Setting up Azure Disaster Recovery for on-premises VMware VMs
January 6, 2018

Quick NavigationWhy did we do this?The Prerequisite WorkPrepare Your VMware EnvironmentVMware account permissionsCompatabilitySet-up Azure resourcesCreating a storage accountCreating a vaultCreate an Azure networkConfigure DR to Azure for On-Premise VMwareConfigure Azure for replicationReplicating a VM/VM’sWhat’s next?

Why did we do this?

We have many customers with on-premise or privately hosted VMware VMs running on highly scalable platforms. They need effective disaster recovery solutions for these VMs but often don’t want to invest in the same primary infrastructure solution for DR because of the cost.

More…

Who can blame them, doubling up the investment in the production platform for something they may never use isn’t a great sell to the Board! To help address this issue we have started using Azure Site Recovery as the site recovery option, although not completely pay as-you-use, the operational cost is often more palatable than a big capital expenditure cost for DR.

The prerequisite work.

Prepare your VMware environment.

To get this up and running we are going to need an Account that can access your VMware resources. For testing you could use an admin account, but if this were in production this should definitely be a service account!

Site Recovery needs access to VMware servers to:

  • Automatically discovers VMs. At least a read-only account is required.
  • To orchestrate replication, failover, and failback you need an account that can run operations such as creating and removing disks, and powering on VMs.

VMware account permissions.

account-permissions

Compatability.

Your VMware servers must be:

  • vCenter –  6.5, 6.0 or 55
  • vSphere Hosts  – 6.5, 6.0, 5.5

Your VM’s must also meet the following criteria:

VM criteria

So which operating systems are available? here is a full list of supported OS’s

Set-up Azure resources.

In order to setup the required resources you must have the following permissions:

  • Permission to create a VM in the selected resource group
  • Permission to create a VM in the selected virtual network
  • Permission to write to the selected storage account

The ‘Virtual Machine Contributor’ built-in role has these permissions. You also need permission to manage Azure Site Recovery operations. The ‘Site Recovery Contributor’ role has all permissions required to manage Site Recovery operations in a Recovery Services vault.

Creating a storage account.

After logging into the Azure portal from the menu select – New > Storage account >add

create a storage account vm

This will start a the “Create Storage Account” Blade (The name you give this storage account needs to be unique within Azure).

  • Use the Resource manage deployment model
  • Standard Performance – we have no need for SSD here
  • We are only using LRS (local redundant storage) for this however with production data you should really be looking to use GRS (Geo Redundant Storage)
  • Select your subscription
  • Then, either Create or add to a Resource group, in this case we are creating a resource group for this storage account

create a storage account in azure

Now we have created a storage account, the next step is to create a vault.

Creating a vault.

In your Azure portal navigate to – New > Recovery services Vault > Add

(You might have to select more services to display this, if you select the star Icon this will then be added to your favourites)

azure creating recovery service vaults

From the next screen, select “Add” and this should open the Create Recovery Services Vault Blade. We have selected to use the same resource group as we created in the storage configuration.

azure recovery service vaults

Now we have a service vault the next step is to setup a Virtual network.

Create an Azure network.

This will be the network the machine will join once failed over. From the Azure Portal select – New >Virtual networks > New

This then opens the create virtual networks Blade (again we have used the same resource group as the previous 2 steps).

create an azure network

Configure DR to Azure for on-premise VMware.

Breaking this down into a few simple steps we will be looking to:

  • Specify the replication source and target
  • Set up the source replication environment, including on-premises Azure Site Recovery components, and the target replication environment
  • Create a replication policy
  • Enable replication for a VM

Configure Azure for replication.

  • Click on the recovery Service Vault and then select the vault to replicate to
  • From the “Getting Started” section click, Site Recovery, then Prepare infrastructure

configure azure for replication

From the “Prepare Infrastructure” blade, select the “protection goal”

On-premises > To Azure > Yes, with VMware vSphere Hypervisor

prepare infrastructure step 1

Next we need to select if we have done the deployment planning, which will estimate bandwidth and storage etc (this is a topic for another day!), in this case we are going to select the “I will do this later” option.

azure step 2

We then need to go back and prepare our replication VM to connect this to vSphere, this vm is essentially a replication gateway for the traffic from your VCenter server to Azure.

The Requirements for this server are :

Server requirements

This VM also needs to have access to the following URL’s

*.accesscontrol.windows.net

https://login.microsoftonline.com

\*.backup.windowsazure.com

\*.blob.core.windows.net

\*.hypervrecoverymanager.windowsazure.com

Now we need download the “Site Recovery Unified Setup File” from the Prepare source blade. You have to open  “configuration server”, the download link should be visible on the left pane.

Also, download the vault registration key as this will be required during the setup.

azure step 3

The prerequisites, mentioned earlier, have already been installed on our server, so once this is downloaded run the setup.

Once it is extracted the wizard will start, for this we are going to select “install the configuration server and process server”.

install the configuration server and process server

Then Accept the licence agreement for MySQL.

my sql agreement

In the next step we will need to import the vault key that we have previously downloaded.

azure recovery registration

Next confirm the Internet Settings, in our case we are connecting without a proxy.

azure internet connection settings

Click next through the prerequisite check (we have one error as this test machine does not have a static IP, and we don’t have the recommended disk size). This will work for our test deployment, but this would need to be correct for a production environment.

pre-requisite-checks

Next set a root password for MySQL.

azure root password sql

In the next screen select “yes” to protect your VMware virtual machine, this will confirm if the prerequisites have been met.

azure environment details

Then select the install location.

azure install location

Select the NIC we are looking to use, select the NIC and then install.

azure installation progress

When you click finish be sure to copy the passphrase to the clipboard and store it.

Once this is complete we then need to register the VCenter server, when this completes the “Microsoft Azure Site Recovery Configuration Server” loads. The first tab should have the option to create an account to discover VCenter severs and install the required agents.

vcenter add and manage account

Select “add account” then, add the details and close.

If you then go back to the Azure console, you should then see the machine you have just created.

The next step is to add your VCenter Server (this can often take several minutes).

step-3 add vcenter

Once this is complete the next blade will ask you to select subscription, and deployment model, compatible networks, and storage.

azure step 4

The next screen will ask to create and associate a replication policy, here we have used the defaults to create our policy.

Replicating a VM or VMs.

With both Azure and the on premises “gateway” server configured to communicate, we are now ready to replicate a VM.

replicating a vm

This will open the Enable Replication blade. In the first pane we need to pick our source, location, the VCenter we intend to use and the process server. In our case we only have one configured, however, if you have multiple you will need to select the desired one

vcenter configure source

The next step configures the target, here we are selecting the subscription, deployment model, and the failover network.

configure target vm

Next step is to select the VM or VMs to replicate.

select virtual machines

Then select the account, which is simple in the case as we only have one.

configure vm properties

Then select the replication policy, this is simple as we only have one. Here we have the option to replicate machines together in consistency groups which would be useful in a production environment but for a single test VM this does not apply.

configure vm replication settings

The progress of this job can be found from the replicated Items section.

replicated items selection

Once this job is complete we have the option to failover etc from the right-hand side of the job.

vm failover

Selecting the job gives further information, about the VM, properties and Overview shows details about the VM and its size etc.

vm properties selection

Another useful section is the “Compute and Network” menu as from here machine properties of the failover VM can be amended, such as instance size etc.

compute and network

What’s next?

In the next related article we will cover the failover and failback process, as well as building recovery plans.

If you found this article helpful please let us know below and spread the word by giving it a share.

More Articles