Create VMware Data Protection Group Microsoft Azure Backup Server

0

We have already taken a look at provisioning Microsoft Azure Backup Server as well as connecting MABS to VMware vCenter Server to begin protecting our VMware virtual machines. However, we have another step we need to accomplish before we can begin protecting our VMware virtual machines – creating a protection group. By creating the protection group, we tell Microsoft Azure Backup Server which resources we want to have protected and in which ways we would like to protect them. Let’s take a closer look at the topic – Create VMware Data Protection Group Microsoft Azure Backup Server – looking at data protection groups and how we actually go about setting this up to backup VMware virtual machines with Microsoft Azure Backup Server.

What are Microsoft Azure Backup Server Data Protection Groups?

To begin with, let’s talk about what a Data Protection Group is, in the context of Microsoft Azure Backup Server.  The Protection Group methodology comes from the System Center Data Protection Manager (DPM) ecosystem which Microsoft Azure Backup Server borrows from.  By Microsoft’s definition, “protection groups are a collection of data sources that share the same protection configuration.  Protection works by:

  • DPM creating a replica of the selected data sources on the DPM server
  • DPM synchronizes the replica with the data sources and creates recovery points on a recurring schedule
  • Backups are performed as:
    • DPM storing the replica copy of the data on disks and periodic full backups are created on disk
    • DPM periodically synchronizes the backup data to the Azure Backup cloud

For the VMware Data Protection Group, this will be the resource in vCenter that we want to protect.  The cool thing about Microsoft Azure Backup Server is that it allows us to pick either single VMs, multiple VMs, or VM folders that can easily allow grouping VMs based on the folder structure that you may already have configured in vCenter.

Proper planning needs to go into the Protection group.  A few things that Microsoft recommends regarding Protection Groups:

  • Decide how you want to group resources
  • Where will the data be stored?
  • How much storage is required?
  • How is data to be recovered from the protection group

Now that we have a general understanding of what a Protection Group is, let’s see how we can create a protection group that will protect our VMware vSphere resources.

Create VMware Data Protection Group Microsoft Azure Backup Server

After launching the Microsoft Azure Backup Server console, in the lower left-hand corner, click the Protection menu.

Click-on-the-protection-menu-to-create-the-Protection-Groups Create VMware Data Protection Group Microsoft Azure Backup Server

Click on the protection menu to create the Protection Groups

Once in the Protection view, click the New icon to create a new data protection group.

Click-the-new-folder-icon-to-get-started-creating-a-new-Microsoft-Azure-Backup-Server-Protection-Group Create VMware Data Protection Group Microsoft Azure Backup Server

Click the new folder icon to get started creating a new Microsoft Azure Backup Server Protection Group

The New Protection Group Wizard launches.

The-new-protection-group-wizard-begins Create VMware Data Protection Group Microsoft Azure Backup Server

The new protection group wizard begins

Choose the Data Protection Group type.  For protecting VMware vCenter, we choose the Servers option.

Click-the-Servers-Protection-Group-Type Create VMware Data Protection Group Microsoft Azure Backup Server

Click the Servers Protection Group Type

The Select Group Members screen allows selecting objects in vCenter Server from the Datacenter object, folders, and even individual virtual machines.  So, you can get very granular in the data protection group.

Selecting-the-Protection-Group-Members Create VMware Data Protection Group Microsoft Azure Backup Server

Selecting the Protection Group Members

When we get to the Select Data Protection Method screen, here we name the data protection group and select both on-premise (disk) backups as well as Online protection options if we want, which copies data to Microsoft Azure.

Microsoft-Azure-Backup-Server-Select-Data-Protection-Method Create VMware Data Protection Group Microsoft Azure Backup Server

Microsoft Azure Backup Server Select Data Protection Method

Short-term goals screen allows defining the on-premise retention policy with regards to restore points.  You can also click the Modify button to configure the Express Full Backup options.

Specify-Microsoft-Azure-Backup-Server-Short-term-goals Create VMware Data Protection Group Microsoft Azure Backup Server

Specify Microsoft Azure Backup Server Short term goals

When you click to modify the express full backup options, you can select the schedule that you prefer for the express full backup process.  This is a resource intensive process that you will most likely want to schedule during off peak hours.

Configure-the-Express-Full-Backup-Settings Create VMware Data Protection Group Microsoft Azure Backup Server

Configure the Express Full Backup Settings

An important consideration for the data protection group, is the backup storage.  Below, you see we have the target storage selected in the drop down box.

Select-the-target-storage-for-the-Data-Protection-Group-in-Microsoft-Azure-Backup-Server Create VMware Data Protection Group Microsoft Azure Backup Server

Select the target storage for the Data Protection Group in Microsoft Azure Backup Server

How do you want to seed the data into storage?  We can select either over the network or via removable media that serves as a seed drive.

Configure-the-initial-replica-copy-configuration-settings Create VMware Data Protection Group Microsoft Azure Backup Server

Configure the initial replica copy configuration settings

The consistency check options screen allows defining what triggers a consistency check.  Default is to Run a consistency check if a replica becomes inconsistent.  You can also schedule these to run during scheduled intervals.

Configure-consistency-check-options Create VMware Data Protection Group Microsoft Azure Backup Server

Configure consistency check options

One of the important screens to pay attention to – the Specify Online Backup Schedule.  With Microsoft Azure Backup Server, we can select (2) different backup copy schedules to copy data to Azure.  These can be specified as every Day, Week, Month, or Year.  The first dropdown box is the first slot and the second is the next slot.

Specify-Microsoft-Azure-Backup-Server-Online-backup-schedule Create VMware Data Protection Group Microsoft Azure Backup Server

Specify Microsoft Azure Backup Server Online backup schedule

The online retention policy defines the various online retention policy restore points we want to hold in the Azure backup cloud.  Below are the default settings that are configured during setup.

Specify-online-retention-policy-for-Microsoft-Azure-Backup-Server-Azure-replicas Create VMware Data Protection Group Microsoft Azure Backup Server

Specify online retention policy for Microsoft Azure Backup Server Azure replicas

Especially important is considering how to copy backups to the Azure cloud.  Most may want to do this over the network.  However, these can also be seeded with an offline backup.

Choose-how-data-is-copied-to-Microsoft-Azure Create VMware Data Protection Group Microsoft Azure Backup Server

Choose how data is copied to Microsoft Azure

Finally, we see a summary of the chosen configuration options to review.  Click the Create Group button to create the data protection group.

Summary-of-Data-Protection-Creation-options-selected Create VMware Data Protection Group Microsoft Azure Backup Server

Summary of Data Protection Creation options selected

We should see the status is successful for the tasks to create the data protection group.

VMware-Data-Protection-Group-creation-is-successful Create VMware Data Protection Group Microsoft Azure Backup Server

VMware Data Protection Group creation is successful

After the backups have synchronized, the Protection Status will show as a “green checkmark” and an OK status in the main protection screen view.

Checking-the-protection-status-of-the-new-Data-Protection-Group Create VMware Data Protection Group Microsoft Azure Backup Server

Checking the protection status of the new Data Protection Group

Takeaways

I found the Data Protection Group creation process to be very intuitive and easy to accomplish both from an on-premise backup and Azure backup perspective alike.  There are plenty of options to tweak during the creation process for the backups to disk and to the cloud.  Keep in mind you only get two configurable options for Azure copies so it isn’t an “all the time” sync to the Azure cloud which some may want/need.  However, it certainly helps to cover the bases when thinking about an offsite backup copy provision that allows helping to satisfy the 3-2-1 backup rule.