Host-based backup of VMware vSphere VMs.
Post Reply
albertwt
Veteran
Posts: 921
Liked: 52 times
Joined: Nov 05, 2009 12:24 pm
Location: Sydney, NSW
Contact:

Feature Request: Test VM restore to Azure at the beginning of the restore process

Post by albertwt »

Hi Team,

Using Veeam Backup and Recovery v12.1.0.2131 to restore my VMware vSphere VM backup to Azure VM with this article https://helpcenter.veeam.com/docs/backu ... ml?ver=120

I would like to suggest a feature request to display a more comprehensive error message at the start of the Azure restoration process, instead of waiting until the end of the process, which can take several hours, and result in an unclear and vague error message.

Code: Select all

Error Restore job failed Error: Insufficient Azure API permissions
While the actual error is shown under the directory:

Code: Select all

%ProgramData%\Veeam\Backup\<backup job name>\Vm.<VMNAME>.Re.LOG
The issue I'm facing above is due to the target Azure Tenant having a custom Azure Policy that restricts only some specific SKUs to be deployed.

I hope this helps the product management team release feature updates more efficiently, as it saves time and frustration by reducing the hours we wait for the end of the restore process.

Thank you.
--
/* Veeam software enthusiast user & supporter ! */
albertwt
Veteran
Posts: 921
Liked: 52 times
Joined: Nov 05, 2009 12:24 pm
Location: Sydney, NSW
Contact:

Re: Feature Request: Test VM restore to Azure at the beginning of the restore process

Post by albertwt »

This is the snippets of the logs that show the detailed Azure Policy JSON file and its response.

Code: Select all

[15.02.2024 19:45:03.761]    <01>    Info (3)    [AzureRmAPI] Request: https://management.azure.com/subscriptions/GUID/resourceGroups/RG-NAME/providers/Microsoft.Compute/virtualmachines/Az-VM-NAME?api-version=2018-06-01
[15.02.2024 19:45:03.995]    <01>   Error (3)    Failed to perform http request
[15.02.2024 19:45:03.995]    <01>   Error (3)    The remote server returned an error: (403) Forbidden. (System.Net.WebException)
[15.02.2024 19:45:03.995]    <01>   Error (3)       at System.Net.HttpWebRequest.GetResponse()
[15.02.2024 19:45:03.995]    <01>   Error (3)       at Veeam.Backup.AzureAPI.CAzureRMAPI.DoWebRequest(String requestType, String url, CAzureRequestOptions options, Boolean addApiVersion, String requestBody)
[15.02.2024 19:45:03.995]    <01>   Error (3)       at Veeam.Backup.AzureAPI.CAzureRMAPI.DoRequest(String requestType, String url, CAzureRequestOptions options, Boolean addApiVersion, String requestBody)
[15.02.2024 19:45:03.995]    <01>    Info (3)    Error response: {
    "error": {
        "code": "RequestDisallowedByPolicy",
        "target": "Az-VM-NAME",
        "message": "Resource 'Az-VM-NAME' was disallowed by policy. Reasons: 'You are deploying a VM size not approved the IT Team. please modify the size of the VM and redeploy. Contact IT Support if you need help.'. See error details for policy resource IDs.",
        "additionalInfo": [
            {
                "type": "PolicyViolation",
                "info": {
                    "evaluationDetails": {
                        "evaluatedExpressions": [
                            {
                                "result": "True",
                                "expressionKind": "Field",
                                "expression": "type",
                                "path": "type",
                                "expressionValue": "Microsoft.Compute/virtualmachines",
                                "targetValue": "Microsoft.Compute/virtualMachines",
                                "operator": "Equals"
                            },
                            {
                                "result": "False",
                                "expressionKind": "Field",
                                "expression": "Microsoft.Compute/virtualMachines/sku.name",
                                "path": "properties.hardwareProfile.vmSize",
                                "expressionValue": "Standard_B8ls_v2",
                                "targetValue": [
                                    "basic_a0",
                                    "basic_a1",
                                    "basic_a2"
                                ],
                                "operator": "In"
                            }
                        ],
                        "reason": "Not approved by the IT team. please modify the size of the VM and redeploy. Contact IT Support if you need help."
                    },
                    "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/POLICY-GUID",
                    "policyDefinitionName": "POLICY-GUID",
                    "policyDefinitionDisplayName": "Allowed virtual machine size SKUs",
                    "policyDefinitionEffect": "Deny",
                    "policyAssignmentId": "/providers/Microsoft.Management/managementGroups/Root-Management-Group/providers/Microsoft.Authorization/policyAssignments/POLICY-GUID",
                    "policyAssignmentName": "POLICY-GUID",
                    "policyAssignmentDisplayName": "Specific virtual machine SKU sizes",
                    "policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/Root-Management-Group",
                    "policyAssignmentParameters": {
                        "listOfAllowedSKUs": [
                            "basic_a0",
                            "basic_a1",
                            "basic_a2"
                        ]
                    },
                    "policyExemptionIds": []
                }
            }
        ]
    }
}
[15.02.2024 19:45:04.011]    <01>   Error (3)    Failed to deploy vm
[15.02.2024 19:45:04.011]    <01>   Error (3)    Insufficient Azure API permissions (Veeam.Backup.AzureAPI.CAzureWebException)
[15.02.2024 19:45:04.011]    <01>   Error (3)       at Veeam.Backup.AzureAPI.CAzureRMAPI.DoRequest(String requestType, String url, CAzureRequestOptions options, Boolean addApiVersion, String requestBody)
[15.02.2024 19:45:04.011]    <01>   Error (3)       at Veeam.Backup.AzureAPI.CAzureRMAPI.DoRequest(String requestMethod, String url, CAzureRequestOptions options, Boolean addApiVersion, String requestBody, Int32 retryCount)
[15.02.2024 19:45:04.011]    <01>   Error (3)       at Veeam.Backup.AzureAPI.CAzureVmRmInvoker.CreateOrUpdate(String resourceGroup, CAzureRmVmInfo vmInfo)
[15.02.2024 19:45:04.011]    <01>   Error (3)       at Veeam.Backup.Core.CAzureRmVmDeployer.DeployVm(CAzureVmSpec vmSpec, EAzureHvGenerationType generation, IAzureRestoreDisk systemDisk, IAzureRestoreDisk[] dataDisks, EGuestOsKind osKind, EAzureDiskManagementType diskManagementType, CAzureVmOriginalContext context, ISessionLogger logger)
[15.02.2024 19:45:04.011]    <01>    Info (3)    [AzureRmInvoker] Deleting network interface

If this error can be avoided at the beginning of the restoration process / validated before, it is very helpful.

Thank you.
--
/* Veeam software enthusiast user & supporter ! */
Post Reply

Who is online

Users browsing this forum: Driaan.Odendaal, Semrush [Bot], StanoSedliak and 86 guests