What is next after protecting your Azure VM Backup?
It is very important to take regular backups of Azure VM to safeguard your Azure VM against any disaster. How to ensure your backup data is intact and the backup job finished correctly ?. There is always regular restore of your backup data is a must to verify the backup data integrity. Provided the backup data should be stored in more than one place geographically to ensure a higher degree of availability.
In this blog, we are going to describe how to restore an Azure VM, and also a replication of backup data source into another region by means of enabling Site Recovery for Azure Recovery Services vault.
Restoring Azure VM
Login to Azure portal, select Azure Backup Center → Manage → Backup instances → Restore
This will initiate the restore process for the Azure VM which was backed up.
Provide data source type as “ Azure Virtual Machines “ and select the Azure VM backup you want to restore. Click Proceed to the Next step.
Since the selected data source type is maintained in Recovery Services Vault, you will be redirected to Recovery services vaults for restore on the next screen.
On the next screen, you will be prompted to select the restore point. You may choose the restore point by selecting the Start & End Date and the recovery point type. Usually, you may require to choose the latest restore point. There are three types of restore points listed.
- Crash consistent restore points
- Application consistent restore points
- File System consistent restore points
Choose “All restore points” and select the latest restore point ( depends on your requirement it may vary for different use cases ) to restore, and click OK
Now, you will be asked to restore the VM either create a new VM or replace the existing VM. We are selecting a new VM, hence a new VM will be created with a new name. Alternatively, you can restore only the disks.
Provide Resource group, Virtual network, and Subnet details. When you create a new VM, the VM will be placed in the storage account you specify, and is called staging location. This storage account should be in the same subscription and location as vault, non-ZRS, active, and not attached to any affinity group. This storage account will be used as a temporary location during restore. You need to create a new storage account for this purpose.
Select All services → Storage Accounts → Create Storage Account
Select default values for Networking, Data protection, Advanced, and Tags tabs. Click the create button after the validation process finished. You will get a deployment complete notification after a storage account is created.
Coming back to the Azure VM restore page, you will be able to select the staging location, which is the storage account we created ( in our case the storage account is vembudemostroage )
Click Restore to proceed. You can view the restore progress in the Monitoring + reporting tab, under Backup jobs.
Click the Refresh button until you get the status “Completed” Verify the restored VM in Virtual Machines under All services. Your restored VM is also listed in the available VMs as shown below.
Enabling Site Recovery for Azure VM
By enabling Site Recovery for the Azure VM you created, you will provide an additional protection facility along with your Azure VM backup. Also, you are storing your backup data into another geo-redundant location to safeguard your backup data sources against disaster on your existing vault location.
Login to your Azure portal. Choose All services → Virtual Machines.
Choose the Azure Virtual Machine you created ( in our case the Name of the Virtual Machine is LinuxDemo ), and choose “Disaster Recovery” under the Operations category. In this page, you need to provide the target region, where your desired VM should be replicated. Here we selected the Central US region as the target region, so the LinuxDemo VM will be replicated to the Central US region datacenter.
Click Next for Advanced settings
On this page, you can configure storage, replication, and extension settings. Also, a new resource group and virtual network will be automatically created for you.
For storage, an existing cache storage account will be used and 1 replica managed disk(s) will be created automatically. For replication, an existing recovery services vault and replication policy will be used. For extension, Site Recovery manages site recovery extension updates for all your replicated items. For these three configurations, a default setting will be used, or otherwise, you can specify a new configuration setting for each one, by clicking the + sign near to each one.
Click Next to review and start the replication process. Click “Start replication” You will get the notification for all actions in the notification bar on the top right of the screen. There you will see a notification “Enabling replication for 1 VM(s)”, on clicking this you will get a detailed description of the replication operation for various stages. Once replication is completed you can verify the status of the replication on the virtual machine properties. This can be accessed on Disaster Recovery under Operations. There you can check the replication health as “Healthy”
Verifying Test failover & Enabling replication
You could also initiate a “Test failover” to verify the integrity of the replicated VM. Click “Test Failover on the above page to initiate failover. This will show the below actions and verify the status successfully to complete the test failover.
After confirming the test failover, you could delete the test failover virtual machines, to avoid unnecessary space-occupying due to test failover VM space. Click the cleanup test failover to initiate this process. In case, if you don’t want to continue you could also disable replication on the same page. Both processes are highlighted in the red box in the picture below.
Note: Disabling replication will remove the replicated item from Azure Site Recovery. The replication configuration on the source will not be cleaned up. Site Recovery billing for the machine will stop. The user has to provide a valid reason before disabling replication.
Initiating Site Recovery on Recovery Services Vault.
You could also initiate Site Recovery on recovery services vaults you created for backup jobs.
Site Recovery supports four different infrastructure scenarios, as given below
- Azure virtual machines – Protect your Azure virtual machines for disaster recovery by replicating to another Azure region.
- VMware machines to Azure – Protect your VMware virtual machines for disaster recovery by replicating to Azure.
- Hyper-V machines to Azure – Protect your Hyper-V virtual machines for disaster recovery by replicating to Azure.
- Protect your Hyper-V machines by replicating to another Hyper-V site – Note that this configuration of replicating between Hyper-V sites will not be supported by Azure Site Recovery after February 2023
Consideration on deleting backup data & Recovery services vault
In case, if you don’t want to continue to backup to the created vault, you could stop the backup, and initiate deleting the backup data. All the deleted backup data is retained in a soft delete state. They are available for 13 days from the day of a delete operation, later they are permanently deleted. So if you want to delete the created Recovery Services vault, Recovery Services vault cannot be deleted as there are backup items in the soft-deleted state in the vault. The soft-deleted items are permanently deleted after 14 days of the delete operation. Please try vault deletion after the backup items are permanently deleted and there is no item in the soft-deleted state left in the vault. After 14 days, you could initiate the delete operation, and on the confirmation, you could delete the vault too.
The Azure Backup service provides simple, secure, and cost-effective solutions to back up your data periodically and recover it from the Microsoft Azure cloud in no time. For any Azure administrator & Backup administrator in an organization, along with Azure backup service, other additional services such as Azure Site recovery services and Failover services provide 100 % business continuity and securing his Azure data sources against any disaster.