> Documentation > Backup and Restore Agents > Virtualization > Virtual Server Agent > Microsoft Azure > Configuration

Creating a Microsoft Azure Client

An Azure virtualization client manages data protection operations for an Azure subscription. You must create Azure clients on client computers installed with the Virtual Server Agent.

If you have multiple Azure subscriptions, create a virtualization client for each subscription.

If your environment includes both Azure Classic and Azure Resource Manager (ARM), you must configure separate virtualization clients for Classic and ARM.

To perform backup operations, each virtualization client can include multiple proxies where the Virtual Server Agent is installed. The virtualization client also enables proxy teaming, enabling proxy failovers for fault tolerant backups. Using multiple proxies for each virtualization client makes it possible to perform backups for a large number of virtual machines in a limited backup window.

When you create a virtualization client, the Commvault software automatically creates an Azure instance, a backup set, and a default subclient that can be used to protect all virtual machines. You can create additional subclients to perform separate protection operations for different groups of virtual machines. For example, you can create a different subclient for different guest operating systems, and use the default subclient to protect any remaining virtual machines that are not covered by user-defined subclients.

To convert virtual machines to Azure Classic or ARM, and to create VM Lifecycle Policies (for Azure Classic only), you must have an Azure virtualization client.

Deprecated The Azure Classic Deployment Model feature will be deprecated in Service Pack 17. Use the Azure Resource Manager Deployment Model for new configurations, and to redeploy existing Azure Classic resources. In Service Pack 17, existing Azure Classic configurations will continue to work as defined. However, new configurations will not be supported.

Before You Begin

Before you can create an Azure hypervisor (virtualization client), the Azure subscription must have a resource group defined.

Azure Classic Deployments

For Azure Classic deployments, you must provide the following information during client configuration:

  • An Azure subscription ID and thumbprint are required.

    Obtain your subscription ID and thumbprint from the Azure website, under Settings.

  • You must create and upload an Azure management certificate. For instructions, see Setting Up an Azure Management Certificate.

Azure Resource Manager Deployments

There are two methods for Azure Resource Manager deployment:

  • Traditional method of deployment with Azure Active Directory where you must set up the application and tenant. With this option during client configuration, you must provide the following information:

    • Subscription ID

    • Tenant ID

    • Application ID and password

    Refer to Setting Up an Application and Tenant for Azure Resource Manager to complete this type of deployment.

  • Managed Identity authentication with Azure Active Directory. This is a more secure method of deployment. Using this method ensures that your Azure subscription is accessed only from authorized Managed Identity-enabled virtual machines. In addition, the process of creating an Azure client is more simplified; you will only need the Subscription ID, you will not need the Tenant ID, Application ID and Application Password to create a client.

    Refer to Setting Up Managed Identity Authentication for Azure Resource Manager to complete this type of deployment.

Azure Endpoints

To support backups and restores that are not available through the Azure global endpoint, create the AzureRegion additional setting on the VSA access node and specify the additional endpoints as values.

For instructions on adding additional settings from the CommCell Console, see Add or Modify an Additional Setting.

Property

Value

Name

AzureRegion

Category

VirtualServer

Type

String

Value

China,usgov,Germany

Procedure

  1. From the CommCell Browser, right-click Client Computers and select New Client > Virtualization > Azure.

  2. On the Create Azure Client dialog, select one of the following from the Deployment Model list:

    • Classic

    • Resource Manager

  3. For either deployment model, enter the following information:

    • Client Name: Enter a descriptive name for the virtualization client.

    • Subscription ID: Enter the subscription ID for your Azure account.

  4. For Azure Classic deployments, provide the following additional information:

    • Thumbprint: Enter the thumbprint for the Azure management certificate in this box and in the Confirm Thumbprint box.

      This value is secure and is not shown when you redisplay the client or instance properties.

      Note: Although the thumbprint provided in the certificate properties might be in mixed case, you must enter it in this dialog box using UPPERCASE LETTERS for the alphabetic characters.

  5. For Azure Resource Manager deployments:

    • For traditional deployment with Azure Active Directory add the following:

      • Tenant ID: Enter the tenant ID associated with the virtualization client.

      • Application ID: Enter the application ID associated with the tenant.

      • Application Password: Enter the password for the application in this box and in the Application Confirm Password box.

    • For Managed Identity authentication deployment with Azure Active Directory, add the following:

      • Connect using Managed Identity: Enable this option.

  6. From the Storage Policy list, select a storage policy to associate with the virtualization client.

    The storage policy you select is also associated with the default subclient that is created automatically for the virtualization client.

  7. Add VSA proxies to be used for Azure operations:

    1. Next to Proxies, click Add.

    2. In the Select Clients/Client Groups dialog box, select one or more VSA proxies.

      Notes:

      • For Azure Classic, the VSA proxy must have an Azure management certificate installed.

      • Specify different proxies for Azure Classic and Azure Resource Manager.

      • For Managed Identity Authentication deployment, you must select Managed Identity-enabled proxies to ensure that backup and restore operations are successful.

    3. Click OK.

  8. Click OK to create the virtualization client.

  9. Refresh Azure information:

    Azure Classic:

    1. Go to Client Computers > Azure Client > Virtual Server, right-click Azure, and then click All Tasks > Refresh Azure Cloud Services.

    2. In the Refresh Azure Cloud Services dialog box, refresh or discover virtual machines:

      • To refresh the status of Azure virtual machines, select Refresh VM Status.

        This option retrieves the current status for VMs that have already been discovered, including the GUID, operating system, disk information, and power status.

      • To discover all virtual machines and add them to the CommCell Console as clients, select Discover VMs.

        This option collects information for all VMs and adds information for new VMs to the CommServe database.

    Azure Resource Manager:

    1. Go to Client Computers > Azure Client > Virtual Server, right-click Azure Resource Manager, and then click All Tasks > Refresh Azure Resource Manager.

    2. In the Refresh Datacenters dialog box, refresh or discover virtual machines:

      • To refresh the status of Azure virtual machines, select Refresh VM Status.

      • To discover all virtual machines and add them to the CommCell Console as clients, select Discover VMs.

  10. Click OK.

    Depending on your selections, this operation might take some time.

Loading...