Archive for the ‘Azure Site Recovery’ Category
Site Recovery is an Azure service that contributes to your business continuity and disaster recovery (BCDR) strategy. Site Recovery orchestrates replication of on-premises physical servers and virtual machines to the cloud (Azure), or to a secondary datacenter. When outages occur in your primary location, you fail over to the secondary location to keep apps and workloads available. You fail back to your primary location when it returns to normal operations. Using ASR can be directly from the Azure Portal or Using OMS.
One or more Hyper-V server, running at least Windows Server 2012 R2 with the latest updates and the Hyper-V role enabled, or running Microsoft Hyper-V Server 2012 R2, with the latest updates. Hyper-V hosts need internet access, and need to be able to access specific URLs directly, or via a proxy.
Individual disk capacity on protected machines shouldn’t be more than 1023 GB. A VM can have up to 64 disks (thus up to 64 TB).
In this case I build a replica between a Hyper-v server and Azure.
In the Azure portal we search for backup.
Picked the Backup and Site Recovery (OMS) and create a Recovery vault. That’s it.. well .. close.
Opening this vault or if you don’t know where it is select the resource group and go from there to the ASR.
Selecting our ASR vault brings us to the backup and ASR.
It is a very busy menu and a lot of options are there and still new options may appear. And there are several ways to start with ASR.
Selecting the Site Recovery Infrastructure a new menu opens and already there are 3 configs. Hyper-v , vmware or VMM
We do the Hyper-v option.
It is all step by step and seams all very easy but you need to take care of some steps before you can complete the steps.
Register your Hyper-V host(s)
Make sure the host is running Windows Server 2012 R2 or above.
Download the Agent
the installer for the Microsoft Azure Site Recovery Provider.
Download the vault registration key to register the host in a Hyper-V site
This download is replication agent to Azure and need to be installed on the Hyper-v Server
Selecting the Site Recovery and start with Step 1
In this step We select our Protection goal select To Azure, and select Yes, with Hyper-V. Select No to confirm you’re not using VMM.
We need to create a Site of this hyper-v server. this is a Cosmetic name and points to the Hyper-v server or servers, if this is a Test server then this should be HVtest etc.
My site is Single Hyper-v server and already there a a few steps I need to install the Agent downloaded earlier and use the vault keys to connect to Azure.Also downloaded here
Installing the Hyper-v Agent
Use the Exe just downloaded and follow the steps.
Use a location be careful if not installing on the C drive and not replication the other drive there can be miscommunication in the VM. Better leave this default.
But in case You already played with this or want different naming and started all over the may be an issue “ the server is already registered”
To fix this error and enable the ASR Provider and agent setup to complete successfully, follow these steps:
- Go to the Register
- Make a backup of the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Azure Site Recovery
- Delete the registry key that you backed up in step 2.
- Restart the Provider and agent setup.
Use the downloaded Keys and import them.
Checking the Register you can see that the key is valid and all the info is there.
And the installation is done. It can take some time to add the server to Azure maybe several hops back and forth to the menu
You can see the process running in the Task manager.
Jumping back and to the step 2 you can see the Hyper-v server is added to the Vault.
Added a storage account and a network. If this is not the storage account or network you want no worry you can change this befor the replication starts.
Check this if you want a new account or different network.
Next step would be creating a replication policy.
- In Create and associate policy specify a policy name.
- In Copy frequency specify how often you want to replicate delta data after the initial replication (every 30 seconds, 5 or 15 minutes).
- In Recovery point retention, specify in hours how long the retention window will be for each recovery point. Protected machines can be recovered to any point within a window.
- In App-consistent snapshot frequency specify how frequently (1-12 hours) recovery points containing application-consistent snapshots will be created. Hyper-V uses two types of snapshots — a standard snapshot that provides an incremental snapshot of the entire virtual machine, and an application-consistent snapshot that takes a point-in-time snapshot of the application data inside the virtual machine. Application-consistent snapshots use Volume Shadow Copy Service (VSS) to ensure that applications are in a consistent state when the snapshot is taken. Note that if you enable application-consistent snapshots, it will affect the performance of applications running on source virtual machines. Ensure that the value you set is less than the number of additional recovery points you configure.
In Initial replication start time specify when to start the initial replication. The replication occurs over your internet bandwidth so you might want to schedule it outside your busy hours.
As you can see the policy’s are applied but you can create multiple but you can use only one at each site.
Site Recovery performs optimally when sufficient network bandwidth and storage are provisioned. Allocating insufficient capacity can lead to replication issues. Site Recovery provides a capacity planner to help you allocate the right resources for your source environment, the site recovery components, networking and storage. You can run the planner in quick mode for estimations based on an average number of VMs, disks, and storage, or in detailed mode in which you’ll input figures at the workload level.
Get the Azure Site Recovery Capacity planner here : Download
A quick overview of the Azure Site Recovery Capacity planner
If you skip this or thinking this will be fine I’ll show you later what can happen.
Now that all steps are completed in the ASR infrastructure we can start with step 2.
The replication can’t be Throttled only for backup operations you can Enable internet bandwidth usage throttling.
Selecting the Right networks for the replicated VM’s and subnets and the correct Storage account.
Next is selecting what VM’s I need to replicate. If there is no VM list then there is something wrong with your connection.
As my DPM machine has a disk larger than 1023 GB this can’t be replicated.
Selecting a few VM’s you can see even the names can be changed to the right Azure style or if there a characters in the name that are not supported.
In the old days you could only replicated one disk but now 64 Disks are supported. and you can select what disk you want and what to skip.
After these final steps we are ready to replicate
In a quick overview we can start the replication.
the replication is started and as you can see here comes the ASR Capacity planner.
OK this seams to be an issue for my other running VM’s on this hyper-v server.
Checking the Hyper-v server you can see the progress there or in Azure
But As ASR is using ASR you can also drill down on the replica options.
When the replica is done you can change the Azure VM in any way change the network , VM size the VM can be better than on prem.
As ASR stands for recovery you can do a test failover or planned. As you are not using VMM the Azure portal is the Orchestrator for the Failover.
Testing the VM is easy a you can run the VM Side by Side and you can change all the settings. A great option to get started with Azure.
Follow Me on Twitter @ClusterMVP
Follow My blog https://robertsmit.wordpress.com
Linkedin Profile Http://nl.linkedin.com/in/robertsmit
Google Me : https://www.google.nl
Bing Me : http://tinyurl.com/j6ny39w
LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog
Microsoft Azure Backup provides backup for rich application workloads like Microsoft SQL Server, Hyper-V VMs, SharePoint Server, Microsoft Exchange and Windows clients with support for both Disk to Disk backup for local copies and Disk to Disk to Cloud backup for long term retention.
With Microsoft Azure Backup, you can protect application workloads such as Hyper-V VMs, Microsoft SQL Server, SharePoint Server, Microsoft Exchange and Windows clients to:
– Disk (D2D), giving high RTOs for tier 1 workloads
– Azure (D2D2C) for long term retention.
And, you can manage the protection of various protected entities (servers and clients) from a single on-premises user interface.
You can deploy Microsoft Azure Backup server as:
– A physical standalone server.
– A Hyper-V virtual machine – You can run DPM as a virtual machine hosted on an on-premises Hyper-V host server, to back up on-premises data.
– A Windows virtual machine in VMware – You can deploy DPM to provide protection for Microsoft workloads running on Windows virtual machines in VMware. In this scenario DPM can be deployed as a physical standalone server, as a Hyper-V virtual machine, or as a Windows virtual machine in VMware.
– An Azure virtual machine – You can run DPM as a virtual machine in Azure to back up cloud workloads running as Azure virtual machines.
Get the software here
Prepare Microsoft Azure Backup server to back up data by:
- Creating a Backup vault — Create a vault in the Azure Backup console.
- Downloading the vault credentials — In Azure Backup, upload the management certificate you created to the vault.
- Downloading Microsoft Azure Backup server — You can download Microsoft Azure Backup server for application workloads from the Quick Start Page of a backup vault.
Microsoft Azure Backup server inherits the functionality of Data Protection Manager (DPM) for workload backup. You will find pointers to DPM documentation for some of these capabilities. However Microsoft Azure Backup Server does not provide protection on tape or integrate with System Center.
Keep this in mind when you are using dynamic memory. this is just a warning.
Big disappointment when you where expecting just like in DPM using a External SQL server.
No you can’t you need to run SQL on the local machine. And Currently you can’t use Windows Server 2016 TP3
In order to get passed the Recommendations you need to install .Net3.5 and SIS-Limited
start /wait dism.exe /Online /Enable-feature /FeatureName:SIS-Limited /quiet /norestart
and the .Net3.5 can be installed with Powershell or GUI
and incase of trouble installing .NET3.5
Remember a reboot is needed.!
When Choosing the Installation folders you need to be careful there is a bug
When using a root install sys just change the drive letter there is a \\ instead of the \ !
Better use a folder to install the bits.
Pick a password. and the next steps will install the Azure Recovery Agent.
Azure Recovery Services Agent setup is installed but you will need the Azure Credentials for the Backup Vault
If you don’t have a backup vault you will need to create one else just save the Credentials file to a location.
Incase you did nod create a Backup Vault.
In the dashboard there is a option to download the vault credentials.
Using the Credentials and saving the encryption key to a save location. that is not the C drive !! without the key you are unable to restore anything!!
After the SQL server is installed You are almost ready to backup some files.
Supported Operating System
Windows Server 2008 R2 SP1, Windows Server 2012, Windows Server 2012 R2
Minimum: 1 GHz, dual-core CPU
Recommended: 2.33 GHz quad-core CPU
Hard Drive Space:
Disks for backup storage pool: 1.5 times size of data to be protected
Open the Azure Backup in the start menu.
when checking About you will see that this is DPM – Data Protection manager.
Now we can add some Storage and adding some Agents to the Azure Backup Vault and create a protection group.
Installing and Operating is real easy, install an agent but remember if you already installed the Azure Recovery backup Agent you need to deinstall this agent and install the DPM agent.
Here you can choose it the Protection Group needs to upload the data to Azure or leave this on premise
Also Choose what to upload to Azure. maybe the Disk is ok but the system state is only available local.
The backup schedule is as the same as in the Azure Backup
Protecting my DC. As I did use the Azure ASR backup and I had to install manually ( PowerShell – manually ) an agent with DPM you can deploy this easily in your domain.
Many more options are there in DPM / Azure Backup but this blog post get you started with backup to the cloud.
The usage of cloud is often a pain what application or server should we move to the cloud just to get the feeling. And what about backup where to store the files. Well you could move your backup to the cloud and see how this is treating you. If you have storsimple or SCDPM than you can use also the backup vaults. or save the azure backup on premise. Or simple create a backup vault.
The big difference between backup Protect On-premises workloads and Protect Azure Virtual Machines is simple in the Protect Azure Virtual Machines there is a full copy of the machine and no file selection. If you want file selection backup in Azure virtual machines you will need Protect On-premises workloads.
Funny Protect On-premises workloads for Azure Virtual machines running in Azure
all you need is an agent and a Azure Subscription go to http://manage.windowsazure.com
Setting up backup for Azure virtual machines can be achieved in three simple steps:
- Discover the machines that can be protected in the Azure Backup vault.
- Register the discovered virtual machines to Azure Backup vault.
- Protect the registered virtual machines by associating them with a policy defining backup schedule and how long you want to retain.
First we need a backup Vault keep in mind that the region of your azure VM’s must be the same as you backup vault. when you do a on premise backup there is no need for this.
In this section you can create a site recovery vault backup or a backup vault. More info about and how to setup a recovery vault https://robertsmit.wordpress.com/2014/08/27/azure-site-recovery-service-asrs-hyper-v-to-azure-recovery-mvpbuzz/ Azure Site Recovery Service #ASR #Hyper-v to #Azure #Recovery
Now that the vault is created you have two options what to backup Protect On-premises workloads or Protect Azure Virtual Machines
The Protect On-premises workloads is easy to setup First we need the vault credentials that are needed for the secure communication between on premise and azure
We save this file on the protected machine or on a file share.
And we need to download an agent and install this on every machine that we want to backup. No there is no Management suite to manage all this.
Installing the Agent and registering the Vault credentials.
Generate a passphrase or use your own but in case of a lost passphrase your backup is gone.
If the passphrase is lost or forgotten; Microsoft cannot help in recovering the backup data. The end user owns the encryption passphrase and Microsoft does not have any visibility into the passphrase which is used by the end user. Please save the file in a secure location as it would be required during a recovery operation.
When checking Azure you can see Windows Server and Azure VM to protect.
the backup tool to select files and folders to backup.
Protect Azure Virtual Machines
First we need to register items to the vault to protect. this will run a quick discovery of all your VM’s in the Region / subscription
To make sure that all items are discovered we run discover first
Successfully discovered virtual machines in the region West Europe. Please register the virtual machines to a vault of same region.
Now we are ready to register some machines to backup
I want to backup my mvpdummy01 machine
Check Protect and pick the machine and this machine is now registered
next step is to protect this VM again select the machine and your done.
Now that the machine is registered and protected we can us a default or create a custom protection level. the max setting is 99 years. why not 100 ? Guess this is not a time machine but only a backup vault that you can restore a windows server 2003 in year 2114
The Locally Redundant option maintains 3 copies of your data within the same region.
The Geo-Redundant option maintains 3 copies of your data locally and 3 copies in a secondary storage region.
The storage replication choice cannot be changed once items have been registered to the vault. Learn More
Nice and easy backup
Azure Site Recovery orchestrates replication and failover in a number of scenarios:
**On-premises Hyper-V site to Azure protection with Hyper-V replication**
Orchestrate replication, failover, and recovery from an on-premises site with one or more Hyper-V servers but without System Center VMM. Virtual machine data is replicated from a source Hyper-V host server to Azure. Read Getting started with Azure Site Recovery: Protection Between an On-Premises Hyper-V Site and Azure with Hyper-V Replication.
**On-premises VMM site to on-premises VMM site protection with Hyper-V replication**
Orchestrate replication, failover, and recovery between on-premises VMM sites. Virtual machine data is replicated from a source Hyper-V host server to a target host server. Read Getting started with Azure Site Recovery: Protection Between Two On-Premises VMM Sites with Hyper-V Replication.
**On-premises VMM site to on-premises VMM site protection with SAN replication**
Orchestrates end-to-end replication, failover, and recovery using storage array-based replication between SAN devices that host virtual machine data in source and target on-premises sites. Read Getting started with Azure Site Recovery: : Protection Between Two On-Premises VMM Sites with SAN replication.
**On-premises VMM site to Azure protection**
Orchestrate replication, failover, and recovery between an on-premises VMM site and Azure. Replicated virtual machine data is stored in Azure storage. Read Getting Started with Azure Site Recovery: Protection between an On-Premises VMM Site and Azure.
**On-premises VMWare site to on-premises VMWare site with InMage**
InMage Scout is a recent Microsoft acquisition that provides real-time replication between on-premises VMWare sites. Right now InMage is available as a separate product that’s obtained via a subscription to the Azure Site Recovery service. Read Getting Started with Azure Site Recovery: Protection between an On-Premises VMWare Sites with InMage.
In this case I’ll create a Hyper-v Replica to Azure and I used a S2S VPN check here if you need how to setup a VPN network to Azure Read
I did create a Windows backup To azure blog post Read https://robertsmit.wordpress.com/2015/02/17/azure-recovery-services-for-microsoft-azure-backup-easy-backup-to-azure-recovery-backup-asr/
And a while ago a On-premises VMM site to on-premises VMM site protection with Hyper-V replication Read https://robertsmit.wordpress.com/2014/08/27/azure-site-recovery-service-asrs-hyper-v-to-azure-recovery-mvpbuzz/
I already did the Hyper-v vs Hyper-v See my blog post. Read https://robertsmit.wordpress.com/2013/06/12/windowsazure-hyper-v-recovery-manager-azure-hyperv-recovery-msteched-tee13-draas/
So we have a network already in place an now we creating the Site Recovery vault.
Now that the vault is ready we can Select the Right option for the Configuration
select Between an on-premises Hyper-V site and Azure
The next step is creating a Hyper-V site
Create a Hyper-V site to group together one or more Hyper-V servers located in a physical location such as a branch office.
Give the Hyper-v site a name
Next step is Prepare the Hyper-V Servers
Download the Provider installation and the registration key. The registration key should be downloaded at a secure location. Run Provider setup on the Hyper-V server and register the server with the key.
In a clustered Hyper-V setup run setup & registration on each node to install the Provider and register the cluster with Azure Site Recovery.
But first we are downloading the the registration key file and the latest version of the Microsoft Azure Site Recovery Provider for Hyper-V. Download the key to a secure location that can be accessed by Hyper-V servers in the site. Run Provider setup on each Hyper-V server to install it and register the server with the key. In a Hyper-V cluster run setup on each node.
Above a simple steps and easy to do when running the Azure Site Recovery Provider another Setup will be started.
The file installs two components :
Azure Site Recovery Provider : Handles communication and orchestration between the Hyper-V server and the Azure Site Recovery portal.
Azure Recovery Services Agent : Handles data transport between virtual machines running on the source Hyper-V server and Azure storage.
I’ll use the windows Update Option
Choosing the File path location and When the installation is done I check the Continue button.
I do not us a proxy
In this step we need the Vault credential Key that we just downloaded. and put it in place The server will register in the vault and is ready to use.
In the Azure portal you can see that the Hyper-v Server is registered and connected.
For storage we need a dedicated Storage Account, If you need more IOPS then you need the proper steps to do this.
Keep in mind that the Storage account and the Azure Site Recovery vault must be in the same region.
Next step is creating a Protection Group.
Protection groups group together virtual machines that have the same protection settings.
You can Change the Replication Settings or leave them default. I changed it to speed things up.
Specify the copy frequency, and optionally set system restore points. You can also set the frequency for creating system restore points that use the Volume Snapshot Service (VSS). Specify when the initial replication should occur. If you want to conserve bandwidth, select an off-peak time.
Now that this is in place we can connect the Networks to Azure.
The Final steps are selecting a VM that is replicated to Azure
Thru the agent we see our VM’s on premise and as you can see Azure Won’t support Gen 2 VM’s so if all you vm’s are GEN 2 then abandon this recovery scenario.
A strange option the OS selection is there Windows or Linux ?
Why ? there is an agent on my hyper-v server that can read my hyper-v settings
Now that we selected the VM and in our rule is direct replication it is starting re replication.
It took me 5 min to replicate the server as you can see in the replication statistic. We are ready to test this VM.
At the bottom we select Test Failover and Select the network to use. ( as I have Multiple networks )
Testing the Replication and starting up the VM I see my DC is replicated to Azure and ready to go, as my network has a s2s connection the Dc can talk to the domain on premise ( I use a test vm for this to avoid Active directory Corruption )
the view in the Azure Virtual machines
In the Job view we need to approve that the VM is correctly working
After that I approved that the VM is working the Job will continue and delete the VM and clean up the VM.
Again tested a Azure feature that could be a life saver when you need a DR solution.