Quick NavigationWhy did we do this?The Prerequisite WorkPrepare Your VMware EnvironmentVMware account permissionsCompatabilitySet-up Azure resourcesCreating a storage accountCreating a vaultCreate an Azure networkConfigure DR to Azure for On-Premise VMwareConfigure Azure for replicationReplicating a VM/VM’sWhat’s next?
Why did we do this?
We have many customers with on-premise or privately hosted VMware VMs running on highly scalable platforms. They need effective disaster recovery solutions for these VMs but often don’t want to invest in the same primary infrastructure solution for DR because of the cost.
More…
Who can blame them, doubling up the investment in the production platform for something they may never use isn’t a great sell to the Board! To help address this issue we have started using Azure Site Recovery as the site recovery option, although not completely pay as-you-use, the operational cost is often more palatable than a big capital expenditure cost for DR.
The prerequisite work.
Prepare your VMware environment.
To get this up and running we are going to need an Account that can access your VMware resources. For testing you could use an admin account, but if this were in production this should definitely be a service account!
Site Recovery needs access to VMware servers to:
- Automatically discovers VMs. At least a read-only account is required.
- To orchestrate replication, failover, and failback you need an account that can run operations such as creating and removing disks, and powering on VMs.
VMware account permissions.
Compatability.
Your VMware servers must be:
- vCenter – 6.5, 6.0 or 55
- vSphere Hosts – 6.5, 6.0, 5.5
Your VM’s must also meet the following criteria:
So which operating systems are available? here is a full list of supported OS’s
Set-up Azure resources.
In order to setup the required resources you must have the following permissions:
- Permission to create a VM in the selected resource group
- Permission to create a VM in the selected virtual network
- Permission to write to the selected storage account
The ‘Virtual Machine Contributor’ built-in role has these permissions. You also need permission to manage Azure Site Recovery operations. The ‘Site Recovery Contributor’ role has all permissions required to manage Site Recovery operations in a Recovery Services vault.
Creating a storage account.
After logging into the Azure portal from the menu select – New > Storage account >add
This will start a the “Create Storage Account” Blade (The name you give this storage account needs to be unique within Azure).
- Use the Resource manage deployment model
- Standard Performance – we have no need for SSD here
- We are only using LRS (local redundant storage) for this however with production data you should really be looking to use GRS (Geo Redundant Storage)
- Select your subscription
- Then, either Create or add to a Resource group, in this case we are creating a resource group for this storage account
Now we have created a storage account, the next step is to create a vault.
Creating a vault.
In your Azure portal navigate to – New > Recovery services Vault > Add
(You might have to select more services to display this, if you select the star Icon this will then be added to your favourites)
From the next screen, select “Add” and this should open the Create Recovery Services Vault Blade. We have selected to use the same resource group as we created in the storage configuration.
Now we have a service vault the next step is to setup a Virtual network.
Create an Azure network.
This will be the network the machine will join once failed over. From the Azure Portal select – New >Virtual networks > New
This then opens the create virtual networks Blade (again we have used the same resource group as the previous 2 steps).
Configure DR to Azure for on-premise VMware.
Breaking this down into a few simple steps we will be looking to:
- Specify the replication source and target
- Set up the source replication environment, including on-premises Azure Site Recovery components, and the target replication environment
- Create a replication policy
- Enable replication for a VM
Configure Azure for replication.
- Click on the recovery Service Vault and then select the vault to replicate to
- From the “Getting Started” section click, Site Recovery, then Prepare infrastructure
From the “Prepare Infrastructure” blade, select the “protection goal”
On-premises > To Azure > Yes, with VMware vSphere Hypervisor
Next we need to select if we have done the deployment planning, which will estimate bandwidth and storage etc (this is a topic for another day!), in this case we are going to select the “I will do this later” option.
We then need to go back and prepare our replication VM to connect this to vSphere, this vm is essentially a replication gateway for the traffic from your VCenter server to Azure.
The Requirements for this server are :
This VM also needs to have access to the following URL’s
*.accesscontrol.windows.net
https://login.microsoftonline.com
\*.backup.windowsazure.com
\*.blob.core.windows.net
\*.hypervrecoverymanager.windowsazure.com
Now we need download the “Site Recovery Unified Setup File” from the Prepare source blade. You have to open “configuration server”, the download link should be visible on the left pane.
Also, download the vault registration key as this will be required during the setup.
The prerequisites, mentioned earlier, have already been installed on our server, so once this is downloaded run the setup.
Once it is extracted the wizard will start, for this we are going to select “install the configuration server and process server”.
Then Accept the licence agreement for MySQL.
In the next step we will need to import the vault key that we have previously downloaded.
Next confirm the Internet Settings, in our case we are connecting without a proxy.
Click next through the prerequisite check (we have one error as this test machine does not have a static IP, and we don’t have the recommended disk size). This will work for our test deployment, but this would need to be correct for a production environment.
Next set a root password for MySQL.
In the next screen select “yes” to protect your VMware virtual machine, this will confirm if the prerequisites have been met.
Then select the install location.
Select the NIC we are looking to use, select the NIC and then install.
When you click finish be sure to copy the passphrase to the clipboard and store it.
Once this is complete we then need to register the VCenter server, when this completes the “Microsoft Azure Site Recovery Configuration Server” loads. The first tab should have the option to create an account to discover VCenter severs and install the required agents.
Select “add account” then, add the details and close.
If you then go back to the Azure console, you should then see the machine you have just created.
The next step is to add your VCenter Server (this can often take several minutes).
Once this is complete the next blade will ask you to select subscription, and deployment model, compatible networks, and storage.
The next screen will ask to create and associate a replication policy, here we have used the defaults to create our policy.
Replicating a VM or VMs.
With both Azure and the on premises “gateway” server configured to communicate, we are now ready to replicate a VM.
This will open the Enable Replication blade. In the first pane we need to pick our source, location, the VCenter we intend to use and the process server. In our case we only have one configured, however, if you have multiple you will need to select the desired one
The next step configures the target, here we are selecting the subscription, deployment model, and the failover network.
Next step is to select the VM or VMs to replicate.
Then select the account, which is simple in the case as we only have one.
Then select the replication policy, this is simple as we only have one. Here we have the option to replicate machines together in consistency groups which would be useful in a production environment but for a single test VM this does not apply.
The progress of this job can be found from the replicated Items section.
Once this job is complete we have the option to failover etc from the right-hand side of the job.
Selecting the job gives further information, about the VM, properties and Overview shows details about the VM and its size etc.
Another useful section is the “Compute and Network” menu as from here machine properties of the failover VM can be amended, such as instance size etc.
What’s next?
In the next related article we will cover the failover and failback process, as well as building recovery plans.
If you found this article helpful please let us know below and spread the word by giving it a share.