Backing Up Files with Azure File Sync
Backup in the Cloud
One of the primary features of Azure File Sync (AFS) is the ability to move your backups from the file server to the cloud. When you synchronize a folder to Azure with Azure File Sync, it is strongly recommended that you relocate the backup task to Azure. This is because you’ll probably have introduced cloud tiering, and an on-premises backup solution might not respect the offline status (O attribute) of a cloud tiered file, and needlessly download gigabytes or terabytes of files every night.
By using Azure Backup, you can:
- Centralize the backup function.
- Simplify deployments in branch offices and small businesses.
- Backup to the cloud … because the files are already in the cloud.
- Store files “offsite” by using the default geo-redundant blob storage of the recovery services vault, which will replicate your backups to the region that is paired to the location of your AFS storage sync service.
- Reduce costs by using storage and pay-per-usage backup in the cloud.
Tip: Those of you using Azure Backup MARS agent to protect on-premises file servers might consider AFS because it also adds disaster recovery and multi-site replication, and the entire backup function is cloud-based.
Today, the backup works by creating incremental snapshots of the files in the storage account. Backups are not transferred to the Azure Backup recovery services vault – but this is supposed to be coming. It is important to place a delete lock on the storage account to prevent accidental deletion of the master copy of your synchronized files and their backups/replicas. The Azure Backup preview for Azure Files is in preview, and the retention provided by the current system is limited to retaining up to 120 daily backups.
You will need two things to begin:
- AFS must be configured and is synchronizing files to a storage account. Make sure that the storage account has a delete lock on it.
- Deploy a recovery services vault in the same region as the AFS deployment.
Although Azure Backup doesn’t use its own blob storage for backups yet, if you wish to reduce costs for when it does, then you should reconfigure the recovery services vault to use locally-redundant storage (Backup Infrastructure > Backup Configuration) before you register an Azure Files share for backup because you cannot change it afterwards. I would recommend sticking with GRS because the storage is cheap, even at double the cost, and having that “offsite” copy of backups is considered good practice.
To enable backups, open the recovery services vault that will orchestrate the backup process, navigate to Backup Items (under Protected Items) > Azure Storage (Azure Files).
Click + Add to add a new Azure Files share (the contents of an AFS sync group) to protect. A Backup Goal will appear. In the preview, this will assume that you want to backup Azure virtual machines. Change the configuration to backup Azure Files shares in Azure, as shown below.
Click Backup. The next series of blades will start with a delay as they discover possible items to discover. The Select Storage Account blade will take a few moments to discover the storage accounts in the same region as the recovery services vault in your subscription. Select the storage account with the Azure Files share and click OK.
The shares of this storage account will eventually be displayed. Select those shares that you wish to protect with this backup job and click OK.
If this is the first time you’ve done this kind of backup with this recovery services vault, you will have to create a new backup policy. Otherwise you can select an existing policy. The policy requires:
- Policy Name: An alphanumeric name that must not have spaces and cannot start with a number.
- Backup Frequency: Specify when this daily backup will happen.
- Retention: Keep the backups for between 1 and 120 days.
Click OK to close this blade and then click Enable Backup; this will create a policy to schedule the backup. Note that the first backup will take place according to this schedule. But you can always run a manual backup either from Backup Items in the recovery services vault or in the Azure Files share.
When you run a manual backup, by clicking Backup Now, you are asked to specify a custom retention time for this backup’s recovery point.
Note: If you delete a share, you delete its backups.
In a future post, I will show you how to restore from these backups.