The first part of this series was aimed at getting a Veeam Backup & Replication Azure VM up and running from the Azure Marketplace using Azure PowerShell. A really quick and easy way to spin the system up.
The use case we are talking about is the ability to recover your backups from maybe on premises up into Microsoft Azure.
I was asked “what about AWS?” and yes of course if you are using the capacity tier option within Veeam Backup & Replication on premises and you are using the copy mode function to land a copy of your backups on AWS S3 or IBM Cloud or any S3 Compatible storage then there could be possible synergies in doing this in AWS, why I chose Microsoft Azure was simply because there is an Azure Marketplace offering we can take advantage of.
If you would like to see a similar series with AWS then let me know either on twitter or in the comments below. This will involve a different way of automating the provisioning of a Windows OS and the installation of Veeam Backup & Replication, but not too hard as we already have this functionality using Terraform & CHEF but only for vSphere but the code can be changed to work with AWS and really any platform that requires this functionality.
Veeam Configuration
As I said if you followed Part 1 of this series then you will have your Veeam server now running in Azure with no Veeam configuration.
In order for us to automate the direct restore process we need to provide some details in the script which i will share in stages and in full at the end of the post. But as a high level we need to
Add Azure Storage Account
Import Backups
Add Azure Compute Account
Then we will take those backups and run the Direct Restore to Microsoft Azure on the appropriate backups in a converted state ready to be powered on, or you can choose to power them on as part of this script process.
Firstly we need to add the Veeam snap in and connect to the local Veeam Backup & Replication Server, depending on where you run this script you will need to change the appropriate localhost below to the relevant DNS or IP Address. It is my recommendation that this is done on the server itself, but I am exploring how this PowerShell script could be hosted on your network and not publicly and used that way to fill in the secure details.
Add-PSSnapin VeeamPSSnapin
#Connects to Veeam backup server.
Connect-VBRServer -server "localhost"
Next we will add the Microsoft Azure Compute Account, this command will prompt you to login and authenticate into Microsoft Azure. I use MFA so this was the only way I could find to achieve this.
#Add Azure Compute Account
Add-VBRAzureAccount -Region Global
Next we will add the storage account, You will need to update the script with the requirements below.
Access Key – this will be based on a storage account that you have already created and you will need the long access key for authentication.
Azure Blob Account – this is the name of the storage blob account you have previously created. This is the same blob account and process that you used for adding Microsoft Azure Blob Storage to Veeam Backup & Replication on premises.
#Add Azure Storage Account
$accesskey = "ADD AZURE ACCESS KEY"
$blob1 = Add-VBRAzureBlobAccount -Name "AZUREBLOBACCOUT" -SharedKey $accesskey
Now we need to add our capacity tier, this is where you have been sending those backups.
#Add Capacity Tier (Microsoft Azure Blob Storage) Repository
$account = Get-VBRAzureBlobAccount -Name "AZUREBLOBACCOUNT"
$connect = Connect-VBRAzureBlobService -Account $account -RegionType Global -ServiceType CapacityTier
$container = Get-VBRAzureBlobContainer -Connection $connect | where {$_.name -eq 'AZURECONTAINER'}
$folder = Get-VBRAzureBlobFolder -Container $container -Connection $connect
The next part to adding capacity tier is important and I have also added this into the script, this repository needs to be added with exactly the same name that you have in your production Veeam Backup & Replication.
#The name needs to be exactly the same as you find in your production Veeam Backup & Replication server
$repositoryname = "REPOSITORYNAME"
Add-VBRAzureBlobRepository -AzureBlobFolder $folder -Connection $connect -Name $repositoryname
Next we need to import and rescan those backups that are in the Azure Blob Storage.
#Import backups from Capacity Tier Repository
$repository = Get-VBRObjectStorageRepository -Name $repositoryname
Mount-VBRObjectStorageRepository -Repository $repository
Rescan-VBREntity -AllRepositories
Now if you are using encryption then you will need the following commands instead of the one above.
#if you have used an encryption key then configure this section
$key = Get-VBREncryptionKey -Description "Object Storage Key"
Mount-VBRObjectStorageRepository -Repository $repository -EncryptionKey $key
At this point if we were to jump into the Veeam Backup & Replication console we would see our Storage and Compute accounts added to the Cloud Credential Manager, we would see the Microsoft Azure Blob Storage container added to our backup repositories and on the home screen you will see the object storage (imported) which is where you will also see the bakcups that reside there.
Next we need to create the variables in order to start our Direct Restore scenarios to Microsoft Azure.
A lot of the variables are quite self explanatory, but as a brief overview you will need to change the following to suit your backups.
VMBACKUPNAME = Which VM is it you want to restore
AZURECOMPUTEACCOUNT = this is the Azure Compute Account you added to Veeam Backup & Replication at the beginning of the script.
SUBSCRIPTIONNAME = you may have multiple subscriptions on one Azure compute account pick the appropriate one here.
STORAGEACCOUNTFORRESTOREDMACHINE = we are going to be converting that backup to your Azure Storage Group
REGION = Which Azure region would you like this to be restored to
$vmsize = this is where you will define what size Azure VM you wish to use here. In this example Basic_A0 is being used, you can change this to suit your workload.
AZURENETWORK = define the Azure Virtual Network you wish this converted machine to live.
SUBNET = Which subnet should the machine live
AZURERESOURCEGROUP = the Azure Resource Group you wish the VM to live
NAMEFORRESTOREDMACHINEINAZURE = Maybe a different naming conversion but this is what you wish to call your machine in Azure.
#This next section will enable you to automate the Direct Restore to Microsoft Azure
$restorepoint = Get-VBRRestorePoint -Name "VMBACKUPNAME" | Sort-Object $_.creationtime -Descending | Select -First 1
$account = Get-VBRAzureAccount -Type ResourceManager -Name "AZURECOMPUTEACCOUNT"
$subscription = Get-VBRAzureSubscription -Account $account -name "SUBSCRIPTIONNAME"
$storageaccount = Get-VBRAzureStorageAccount -Subscription $subscription -Name "STORAGEACCOUNTFORRESTOREDMACHINE"
$location = Get-VBRAzureLocation -Subscription $subscription -Name "REGION"
$vmsize = Get-VBRAzureVMSize -Subscription $subscription -Location $location -Name Basic_A0
$network = Get-VBRAzureVirtualNetwork -Subscription $subscription -Name "AZURENETWORK"
$subnet = Get-VBRAzureVirtualNetworkSubnet -Network $network -Name "SUBNET"
$resourcegroup = Get-VBRAzureResourceGroup -Subscription $subscription -Name "AZURERESOURCEGROUP"
$RestoredVMName1 = "NAMEOFRESTOREDMACHINEINAZURE"
Now we have everything added to Veeam Backup & Replication, We have all the variables for our machines that we wish to convert and recover to Microsoft Azure VMs. Next is to start the restore process.
Start-VBRVMRestoreToAzure -RestorePoint $restorepoint -Subscription $subscription -StorageAccount $storageaccount -VmSize $vmsize -VirtualNetwork $network -VirtualSubnet $subnet -ResourceGroup $resourcegroup -VmName $RestoredVMName1 -Reason "Automated DR to the Cloud Testing"
The full script can be found here
#This script will automate the configuration steps of adding the following steps
#Add Azure Compute Account
#Add Azure Storage Account
#Add Capacity Tier (Microsoft Azure Blob Storage) Repository
#Import backups from Capacity Tier Repository
#This will then enable you to perform Direct Restore to Azure the image based backups you require.
Add-PSSnapin VeeamPSSnapin
#Connects to Veeam backup server.
Connect-VBRServer -server "localhost"
#Add Azure Compute Account
#Need to think of a better way to run this as this will close down PowerShell when installing
msiexec.exe /I "C:\Program Files\Veeam\Backup and Replication\Console\azure-powershell.5.1.1.msi"
Add-VBRAzureAccount -Region Global
#Add Azure Storage Account
$accesskey = "ADD AZURE ACCESS KEY"
$blob1 = Add-VBRAzureBlobAccount -Name "AZUREBLOBACCOUT" -SharedKey $accesskey
#Add Capacity Tier (Microsoft Azure Blob Storage) Repository
$account = Get-VBRAzureBlobAccount -Name "AZUREBLOBACCOUNT"
$connect = Connect-VBRAzureBlobService -Account $account -RegionType Global -ServiceType CapacityTier
$container = Get-VBRAzureBlobContainer -Connection $connect | where {$_.name -eq 'AZURECONTAINER'}
$folder = Get-VBRAzureBlobFolder -Container $container -Connection $connect
#The name needs to be exactly the same as you find in your production Veeam Backup & Replication server
$repositoryname = "REPOSITORYNAME"
Add-VBRAzureBlobRepository -AzureBlobFolder $folder -Connection $connect -Name $repositoryname
#Import backups from Capacity Tier Repository
$repository = Get-VBRObjectStorageRepository -Name $repositoryname
Mount-VBRObjectStorageRepository -Repository $repository
Rescan-VBREntity -AllRepositories
#if you have used an encryption key then configure this section
#$key = Get-VBREncryptionKey -Description "Object Storage Key"
#Mount-VBRObjectStorageRepository -Repository $repository -EncryptionKey $key
#This next section will enable you to automate the Direct Restore to Microsoft Azure
$restorepoint = Get-VBRRestorePoint -Name "VMBACKUPNAME" | Sort-Object $_.creationtime -Descending | Select -First 1
$account = Get-VBRAzureAccount -Type ResourceManager -Name "AZURECOMPUTEACCOUNT"
$subscription = Get-VBRAzureSubscription -Account $account -name "SUBSCRIPTIONNAME"
$storageaccount = Get-VBRAzureStorageAccount -Subscription $subscription -Name "STORAGEACCOUNTFORRESTOREDMACHINE"
$location = Get-VBRAzureLocation -Subscription $subscription -Name "REGION"
$vmsize = Get-VBRAzureVMSize -Subscription $subscription -Location $location -Name Basic_A0
$network = Get-VBRAzureVirtualNetwork -Subscription $subscription -Name "AZURENETWORK"
$subnet = Get-VBRAzureVirtualNetworkSubnet -Network $network -Name "SUBNET"
$resourcegroup = Get-VBRAzureResourceGroup -Subscription $subscription -Name "AZURERESOURCEGROUP"
$RestoredVMName1 = "NAMEOFRESTOREDMACHINEINAZURE"
Start-VBRVMRestoreToAzure -RestorePoint $restorepoint -Subscription $subscription -StorageAccount $storageaccount -VmSize $vmsize -VirtualNetwork $network -VirtualSubnet $subnet -ResourceGroup $resourcegroup -VmName $RestoredVMName1 -Reason "Automated DR to the Cloud Testing"
Feedback is key on this one and would love to make this work better and faster. Feedback welcome below in the comments as well as getting hold of me on Twitter.