows for secure transmission and storage of your data in the public cloud. You store the encryption passphrase locally, and it is never transmitted or stored in Azure. If it is necessary to restore any of the data, only you have encryption passphrase, or key. Application-consistent backup - Whether backing up a file server, virtual machine, or SQL database, you need to know that a recovery point has all required data to restore the backup copy. Azure Backup provides applicationconsistent backups, which ensured additional fixes are not needed to restore the data. Restoring application consistent data reduces the restoration time, allowing you to quickly return to a running state. Long-term retention - Back up data to Azure for 99 years. Instead of switching backup copies from disk to tape, and then moving the tape to an off-site location for long-term storage, you can use Azure for short-term and longterm retention. Which Azure Backup components should I use? If you aren't sure which Azure Backup component works for your needs, see the following table for information about what you can protect with each component. The Azure portal provides a wizard, which is built into the portal, to guide you through choosing the component to download and deploy. The wizard, which is part of the Recovery Services vault creation, leads you through the steps for selecting a backup goal, and choosing the data or application to protect. WHAT IS PROTECTED? WHERE ARE BACKUPS STORED? COMPONENT BENEFITS LIMITS Azure Backup (MARS) agent Back up files and folders on physical or virtual Windows OS (VMs can be onpremises or in Azure) No separate backup server required. Backup 3x per day Not application aware; file, folder, and volume-level restore only, No support for Linux. Files, Folders Azure Backup vault System Center DPM App aware snapshots (VSS) Full flexibility for when to take backups Recovery granularity (all) Can use Azure Backup vault Linux support (if hosted on Hyper-V) Protect VMware VMs using DPM 2012 R2 Does not support Oracle workload back up. Files, Folders, Volumes, VMs, Applications, Workloads Azure Backup vault, Locally attached disk, Tape (on-premises only) COMPONENT BENEFITS LIMITS WHAT IS PROTECTED? Azure Backup Server App aware snapshots (VSS) Full flexibility for when to take backups Recovery granularity (all) Can use Azure Backup vault Linux support (if hosted on Hyper-V) Does not require a System Center license Lack of heterogeneous support (VMware VM back up, Oracle workload back up). Always requires live Azure subscription No support for tape backup Files, Folders, Volumes, VMs, Applications, Workloads Azure IaaS VM Backup Native backups for Windows/Linux No specific agent installation required Fabric-level backup with no backup infrastructure needed Back up VMs oncea-day Restore VMs only at disk level Cannot back up on-premises VMs, All disks (using PowerShell) WHERE ARE BACKUPS STORED? Azure Backup vault, Locally attached disk Azure Backup vault What are the deployment scenarios for each component? COMPONENT CAN BE DEPLOYED IN AZURE? CAN BE DEPLOYED ONPREMISES? TARGET STORAGE SUPPORTED Azure Backup (MARS) agent Yes Yes Azure Backup vault The Azure Backup agent can be deployed on any Windows Server VM that runs in Azure. The Backup agent can be deployed on any Windows Server VM or physical machine. Yes Yes Locally attached disk, Learn more about how to protect workloads in Azure by using System Center DPM. Learn more about how to protect workloads and VMs in your datacenter. Azure Backup vault, Yes Yes Locally attached disk, Learn more about how to protect workloads in Azure by using Azure Backup Server. Learn more about how to protect workloads in Azure by using Azure Backup Server. Azure Backup vault Yes No Azure Backup vault Part of Azure fabric Use System Center DPM to back up virtual machines in your datacenter. System Center DPM Azure Backup Server Azure IaaS VM Backup Specialized for backup of Azure infrastructure as a service (IaaS) virtual machines. tape (on-premises only) Which applications and workloads can be backed up? The following table provides a matrix of the data and workloads that can be protected using Azure Backup. The Azure Backup solution column has links to the deployment documentation for that solution. Each Azure Backup component can be deployed in a Classic (Service Manager-deployment) or Resource Manager-deployment model environment. IMPORTANT Before you work with Azure resources, get familiar with the deployment models: Resource Manager, and classic. DATA OR WORKLOAD SOURCE ENVIRONMENT AZURE BACKUP SOLUTION Files and folders Windows Server Azure Backup agent, System Center DPM (+ the Azure Backup agent), Azure Backup Server (includes the Azure Backup agent) Files and folders Windows computer Azure Backup agent, System Center DPM (+ the Azure Backup agent), Azure Backup Server (includes the Azure Backup agent) Hyper-V virtual machine (Windows) Windows Server System Center DPM (+ the Azure Backup agent), Azure Backup Server (includes the Azure Backup agent) Hyper-V virtual machine (Linux) Windows Server System Center DPM (+ the Azure Backup agent), Azure Backup Server (includes the Azure Backup agent) Microsoft SQL Server Windows Server System Center DPM (+ the Azure Backup agent), Azure Backup Server (includes the Azure Backup agent) Microsoft SharePoint Windows Server System Center DPM (+ the Azure Backup agent), Azure Backup Server (includes the Azure Backup agent) DATA OR WORKLOAD SOURCE ENVIRONMENT AZURE BACKUP SOLUTION Microsoft Exchange Windows Server System Center DPM (+ the Azure Backup agent), Azure Backup Server (includes the Azure Backup agent) Azure IaaS VMs (Windows) running in Azure Azure Backup (VM extension) Azure IaaS VMs (Linux) running in Azure Azure Backup (VM extension) Linux support The following table shows the Azure Backup components that have support for Linux. COMPONENT LINUX (AZURE ENDORSED) SUPPORT Azure Backup (MARS) agent No (Only Windows based agent) System Center DPM File-consistent backup on Hyper-V only (not available for Azure VM) Azure Backup Server File-consistent backup on Hyper-V only (not available for Azure VM) Azure IaaS VM Backup Yes Using Premium Storage VMs with Azure Backup Azure Backup protects Premium Storage VMs. Azure Premium Storage is solid-state drive (SSD)-based storage designed to support I/O-intensive workloads. Premium Storage is attractive for virtual machine (VM) workloads. For more information about Premium Storage, see the article, Premium Storage: High-Performance Storage for Azure Virtual Machine Workloads Back up Premium Storage VMs While backing up Premium Storage VMs, the Backup service creates a temporary staging location in the Premium Storage account. The staging location, named "AzureBackup-", is equal to the total data size of the premium disks attached to the VM. NOTE Do not modify or edit the staging location. Once the backup job finishes, the staging location is deleted. The price of storage used for the staging location is consistent with all Premium storage pricing. Restore Premium Storage VMs Premium Storage VMs can be restored to either Premium Storage or to normal storage. Restoring a Premium Storage VM recovery point back to Premium Storage is the typical process of restoration. However, it can be cost effective to restore a Premium Storage VM recovery point to standard storage. This type of restoration can be used if you need a subset of files from the VM. What are the features of each Backup component? The following sections provide tables that summarize the availability or support of various features in each Azure Backup component. See the information following each table for additional support or details. Storage FEATURE AZURE BACKUP AGENT SYSTEM CENTER DPM AZURE BACKUP SERVER AZURE IAAS VM BACKUP Azure Backup vault Disk storage Tape storage Compression (in Backup vault) Incremental backup Disk deduplication The Backup vault is the preferred storage target across all components. System Center DPM and Azure Backup Server also provide the option to have a local disk copy. However, only System Center DPM provides the option to write data to a tape storage device. Compression Backups are compressed to reduce the required storage space. The only component that does not use compression is the VM extension. The VM extension copies all backup data from your storage account to the Backup vault in the same region. No compression is used when transferring the data. Transferring the data without compression slightly inflates the storage used. However, storing the data without compression allows for faster restoration, should you need that recovery point. Incremental backup Every component supports incremental backup regardless of the target storage (disk, tape, backup vault). Incremental backup ensures that backups are storage and time efficient, by transferring only those changes made since the last backup. Disk Deduplication You can take advantage of deduplication when you deploy System Center DPM or Azure Backup Server on a Hyper-V virtual machine. Windows Server performs data deduplication (at the host level) on virtual hard disks (VHDs) that are attached to the virtual machine as backup storage. NOTE Deduplication is not available in Azure for any Backup component. When System Center DPM and Backup Server are deployed in Azure, the storage disks attached to the VM cannot be deduplicated. Security FEATURE AZURE BACKUP AGENT SYSTEM CENTER DPM AZURE BACKUP SERVER AZURE IAAS VM BACKUP Network security (to Azure) Data security (in Azure) Network security All backup traffic from your servers to the Backup vault is encrypted using Advanced Encryption Standard 256. The backup data is sent over a secure HTTPS link. The backup data is also stored in the Backup vault in encrypted form. Only you, the Azure customer, have the passphrase to unlock this data. Microsoft cannot decrypt the backup data at any point. WARNING Once you establish the Backup vault, only you have access to the encryption key. Microsoft never maintains a copy of your encryption key, and does not have access to the key. If the key is misplaced, Microsoft cannot recover the backup data. Data security Backing up Azure VMs requires setting up encryption within the virtual machine. Use BitLocker on Windows virtual machines and dm -crypt on Linux virtual machines. Azure Backup does not automatically encrypt backup data that comes through this path. Network FEATURE AZURE BACKUP AGENT SYSTEM CENTER DPM AZURE BACKUP SERVER TCP TCP HTTPS HTTPS AZURE IAAS VM BACKUP Network compression (to backup server ) Network compression (to backup vault ) Network protocol (to backup server ) Network protocol (to backup vault ) HTTPS HTTPS The VM extension (on the IaaS VM) reads the data directly from the Azure storage account over the storage network, so it is not necessary to compress this traffic. If you are backing up your data to a System Center DPM or Azure Backup Server, compress data going from the primary server to the backup server. Compressing the data prior to backing it up to DPM or Azure Backup Server saves bandwidth. Network Throttling The Azure Backup agent offers network throttling, which allows you to control how network bandwidth is used during data transfer. Throttling can be helpful if you need to back up data during work hours but do not want the backup process to interfere with other internet traffic. Throttling for data transfer applies to back up and restore activities. Backup and retention AZURE BACKUP AGENT SYSTEM CENTER DPM AZURE BACKUP SERVER AZURE IAAS VM BACKUP Backup frequency (to Backup vault) Three backups per day Two backups per day Two backups per day One backup per day Backup frequency (to disk) Not applicable Every 15 minutes for SQL Server Every hour for other workloads Every 15 minutes for SQL Server Every hour for other workloads Not applicable Retention options Daily, weekly, monthly, yearly Daily, weekly, monthly, yearly Daily, weekly, monthly, yearly Daily, weekly, monthly, yearly Retention period Up to 99 years Up to 99 years Up to 99 years Up to 99 years Recovery points in Backup vault Unlimited Unlimited Unlimited Unlimited Recovery points on local disk Not applicable 64 for File Servers, 448 for Application Servers 64 for File Servers, 448 for Application Servers Not applicable Recovery points on tape Not applicable Unlimited Not applicable Not applicable What is the vault credential file? The vault credentials file is a certificate generated by the portal for each Backup vault. The portal then uploads the public key to the Access Control Service (ACS). The private key is provided to you when downloading the credentials. Use it to register the computers you protect. The private key is what allows you to authenticate the servers or computers to send backup data to a particular Backup vault. You only use the vault credential to register the servers or computers. However, take care with the vault credentials, if it is lost or obtained by others, the vault credentials can be used to register other machines against the same vault. Since the backup data is encrypted using a passphrase, that only you can access, existing backup data cannot be compromised. Vault credentials expire after 48 hours. While you can download the Backup vault's vault credentials as often as you like, only the latest credentials can be used for registration. How does Azure Backup differ from Azure Site Recovery? Azure Backup and Azure Site Recovery are related in that both services back up data and can restore that data, but their core value propositions are different. Azure Backup protects data on-premises and in the cloud. Azure Site Recovery coordinates virtual-machine and physical-server replication, failover, and failback. Both services are important because your disaster recovery solution needs to keep your data safe and recoverable (Backup) and keep your workloads available (Site Recovery) when outages occur. The following concepts can help you make important decisions around backup and disaster recovery. CONCEPT DETAILS BACKUP DISASTER RECO...
View Full Document

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture