For Azure SQL and SQL Managed Instance
These limitations and considerations apply to Azure SQL database and Azure Managed Instance backups.
Configure the backup method - you can create and configure the
dbpaas_config.jsonfile for each policy to specify a backup method to fit your requirements. Note that you must give the CDC consent through NetBackup UI.Create the
dbpaas_config.jsonfile at:/openv/netbackup/db/>dbpaas_config.jsonFollow an equivalent path for Windows OS.
Here is a sample
dbpaas_config.jsonfile:{ "Configurations": [ { "PolicyName": "policy_name", "BackupMethod": "OFFLOAD_TO_BACKUP_HOST", "BatchCount": 1024 } ] }Explanation of the parameters:
PolicyName- the name of the policy to which you want to apply the JSON.For
BackupMethoduse any of the following values:OFFLOAD_TO_SERVER- this performs all the CDC processing at the SQL/MI server side. This is the default behavior.OFFLOAD_TO_BACKUP_HOST- in this method, the CDC data is fetched to the backup host from the server. The fetched data is processed at the backup host.
BatchCount- determines how many transactions of records are processed at a time.
For Azure SQL database and Azure SQL Managed Instance workloads, NetBackup protection plans do not include some backup configuration options such as BackupMethod and BatchCount. To use these options:
Use a NetBackup policy instead of a protection plan.
Reference the configured policy in your DBPaaS configuration file.
When using a protection plan, any changes to these options in the DBPaaS configuration file are ignored.
If an Azure VM is used as a media server, it must be in the same Vnet as that of the Azure Managed instance. Alternatively, if the media server and SQL Managed instance are in different Vnet, then both the Vnets must peer to access the database instance.
NetBackup requires user consent to enable SQL Server's Change Data Capture (CDC) for backup operations. This CDC option is enabled by default in the protection plans.
If the CDC option is enabled, NetBackup uses SQL Server's CDC mechanism.
If the CDC option is disabled, backups fail - except for Azure SQL Managed Instances using Customer-Managed Keys (CMK) and full backup schedules.
After deleting a database, you must stop CDC capture, disable cleanup jobs, and perform manual cleanup.
For smooth CDC performance, do the following:
Do not use DDL triggers that block schema changes. Like, CREATE/DROP TABLE, CREATE/DROP FUNCTION.
Ensure that the SQL Server Agent service is running.
Use an account with db_owner or sysadmin privileges for CDC setup.
To avoid capture_instance conflicts, check if the table is already CDC-enabled.
Backup fails when Readlock is placed on the database or resource group.
If the databases contain any of these types of tables, the backup fail due to CDC limitations.
Graph tables
Temporal tables
Ledger tables (Updatable ledger)
Memory optimized table (business critical tier only)
For Azure Managed instance databases, if the backup taken using the native backup database workflow, using TDE enabled by Customer-managed Keys or TDE disabled, these types of tables are supported.
Database diagrams not restored.
NetBackup can back up and restore databases to new environments, but the identity columns may not retain their original seed values. This can cause new records to receive unexpected identity numbers, especially if rows were deleted before the backup. However, this issue does not affect TDE-enabled Azure SQL Managed Instance databases configured with a CMK and backed up either with the native BAK format or through a policy without CDC consent.
NetBackup supports column-level encryption only for Azure SQL Managed database instances where TDE is configured with CMK. Backups must be full backups, taken either with the native BAK format or through a policy without CDC consent.
To restore a database on an Azure SQL server or Azure Managed Instance, you must assign AAD admin privilege on the target server. Before the restore, assign the rights to any of these:
The system or the user-managed identity of the media servers.
The
vm-scale-setin which the NetBackup media is deployed; in case of AKS or EKS deployment.
Consider the following for the SqlPackage utility.
SqlPackage may fail to export the following SQL Server objects: Logins, Jobs (SQL Agent Jobs), Linked Servers, Server-level permissions, Server roles, Credentials, Database Mail configuration, Replication settings, SSIS packages, Service Broker objects, CLR assemblies, Data in FILESTREAM/FILETABLE, Encrypted objects (if keys/certs are not exported), Cross-database dependencies, Extended stored procedures, and certain system objects.
SqlPackage primarily exports database-level objects and data, but not server-level or agent-level configurations. For a complete migration, use additional tools or scripts to handle these objects.