S
sdolgin
In the dynamic world of cloud computing, time is often a critical factor, especially when it comes to recovering from disasters like ransomware attacks or rolling back after a problematic security update. Imagine waking up to find your entire set of Azure VMs compromised by ransomware or discovering that a recent security update has left your systems inoperable. The clock starts ticking, and the longer it takes to restore your VMs, the greater the impact on your business.
Azure Backup is a robust solution for protecting your Azure VMs, providing peace of mind with its ability to create and manage backup policies, configure backup schedules, and perform reliable restores. However, the features available for Azure Backup in the Portal UI today only allow the restoration of individual VMs one at a time. Restoring many VMs manually through the Azure Portal can be extremely time-consuming and inefficient, especially when you need to restore an entire set of VMs quickly.
Azure Backup offers extensive features for protecting your VMs:
Despite these powerful features, there is always room for improvement. For now, there is currently no functionality in the Azure Portal to batch restore multiple VMs simultaneously. This limitation becomes a bottleneck in scenarios where speed and efficiency are paramount.
To address this gap, we turn to PowerShell scripting, a versatile and powerful tool for managing Azure resources. Microsoft's Az PowerShell module provides a comprehensive suite of cmdlets to automate and manage Azure tasks, including VM backups and restores.
Here's a practical approach: a PowerShell script that enables the parallel restoration of multiple VMs from Azure Backup. This script leverages Az.RecoveryServices to streamline the recovery process, significantly reducing the time required to get your systems back online.
Below is a summary of how one example script works. You can find the full example here.
By using this script, you can dramatically reduce the time required to restore multiple VMs, enhancing your ability to recover from critical incidents swiftly.
In this post, we've discussed the limitations in the Azure Portal for handling multiple VM restores and introduced a practical workaround using PowerShell scripting. This solution enables you to restore your VMs in parallel, significantly cutting down recovery time and minimizing business disruption.
We encourage you to modify the sample script, try it out in your test environment and see the benefits for yourself. Your feedback is invaluable, so please share your experiences and let us know your thoughts on this approach. Together, we can continue to improve and innovate in the realm of Azure Business Continuity.
Happy scripting, and may your recoveries be swift and seamless!
Continue reading...
The Problem
Azure Backup is a robust solution for protecting your Azure VMs, providing peace of mind with its ability to create and manage backup policies, configure backup schedules, and perform reliable restores. However, the features available for Azure Backup in the Portal UI today only allow the restoration of individual VMs one at a time. Restoring many VMs manually through the Azure Portal can be extremely time-consuming and inefficient, especially when you need to restore an entire set of VMs quickly.
Native Capabilities of Azure Backup
Azure Backup offers extensive features for protecting your VMs:
- Automated backup schedules and retention policies - A backup policy can protect multiple Azure VMs consisting of a schedule (daily/weekly) and retention (daily, weekly, monthly, yearly).
- Cross-region restore capabilities – Allows you to restore data in a secondary, Azure paired region. This can be useful to conduct BCDR drills or if there’s a disaster in the primary region.
- Ransomware protection – Features such as irreversible soft-delete, immutable storage and multi-user authorization can be set at the vault level to safeguard backup data.
Despite these powerful features, there is always room for improvement. For now, there is currently no functionality in the Azure Portal to batch restore multiple VMs simultaneously. This limitation becomes a bottleneck in scenarios where speed and efficiency are paramount.
Az PowerShell Module – A Good Solution
To address this gap, we turn to PowerShell scripting, a versatile and powerful tool for managing Azure resources. Microsoft's Az PowerShell module provides a comprehensive suite of cmdlets to automate and manage Azure tasks, including VM backups and restores.
Here's a practical approach: a PowerShell script that enables the parallel restoration of multiple VMs from Azure Backup. This script leverages Az.RecoveryServices to streamline the recovery process, significantly reducing the time required to get your systems back online.
Sample PowerShell Script
Below is a summary of how one example script works. You can find the full example here.
- Define Variables:
The script starts by defining the necessary variables, including the resource group, recovery services vault, and cache storage account.
Code:$resourceGroup = "rg-webservers" $recoveryServicesVault = "rsv-vmbackup" $cacheStorageAccount = "unique626872" $cacheStorageAccountResourceGroup = "rg-webservers" - Get the Vault and Backup Container:
It then retrieves the Recovery Services Vault and Backup Container containing multiple VMs that need to be restored in parallel.
Code:$vault = Get-AzRecoveryServicesVault -ResourceGroupName $resourceGroup -Name $recoveryServicesVault $container = Get-AzRecoveryServicesBackupContainer -ContainerType "AzureVM" -VaultId $vault.ID - Loop Through the Backup Items:
The script iterates over each backup item in the container, performing a shutdown and kicking off an in-place restore from the latest recovery points.
Code:foreach ($item in $container) { # Get the Backup Item from the Vault $backupItem = Get-AzRecoveryServicesBackupItem -BackupManagementType "AzureVM" -WorkloadType "AzureVM" -VaultId $vault.ID -Name $item.Name # Get the resource group & VM name for this backupItem $vmResourceGroup = $backupItem.VirtualMachineId.Split('/')[4] $vmName = $backupItem.VirtualMachineId.Split('/')[8] # Shut down the protected VM before restoring it Stop-AzVM -ResourceGroupName $vmResourceGroup -Name $vmName -Force -SkipShutdown -NoWait # Get the latest recovery point for the backup item from the last 7 days $recoveryPoints = Get-AzRecoveryServicesBackupRecoveryPoint -Item $backupItem -VaultId $vault.ID -StartDate (Get-Date).AddDays(-7).ToUniversalTime() -EndDate (Get-Date).ToUniversalTime() # Restore the Azure VM from the latest recovery point to the original location (replace the source VM) $OriginalLocationRestoreJob = Restore-AzRecoveryServicesBackupItem -RecoveryPoint $recoveryPoints[0] -StorageAccountName $cacheStorageAccount -StorageAccountResourceGroupName $cacheStorageAccountResourceGroup -VaultId $vault.ID -VaultLocation $vault.Location }
By using this script, you can dramatically reduce the time required to restore multiple VMs, enhancing your ability to recover from critical incidents swiftly.
Conclusion
In this post, we've discussed the limitations in the Azure Portal for handling multiple VM restores and introduced a practical workaround using PowerShell scripting. This solution enables you to restore your VMs in parallel, significantly cutting down recovery time and minimizing business disruption.
We encourage you to modify the sample script, try it out in your test environment and see the benefits for yourself. Your feedback is invaluable, so please share your experiences and let us know your thoughts on this approach. Together, we can continue to improve and innovate in the realm of Azure Business Continuity.
Call to Action
- Modify the sample script and try it out in your test environment for parallel VM restoration.
- Share your feedback and experiences with us.
- Stay tuned for more tips and tricks on maximizing your Azure capabilities.
Happy scripting, and may your recoveries be swift and seamless!
Continue reading...