Share via


Setup Virtual machine Backup in Azure DevOps CI/CD Pipeline using PowerShell

Introduction

Sometimes, for some reasons you need to setup a Windows or Linux Virtual Machine backup in Azure infrastructure using an Azure DevOps pipeline !
The following procedure is going to help you to setup the Azure backup using a PowerShell script in Azure Recovery Services using a DevOps CI/CD approach !

The core components of the procedure are as follows

  • Azure DevOps Pipeline with PowerShell Task@5 something like shown below
- task: AzurePowerShell@5
  inputs:
    azureSubscription: 'Visual Studio Enterprise Subscription(<sub id>)'
    ScriptType: 'FilePath'
    ScriptPath: './azbackup.ps1'
    errorActionPreference: 'continue'
    azurePowerShellVersion: 'LatestVersion'
  • PowerShell script covering the following tasks
    • Set of variable are defined at the beginning of the code to change conveniently
    • Registering the Azure Recovery Service provider in the subscription
    • Creating Azure Recovery Service Vault and setting Vault context, Redundancy settings. If the vault name already exists, the code will skip the creation of the vault and applying the settings
    • Checking for a valid Backup Policy and create it if doesn’t exists. The backup policy is defined as follows and you may change it as per your preference/time zone etc.:

  • Applying the BackupProtection policy to the VM
    • The first initial backup job creates a full recovery point.
    • After the initial backup, each backup job creates incremental recovery points.
    • Incremental recovery points are storage and time-efficient, as they only transfer changes made since the last backup.
  • A container in Recovery Services vault will hold the VM backup data. We need to retrieve the container in PowerShell code. Virtual machine back up is considered as an “item” by the backup process. PowerShell code also retrieves the so called $Item to backup the virtual machine
  • And finally, the code manages to start backup with the command – Backup-AzRecoveryServicesBackupItem -Item $Item

Following section describes the minutes steps to setup the DevOps Pipeline, attach the code to the pipeline, start the initial job, monitor the job completion and see how it works in the schedule we set in the policy

Setup DevOps Pipeline

  • Create a new project in your Azure DevOps portal similar to the following screenshot

  • Create a Service Connection to connect your Azure infrastructure (Click ‘Project Settings at the bottom left corner of the page and select Service connections from the pop up menu)

  • Create your first service connection by clicking Create Service connection button

  • Select Azure Resource Manager

  • Select ‘Service Principal (automatic) option

  • Create a service connection with the following similar parameters

Setup Repository

I have setup a GitHub repo for the purpose of this procedure. The repo contains a PowerShell script, azbackup.ps1. You can copy the full script and create your own repo with the PowerShell script from the below link

Link to the GitHub repo

  • Click ‘Repos‘ in DevOps console and click ‘Import’ button to import
  • Import the repository with the following settings. clone URL is – https://github.com/clouditspace/azbackup.git

  • When the import is successful, you can see the repo as below. You will also get notified about the new repo import. You may edit the code from the repo itself to trigger a CD automatically

Create DevOps CI/CD Pipeline

  • Click ‘Pipelines’ in DevOps console and click create pipeline to create the first pipeline of the project
  • Select ‘Azure Repos Git’ from the Where is your Code? page and select the repository name in the next page
  • In Configure your pipeline page, select ‘Starter Pipeline’. We can customize the pipeline in next page
  • Review your pipeline YAML file showed in the next page and need some customization so that the pipeline can authorize and run PowerShell queries to create the resources and start backup process
  • Make sure that your mouse cursor is pointing at the end of the YAML pipeline code
  • Expand ‘Show Assistant’ at the right side of the page.
  • From the Tasks list, select ‘Azure PowerShell’
  • Fill your azure subscription from the dropdown and click ‘Authorize’
  • Type the script path as ./azbackup.ps1, which is the path of PowerShell Script in the repository. Select the Error Action preference as ‘Silently Continue and azure PowerShell Version as the ‘Latest version installed’
  • Finally click ‘Add button to add the code to the YAML pipeline so that it adds the following task also in the code

  • As of now, just save the pipeline (Select Save from the dropdown menu of Save and Run button)
  • Before start running the pipeline, review the PowerShell scrip for the changes needed as per your azure infrastructure. Following variable names at the beginning of the PowerShell code should be changed in accordance with your azure infrastructure
    • $RG = ‘TF’ #Resource Group Name
    • $Location = ‘eastus’
    • $RSVault = ‘Vault1’
    • $Redundancy = ‘LocallyRedundant’ #LocallyRedundant/GeoRedundant
    • $Time = ‘5:00’ #Preferred Time to start Backup
    • $Duration = ‘365’ #Duration of Backup
    • $PolicyName = ‘BackupPolicy’
    • $VMName = ‘azbackuptest’
    • $BackupName = ‘azbackuptest-backup’
    • $WorkLoadType = “AzureVM“

Run your first CI/CD Pipeline

  • Now, you are ready to start the pipeline to start the backup of first VM in this experiment
  • Go to the Pipelines created and click Run Pipeline to start the first run. Keep the default settings showed in the window opened and click Run
  • Open the Job started in the ‘Pipelines’ and you will see a similar popup as below asking for granting the permission to access the resources in the subscription. Click view button and ‘Permit’ the access

  • The Job will start triggering and check the progress as below

  • Monitor the progress until you see it comes success at the end of the progress screen as below. Examine the detailed logging to see if the code worked as expected.

  • Now it is the time to see the status of the backup job started at the Azure portal
    • Check the vault created and open the vault blade
    • Open the Backup Tab in the Overview page and see the progress of the backup just initiated

  • Open the ‘In Progress’ link to check it further something as below to explore the status further

As a final note

  • The backup settings were applied successfully to the virtual machine
  • Check the backup schedule of the VM and see the policy we applied
  • Monitor the job during the next schedule set. Note Microsoft statement on expected backup delay from the scheduled backup time explained here

Hope, the above procedure will help you to setup Azure Backup of Windows/Linux virtual machines in Azure infrastructure. As the procedure follows a DevOps CI/DC approach using PowerShell script, you can easily customize for your similar requirements