Today, I am going to show you how to configure Veeam Backup for Microsoft Azure 1.0 with auto create service account.
1.Open web browser, type the Veeam Backup for Microsoft Azure URL, the URL consists of a public IPv4 address or DNS hostname of the Microsoft Azure VM where Veeam Backup for Microsoft Azure is installed, if you still not installed it, you can reference my previously post.
2.On the Veeam Backup for Microsoft Azure sign in page, type username and password, click Login.
3.On the License Agreement page, select I accept the terms of the Veeam License Agreement and I accept the terms of the 3rd party components license agreement, click Accept.
4.On the Welcome page, select Accounts.
5.On the Azure Account page, click Add.
6.On the Account Info page, type the service account name in Name field, in my case is VBA service account, click Next.
Veeam Backup for Microsoft Azure uses a Microsoft Azure service account to get access to Microsoft Azure resources such as subscriptions, resource groups, storage accounts, and so on configured in your Azure environment.
- You can add only one Microsoft Azure service account to the Veeam Backup for Microsoft Azure backup infrastructure.
- Due to technical limitations, a service account grants access to subscriptions from the default tenant only (that is, a tenant where the controller server is deployed). Subscriptions that are owned by other tenants will not be available. To use such subscriptions, you can use Azure LightHouse.
7.On the Service Account Type page, select Create service account automatically, click Next.
If you would like to use Specify existing service account, please verify the required permissions as below link.
8.On the Logon to Microsoft Azure page, click Copy code to clipboard.
9.On the Logon to Microsoft Azure page, click https://microsoft.com/devicelogin
10.On the Microsoft Enter code page, paste the code, click Next.
11.On the Pick an account page, select the Azure user account, the user account that you use to log in to the Azure portal has either the User Access Administrator or Owner role.
12.On the Enter password page, type the Azure user password, click Sign in.
13.Verify you have signed in to the Microsoft Azure Cross-platform Command Line Interface application, close the window.
14.On the Logon to Microsoft Azure page, verify you are authenticated to Microsoft Azure as the Azure user, click Next.
15.On the Service Provider page, if you are a service provider, you can add your Azure AD application to the selected Microsoft Azure Active Directory group. You may want to add an AD application to a group, in my case, I am not a service provider, keep the settings as default, click Next.
16.On the Summary page, verify the settings, click Finish.
17.On the Veeam Backup for Microsoft Azure page, select Repositories.
18.I created a storage account and container when I installed Veeam Backup for Microsoft Azure, if you didn’t create it, you can follow my previously post to create it. https://carysun.com/how-to-install-veeam-backup-for-microsoft-azure-1-0/
19.On the Repositories page, click Add.
20.On the Repository Name page, type the repository name in Name field, in my case is Veeam Backup Azure Blob, click Next.
21.On the Cloud Account page, select the VBA service account as Azure account, click Next.
22.On the Storage Account page, select the storage account which I created for Veeam Backup for Microsoft Azure, click Next.
23.On the Container page, select the container which I created for Veeam Backup for Microsoft Azure, click Next.
24.On the Folder page, select Create new folder, type the folder name in the field, in my case is VBA, click Next.
25.On the Settings page, select Enable encryption, type the password in Password field and Repeat password field, click Next.
26.On the Summary page, verify settings, click Next.
27.On the Confirmation page, click Go to Sessions.
28.On the Session Log page, click Create Repository, verify the session status are success, click Close.
29.On the Veeam Backup for Microsoft Azure page, click Configuration.
30.On the Configuration page, select Workers. Workers are auxiliary Linux-based machines deployed by Veeam Backup for Microsoft Azure for the scaling purposes and transfer fee reduction.
- Each worker can process data of only one VM at a time. That said, if your backup policy contains 10 VMs, Veeam Backup for Microsoft Azure can deploy up to 10 additional workers; each worker will be responsible for processing data of a single VM.When using a default worker configuration which, by default, can have only up to 5 workers that can run concurrently, processing of only 5 VMs at a time is possible; other VMs (if any) will be queued.
Each worker has idle time (10 minutes) and after this time expires, Veeam Backup for Microsoft Azure automatically removes such a worker from the resource group.
31.On the Workers Configuration page, click Add.
32.On the VM Configuration page, configure settings for the Region and size, Number of workers instance, click Next.
Region and size
- Region: Select the Region which to deploy new workers, in my case is West US 2. Veeam Backup for Microsoft Azure can deploy workers to the region of the target Azure storage account only
- VM Size: By default, Veeam Backup for Microsoft Azure selects the optimal VM size for workers.
Number of workers instances
- Min: Specify the number of workers that Veeam Backup for Microsoft Azure must deploy in advance so backup and restore operations to/from backup repositories can be executed immediately, without waiting for a worker to be created, I will use the default value.
- MAX: Specify the maximum allowed number of workers that Veeam Backup for Microsoft Azure can deploy and use concurrently during backup/restore to/from backup repositories. I will use the default value.
33.On the Network Settings page, configure settings as below, click Next.
- Virtual Network: Select a network to which to deploy new workers. You can also create a new network, the virtual network must have peering relationships with the network in which Veeam Backup for Microsoft Azure is deployed. It is also recommended to configure a service endpoint (routing) to the Azure storage service. In my case is GDMCAVnet2.
- Subnet: Select a subnet of the select network. In my case is FrontEnd.
- Network Security Group: select a network security group. In my case is LABVBAURE01-NSG
If you don’t know how to create new Virtual Network at Azure, please follow my previously post to create it. https://carysun.com/configuring-cisco-meraki-to-azure-site-to-site-vpn-tunnels-ikev2-azure-cisco-meraki/
34.On the Summary page, verify settings, click Finish.
35.On the Workers Configuration page, verify status of the new Worker.
If it happened error, click the error and verify the status, click Check again after fix issues.
In my case, it happened the service Endpoint error because I didn’t add any Endpoint services when create the Virtual Network subnet at Azure, it fixed after I add Microsoft.Storage as service endpoint.
36.On the Workers page, click Exist Configuration.
37.On the Veeam Backup for Microsoft Azure page, select Policies.
38.On the Policies page, click Add.
39.On the Policy Name, type Backup VMs in the Name field, click Next.
40.On the Directory page, select Azure Active Directory that contains resources that you can back up, click Next.
41.On the Regions page, click Add.
42.On the Regions page, select the Region(s), click Add.
43.On the Regions page, click Next.
44.On the Specify Resources page, select Protect the following resources, click Add, select Virtual Machines.
45.On the Virtual Machines page, select the virtual machine (s), click Add.
46.On the Specify Resources page, click Next.
47.On the Exclude Resources page, click Next.
48.On the Snapshot Settings page, select Create snapshots, select your number of restore point and schedule, click Next. If you only want the policy to create image-level backups, leave this check box cleared and proceed to the next step of the wizard.
49.On the Backup Settings page, Select Enable Backups, click Select at Backup Repository.
50.On the Choose Repository page, select the repository, click Apply.
51.On the Backup Settings page, configure Retention duration and schedule, click Next.
- Retention duration: Specify the number of days to store restore points in a backup chain. If a restore point is older than the specified limit, Veeam Backup for Microsoft Azure removes it from the backup chain.
- Schedule: Configure a schedule to create backups automatically at the specified time.
52.On the Cost Estimation page, verify the cost estimation per month, click Next.
53.On the Policy Settings page, configure Schedule and Notifications settings, click Next.
- Select Automatic retry.
- Retry failed job: Specify the maximum number of retry attempts.
54.On the Summary page, verify settings, click Finish.
55.On the Policy page, verify the new Backup VMs policy created, it will run backup schedule as your settings.
56.On the Session Log page, you can check the Policy Backup session status and log when it’s running.
57.On the Protected Data page, verify the restore points after backup completed.
Hope you enjoy this post.
Web Site: carysun.com
Blog Site: checkyourlogs.net
Blog Site: gooddealmart.com
Author: Cary Sun
Cary Sun is an Principal Consultant, He has a strong background specializing in datacenter and deployment solutions, and has spent over 20 years in the planning, design, and implementation of network technologies and Management and system integration.He hold CISCO CERTIFIED INTERNETWORK EXPERT (CCIE No.4531) from 1997.Cary is also a Microsoft Most Valuable Professional (MVP) and Cisco Champion, He is a published author with serveral titles, include blogs on Checkyourlogs.net, author for many books. Specialties: CCIE /CCNA / MCSE / MCITP / MCTS / MCSA / Solution Expert / CCA