Automating Disaster Recovery in Azure with PowerShell - Marcin Gastol
15765
post-template-default,single,single-post,postid-15765,single-format-standard,bridge-core-3.0.7,bridge,qode-page-transition-enabled,ajax_fade,page_not_loaded,,qode-title-hidden,qode-child-theme-ver-1.0.0,qode-theme-ver-29.4,qode-theme-bridge,qode_header_in_grid,wpb-js-composer js-comp-ver-6.10.0,vc_responsive

06 Oct Automating Disaster Recovery in Azure with PowerShell

Posted at 20:25h in Azure, Uncategorized by
0 Likes

Intro

Let’s be honest -disasters happen. Whether it’s accidental deletion, system failure, or malicious attacks, the real challenge is how prepared you are to bounce back. That’s where disaster recovery (DR) comes in and if you’re deploying cloud infrastructure, you need to have it nailed down from day one. Azure makes it easier to build disaster recovery into your environment, but how do you ensure that it’s seamlessly integrated into your Infrastructure as Code (IaC) approach? The answer is PowerShell.

In this post, I’ll break down how you can automate disaster recovery in Azure using PowerShell, ensuring that your backup and recovery strategies are baked into your IaC deployments. That way, when things go sideways (and at some point, they will), you’re not scrambling to figure out a backup plan – you’re already prepared.

Why Automate Disaster Recovery?

Proactive, not reactive—that’s the essence of disaster recovery. If you’re manually configuring backups, replication or failover, you’re leaving room for human error or missed steps. Automating your DR setup with PowerShell ensures that:

  1. Consistency: Every resource you deploy comes with disaster recovery configurations built in.
  2. Speed: You can quickly spin up backup and recovery solutions across multiple environments.
  3. Reliability: You know the drill is already set up and works exactly how it’s supposed to.

DR components you should automate

Before jumping into PowerShell scripts, it’s important to understand what parts of disaster recovery should be automated:

  • Backups: Regular, automated backups of your VMs, databases, and storage accounts.
  • Failover and Replication: Ensuring that critical resources can failover to a secondary region or location.
  • Disaster Recovery Plans: Documented and automated scripts that can restore key resources if something goes wrong.

1. Automating VM backups with Azure Recovery Services Vault

First off, backups. Your VMs and data need to be backed up regularly, and Azure Recovery Services Vault is your go-to service for automating backups.

PowerShell
# Connect to Azure
Connect-AzAccount

# Define parameters
$resourceGroupName = "GarsonResourceGroup"
$vaultName = "GarsonRecoveryVault"
$location = "West Europe"

# Create a Recovery Services Vault
New-AzRecoveryServicesVault -ResourceGroupName $resourceGroupName -Name $vaultName -Location $location

# Enable the Azure Backup service
Set-AzRecoveryServicesBackupProperty -VaultId (Get-AzRecoveryServicesVault -ResourceGroupName $resourceGroupName -Name $vaultName).ID

# Configure backup for a VM
$vm = Get-AzVM -ResourceGroupName $resourceGroupName -Name "GarsonVM"
$policy = Get-AzRecoveryServicesBackupProtectionPolicy -VaultId (Get-AzRecoveryServicesVault -ResourceGroupName $resourceGroupName -Name $vaultName).ID -Name "DefaultPolicy"

# Enable VM backup with the defined policy
Enable-AzRecoveryServicesBackupProtection -ResourceGroupName $resourceGroupName -VaultName $vaultName -Policy $policy -VirtualMachineId $vm.Id

2. Automating DR with Azure Site Recovery (ASR)

Next, let’s talk about failover and replication. This is where Azure Site Recovery (ASR) comes into play. ASR ensures that your critical workloads can failover to a secondary region if the primary region goes down. This script configures Azure Site Recovery to replicate a VM from the primary region to a secondary region and sets up a replication policy to ensure regular synchronization. This means if your primary region fails, you can failover to the secondary region with minimal downtime.

PowerShell
# Define parameters
$recoveryVault = Get-AzRecoveryServicesVault -ResourceGroupName $resourceGroupName -Name $vaultName
$primaryRegion = "West Europe"
$secondaryRegion = "North Europe"

# Set up the replication policy
$policy = New-AzRecoveryServicesAsrPolicy -Name "GarsonReplicationPolicy" -RecoveryPointRetentionInHours 24 -ApplicationConsistentSnapshotFrequencyInHours 4 -CopyStartTime 02:00

# Enable replication for a VM
$vm = Get-AzVM -ResourceGroupName $resourceGroupName -Name "GarsonVM"
Start-AzRecoveryServicesAsrReplicationProtectedItem -ProtectionContainerMappingName "GarsonProtectionContainerMapping" -VirtualMachine $vm.Id -SourceLocation $primaryRegion -TargetLocation $secondaryRegion -RecoveryPolicy $policy

3. Automating Storage Account backup

Your VMs aren’t the only critical resources—your storage accounts often contain important data that needs protection too. Automating backup for storage accounts ensures that if data is corrupted or deleted, you can restore it quickly. This PowerShell script configures soft delete on the blob storage account and automates the process of copying blobs to a backup storage account. This ensures that even if the primary storage is compromised, you’ve got a backup to restore from.

PowerShell
# Define parameters
$storageAccountName = "garsonstorageaccount"
$backupContainerName = "backups"
$destination = "garsonbackupaccount"

# Enable blob soft delete to ensure accidental deletion can be recovered
Set-AzStorageBlobServiceProperty -ResourceGroupName $resourceGroupName -AccountName $storageAccountName -EnableDeleteRetentionPolicy -DeleteRetentionPolicyDays 14

# Automate backup by copying blobs to a backup storage account
$storageContext = New-AzStorageContext -StorageAccountName $storageAccountName
$destinationContext = New-AzStorageContext -StorageAccountName $destination

Start-AzStorageBlobCopy -SrcBlob "datafile.txt" -SrcContainer "datacontainer" -DestContainer $backupContainerName -Context $storageContext -DestContext $destinationContext

4. Building an automated DR plan

Having backup and replication set up is great, but you need an automated recovery plan that you can execute with a single command when disaster strikes. Using PowerShell, you can create a runbook that restores critical services in the event of a failure.

PowerShell
# Example recovery script
$vault = Get-AzRecoveryServicesVault -ResourceGroupName $resourceGroupName -Name $vaultName

# Failover to secondary region for VM
Start-AzRecoveryServicesAsrFailoverJob -ResourceGroupName $resourceGroupName -VaultId $vault.ID -ProtectionContainerName "GarsonVM" -TargetLocation "North Europe"

# Restore data from backup
Start-AzRecoveryServicesBackupRestoreJob -VaultId $vault.Id -ItemName "GarsonVMBackup" -TargetResourceGroupName "GarsonRecoveryRG"

Disaster recovery is not a luxury, it’s a necessity. By automating your disaster recovery strategy with PowerShell and embedding it within your IaC deployments, you ensure that every resource you deploy is resilient and protected against the worst-case scenarios.

From automated backups to cross-region replication, these PowerShell scripts give you a solid foundation to automate your disaster recovery strategies in Azure. With this setup, you’re not just prepared, but you’re confident that when disaster strikes, you’ve got a plan (and scripts!) to bounce back.

Get started now. Don’t wait for the unexpected and build resilience into your infrastructure today!

Azure 101. Exploring the Azure Portal and Key Services

Tags:
No Comments

Post A Comment

Verified by MonsterInsights