<h1 id="preparingazureforvirtualmachinerestore">Preparing Azure for Virtual Machine restore</h1> <hr /> <p>CloudBerry Backup can restore Image Based and Virtual Machine backups to Azure. To do that, your Azure environment must be configured properly. If you do not have configured a Resource Group, a Storage account, an Azure Virtual Network, a Storage Container and a Network Security Group, you should follow the steps below before restoring a Virtual Machine.</p> <h2 id="1createaresourcegroup">1. Create a Resource Group</h2> <p>Resource groups enable you to manage all your resources in an application together.</p> <p>1.1 Go to Azure Portal. Click "Create a resource". Search for Resource Group and select it in the results. Click "Create" button.</p> <p>1.2 Specify the Resource group name. Select subscription and Resource group location.</p> <div class="hint hint-info"><i class="el-icon-info"></i> <p>For faster upload and download connection, you should select the closest location. You can check latency location on <a href="http://azurespeedtest.azurewebsites.net/">http://azurespeedtest.azurewebsites.net/</a>.</p></div> <p><img src="/content/images/cbe9bded-1f46-4360-9c26-3bb9c7dc8576.png" alt="" /></p> <h2 id="2createastorageaccountandcontainertostorerestoredvmhdd">2. Create a Storage Account and Container to store restored VM HDD.</h2> <p>Azure Storage is a service that you can use to store unstructured and partially structured data. IT professionals who deploy Azure virtual machines rely on Azure Storage for storing virtual machine operating system and data disks.</p> <p>Blobs typically represent unstructured files such as media content, virtual machine disks, backups, or logs. There are three types of blobs. </p> <ul> <li><p><em>block blob</em> is optimized for sequential access, which is ideal for media content. </p></li> <li><p><em>page blob</em> offers superior random access capabilities, which is only suited for virtual machine disks.</p></li> <li><p><em>append blob</em> applies to data append operations, without the need to modify existing content. This works best with logging and auditing activities.</p></li> </ul> <p>Find out more information about Azure storage: <a href="https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blobs-introduction">https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blobs-introduction</a></p> <p><strong>Recommended storage configuration:</strong></p> <p>{% hint style="success" %} VM HDD container:</p> <ul> <li>Deployment model: Resource manager or Classic</li> <li>Account Kind: StorageV1 or StorageV2</li> <li>Replication: LRS, GRS, RA-GRS</li> <li>Performance: Standard or Premium</li> <li>Access tear: Hot {% endhint %}</li> </ul> <div class="hint hint-success"><i class="el-icon-success"></i> <p>Boot diagnostic storage (if required):</p></div> <ul> <li>Deployment model: Resource manager or Classic</li> <li>Account Kind: StorageV1 or StorageV2</li> <li>Replication: LRS, GRS, ZRS, RA-GRS</li> <li>Performance: Standard</li> <li>Access tear: Hot</li> </ul> <p>2.1 To create a new Storage Account open your Resource Group. Click +Add. Search for Storage Account and select it in the results. Click "Create" button. Specify options according to your requirements and recommended storage configuration. Click <strong>Create</strong>. </p> <p><img src="/content/images/36822326-58f4-43f6-803e-48e6cdca9a23.png" alt="" /></p> <p>Next, you need to create a container to store your VM in blobs. A container organizes a set of blobs, similar to a folder in a file system. All blobs reside within a container. A storage account can contain an unlimited number of containers, and a container can store an unlimited number of blobs. Note that the container's name must be in lowercase.</p> <p>2.2 Open your Resource Group → Your Storage account → Blob Service. Click +Container to add new container. Specify container name and click <strong>OK</strong>.</p> <p><img src="/content/images/4faaa3da-f82a-4f37-a1ee-972cef98b20d.png" alt="" /></p> <h2 id="3createavirtualnetworkwithcorrectsubnet">3. Create a Virtual Network with correct Subnet.</h2> <p>If you use Static IP addresses in your backed up Virtual Machine, you should use similar or the same subnet in the Azure Virtual Network. In this case, you will able to connect to your restored VM through Internet. </p> <div class="hint hint-info"><i class="el-icon-info"></i> <p>Please note that Azure reserves first three IP addresses in a subnet for internal usage.</p></div> <p>3.1 Go to target Resource Group. Click "Add" button. Search for Virtual Network and select it in the results. Click Create.</p> <p><img src="/content/images/f4274c69-a0e1-47dd-a201-6ef1a707c328.png" alt="" /></p> <p>3.2 Specify Virtual Network settings and click Create.</p> <p><img src="/content/images/c256168d-1807-4709-be7d-bed4e7314f61.png" alt="" /></p> <h2 id="4createanetworksecuritygroup">4. Create a Network Security Group</h2> <p>For security reasons, we strongly recommend you to create a Network Security Group and associate it with a Subnet. You can allow incoming connection to management TCP ports like 22 or 3389 in the <em>Inbound security rules</em> tab.</p> <p>4.1 Open your Resource Group and click <em>+Add</em> button. Search for Network Security Group and select it in the results. Click <strong>Create</strong>.</p> <p><img src="/content/images/742af8d9-4b75-4b52-8ffe-7036012ebb9d.png" alt="" /></p> <p>4.2 Specify Network Security Group settings and click Create.</p> <p><img src="/content/images/71a8f094-ce71-496e-8a14-c73cebd3485b.png" alt="" /></p> <p>4.3 Open created Network Security Group and go to Inbound Security Rules which is part of the Settings group.</p> <p><img src="/content/images/3f6fa6e3-765c-4209-bca1-782bf6211d4f.png" alt="" /></p> <p>4.4 Click <strong>+Add</strong> button to add new security rule. Click <strong>Basic</strong>. Enter 22 in the Port ranges and name as SSH. Click <strong>Add</strong> to add a new security rule.</p> <p><img src="/content/images/9caae747-e76e-4b1e-86bf-ac203e4f5f2a.png" alt="" /></p> <p>Add as many inbound security rules as you need to allow access to services hosted on the VM. </p> <div class="hint hint-info"><i class="el-icon-info"></i> <p>There are several common ports which you should allow access to.</p></div> <p><img src="/content/images/e26a9eea-96c6-4a1e-a024-51b97c4d6bb0.png" alt="" /></p> <h2 id="5associatenetworksecuritygroupwithasubnet">5. Associate Network Security Group with a subnet</h2> <p>5.1 When all required rules are added, you need to associate Network Security Group with previously created subnet. Click <strong>Subnets</strong> in the Settings group.</p> <p><img src="/content/images/460e6d1c-f5cf-4d37-b21f-3351a01d702b.png" alt="" /></p> <p>5.2 Click "Associate" button. Select the Virtual Network and the Subnet and click OK.</p> <p><img src="/content/images/3b85ea2f-7980-4d97-8b85-451a86721044.png" alt="" /></p> <h2 id="6enablingserialconsole">6. Enabling Serial Console</h2> <p>For testing or troubleshooting purposes, we recommend you enable Serial Console in your Linux or Windows Machine. You will be able to configure and troubleshoot your Azure VM in the command line in Azure Portal. </p> <p>Find out more in the links below.</p> <p>Linux VM - <a href="https://docs.microsoft.com/en-us/azure/virtual-machines/linux/serial-console#accessing-serial-console-for-linux">Accessing serial console for Linux</a>.</p> <p>Windows VM - <a href="https://docs.microsoft.com/en-us/azure/virtual-machines/troubleshooting/serial-console-windows">Virtual Machine Serial Console</a></p>