Automate Disk Snapshots in Azure !

snapshot

In Azure there are two ways to backup your Virtual Machines. First method is using the native Backup service which creates restore points of the VM periodically based on the policy selected by user. The restore points can then be used to either restore disks or the entire VM. Second method is creating VM disk snapshots which can be used to create a new VM.

We are going to discuss the second option i.e automating the process of creating disk snapshots using powershell.

Example scenario – Create daily snapshot of the Disks which have associated tag – Snapshot=True

This means, our powershell script will fetch the list of Disks present in a Subscription / ResourceGroup and then select the Disks having Tag – “Snapshot”= “True” and create the snapshots of selected Disks. In order to automate the script to run daily at a particular time, we are going to use the Azure Automation Runbook.


Steps

  • Add Snapshot=True tag to the Disks for which you want to automate the snapshot process.

Disk_Tag

  • Go to Azure Automation service and create an account. Once account is created, add a new RunBook of type Powershell.

CreateRunbook

  • Add the following Powershell script to the runbook-
$clientID = "<client id>"
$key = "<client secret>"
$SecurePassword = $key | ConvertTo-SecureString -AsPlainText -Force
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $clientID, $SecurePassword
Add-AzureRmAccount -Credential $cred -Tenant "<Tenant ID>" -ServicePrincipal;
$disks=Get-AzureRmDisk | Select Name,Tags,Id,Location,ResourceGroupName ; 
foreach($disk in $disks) { foreach($tag in $disk.Tags) { if($tag.Snapshot -eq 'True') {$snapshotconfig = New-AzureRmSnapshotConfig -SourceUri $disk.Id -CreateOption Copy -Location $disk.Location -AccountType PremiumLRS;$SnapshotName=$disk.Name+(Get-Date -Format "yyyy-MM-dd");New-AzureRmSnapshot -Snapshot $snapshotconfig -SnapshotName $SnapshotName -ResourceGroupName $disk.ResourceGroupName }}}

Replace the following in script-

<client id> with Client ID of application which has atleast Contributor access to the Subscription.

<client secret> with Secret key of the application

<Tenant ID>  with the Azure AD Tenant ID

If you prefer user credentials instead of application, then –

<client id> with user id /username of the Azure login account.

<client secret> with password of the Azure login account.

Remove -ServicePrincipal from the Add-AzureRmAccount command.

  • Publish the Runbook when all the changes are done. (You can test the script using Test pane option in runbook)
  • Once the Runbook is published, go back to the Azure Automation Account and select Schedules. Click on Add a Schedule.

AddSchedule

  • Enter the details and select a schedule at which you want to run the script with Recurring option and click on create.

Schedule

  • Now go back to the published Runbook and click on Schedules from left pane. Then click on Add a Schedule and select the newly created schedule. Click ok and you are done.

SelectSchedule.pg

  • The Automation Service will create daily snapshots of the Disks having Tag (Snapshot=True). The Snapshot name will have date appended at the end so that you can keep track of when the snapshot was created.

Note- These snapshots hold good for encrypted disks as well. There is no need to configure Secret or Keys along with encrypted snapshots. In next post we have covered the process of restoring the encrypted disk snapshots to a fresh VM.

Do let us know about any issues you face while implementing Runbook.

Thanks for checking out. Do comment / like and share.

Categories
Comments
All comments.
Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  1. Srinivas T

    Thanks. Exactly what I was looking for.
    Looking forward to your article on encryption.

  2. Create Linux VM from Encrypted Disk Snapshots in Azure ! - TechManyu

    […] my previous article, I covered the steps to automate disk snapshots in Azure (valid for encrypted as well as […]

  3. kopper

    that is great now I would a way that when let’s say seven snapshots are taken delete the oldest one is that possible?

    thanks

  4. karlochacon

    that looks great for me, but if it’s not much to ask I would like a way to always have only let’s say 7 snapshots basically so when the snapshot number 8 is taken the first one is delete it in order to have only seven

    any idea how to accomplish that?

    I know this Azure Backup function but Azure Backup won’t support Windows 2008 x32 bits

    thanks

  5. Abhimanyu

    Thanks for your query. Yes you can certainly achieve it by creating another runbook which can fetch all the snapshots, then check the count and delete the oldest snapshot.