Tutorial: Set up Protection Between On-Premises VMM Sites
Azure Site Recovery contributes to your business continuity and disaster recovery (BCDR) strategy by orchestrating replication, failover and recovery of virtual machines in a number of deployment scenarios.
This tutorial describes how to deploy Azure Site Recovery to orchestrate and automate protection for workloads running on an on-premises VMM site to another on-premises VMM site using Hyper-V Replica. The tutorial uses the quickest deployment path and default settings where possible.
Make sure you have everything in place before you begin the tutorial.
- Azure account—You'll need an Azure account. If you don't have one, see Azure free trial. Get pricing information at Azure Site Recovery Manager Pricing Details.
- VMM server—You'll need at least one VMM server running on System Center 2012 SP1 or System Center 2012 R2.
- VMM clouds—You should have at least one cloud on the source VMM server you want to protect, and one on the target VMM server. If you're running one VMM server it'll need two clouds. The primary cloud you want to protect must contain the following:
- One or more VMM host groups
- One or more Hyper-V host servers or clusters in each host group.
- One or more virtual machines located on the source Hyper-V server in the cloud.
- **Networks**—You can optionally configure network mapping to ensure that replica virtual machines are optimally placed on Hyper-V host servers after failover, and that they can connect to appropriate VM networks. When network mapping is enabled, a virtual machine at the primary location will be connected to a network and its replica at the target location will be connected to its mapped network. If you don’t configure network mapping virtual machines won’t be connected to VM networks after failover. This tutorial describes the simplest walkthrough settings and doesn't include network mapping but you can read more at:
After verifying the prerequisites, do the following:
Step 1: Create a vault
Sign in to the Management Portal.
Expand Data Services, expand Recovery Services, and click Site Recovery Vault.
Click Create New and then click Quick Create.
In Name, enter a friendly name to identify the vault.
In Region, select the geographic region for the vault. To check supported regions see Geographic Availability in Azure Site Recovery Pricing Details
Click Create vault.
Check the status bar to confirm that the vault was successfully created. The vault will be listed as Active on the main Recovery Services page.
Step 2: Configure the vault
In the Recovery Services page, click the vault to open the Quick Start page. Quick Start can also be opened at any time using the icon.
In the dropdown list, select Between two on-premises Hyper-V sites.
In Prepare VMM Servers, click Generate registration key file. The key is valid for 5 days after it's generated. Copy the file to the VMM server. You'll need it when you set up the Provider.
Step 3: Install the Azure Site Recovery Provider
On the Quick Start page, in Prepare VMM servers, click Download Microsoft Azure Site Recovery Provider for installation on VMM servers to obtain the latest version of the Provider installation file.
Run this file on the source and target VMM servers.
In Pre-requirements Check select to stop the VMM service to begin Provider setup. The service stops and will restart automatically when setup finishes.
In Microsoft Update you can opt in for updates. With this setting enabled Provider updates will be installed according to your Microsoft Update policy.
After the Provider is installed continue setup to register the server in the vault.
On the Internet Connection page specify how the Provider running on the VMM server connects to the Internet. select Use default system proxy settings to use the default Internet connection settings configured on the server.
In Registration Key, select that you downloaded from Azure Site Recovery and copied to the VMM server.
In Vault name, verify the name of the vault in which the server will be registered.
In Server name, specify a friendly name to identify the VMM server in the vault.
In Initial cloud metadata sync select whether you want to synchronize metadata for all clouds on the VMM server with the vault. This action only needs to happen once on each server. If you don't want to synchronize all clouds, you can leave this setting unchecked and synchronize each cloud individually in the cloud properties in the VMM console.
In Data Encryption you generate a certificate that's used to encrypt data protected in Azure. This option isn’t relevant for the scenario described in this tutorial.
Click Register to complete the process. After registration, metadata from the VMM server is retrieved by Azure Site Recovery. The server is displayed on the Resources tab on the Servers page in the vault.
Step 4: Configure cloud protection settings
After VMM servers are registered, you can configure cloud protection settings. You enabled the option Synchronize cloud data with the vault when you installed the Provider so all clouds on the VMM server will appear in the Protected Items tab in the vault.
- On the Quick Start page, click Set up protection for VMM clouds.
- On the Protected Items tab, select the cloud that you want to configure and go to the Configuration tab. Note that:
- In Target, select VMM.
- In Target location, select the on-site VMM server that manages the cloud you want to use for recovery.
In Target cloud, select the target cloud you want to use for failover of virtual machines in the source cloud. Note that:
- We recommend that you select a target cloud that meets recovery requirements for the virtual machines you'll protect.
- A cloud can only belong to a single cloud pair — either as a primary or a target cloud.
In Copy frequency leave the default setting. This value specifies how frequently data should be synchronized between source and target locations. It's only relevant when the Hyper-V host is running Windows Server 2012 R2. For other servers a default setting of five minutes is used.
In Additional recovery points, leave the default setting. This value specifies whether you want to create addition recovery points.The default zero value specifies that only the latest recovery point for a primary virtual machine is stored on a replica host server.
In Frequency of application-consistent snapshots, leave the default setting. This value specifies how often to create snapshots. Snapshots use Volume Shadow Copy Service (VSS) to ensure that applications are in a consistent state when the snapshot is taken. If you do want to set this value for the tutorial walkthrough, ensure that it is set to less than the number of additional recovery points you configure.
In Data transfer compressed, specify whether replicated data that is transferred should be compressed.
In Authentication, specify how traffic is authenticated between the primary and recovery Hyper-V host servers. For the purpose of this walkthrough select HTTPS unless you have a working Kerberos environment configured. Azure Site Recovery will automatically configure certificates for HTTPS authentication. No manual configuration is required. Note that this setting is only relevant for Hyper-V host servers running on Windows Server 2012 R2.
In Port, leave the default setting. This value sets the port number on which the source and target Hyper-V host computers listen for replication traffic.
In Replication method, specify how the initial replication of data from source to target locations will be handled, before regular replication starts.
- Over network—Copying data over the network can be time-consuming and resource-intensive. We recommend that you use this option if the cloud contains virtual machines with relatively small virtual hard disks, and if the primary VMM server is connected to the secondary VMM server over a connection with wide bandwidth. You can specify that the copy should start immediately, or select a time. If you use network replication, we recommend that you schedule it during off-peak hours.
- Offline—This method specifies that the initial replication will be performed using external media. It's useful if you want to avoid degradation in network performance, or for geographically remote locations. To use this method you specify the export location on the source cloud, and the import location on the target cloud. When you enable protection for a virtual machine, the virtual hard disk is copied to the specified export location. You send it to the target site, and copy it to the import location. The system copies the imported information to the replica virtual machines. For a complete list of offline replication prerequisites, see Step 3: Configure protection settings for VMM clouds in the Deployment Guide.
Select Delete Replica Virtual Machine to specify that the replica virtual machine should be deleted if you stop protecting the virtual machine by selecting the Delete protection for the virtual machine option on the Virtual Machines tab of the cloud properties. With this setting enabled, when you disable protection the virtual machine is removed from Azure Site Recovery, the Site Recovery settings for the virtual machine are removed in the VMM console, and the replica is deleted.
After you save the settings a job will be created and can be monitored on the Jobs tab. All Hyper-V host servers in the VMM source cloud will be configured for replication. Cloud settings can be modified on the Configure tab. If you want to modify the target location or target cloud you must remove the cloud configuration, and then reconfigure the cloud.
Step 5: Configure storage mapping
This tutorial describes the simplest path to deploy Azure Site Recovery in a test environment. If you do want to configure storage mapping as part of this tutorial, follow the steps to Configure storage mapping in the deployment guide.
Step 6: Enable virtual machine protection
After servers, clouds, and networks are configured correctly, you can enable protection for virtual machines in the cloud.
- On the Virtual Machines tab in the cloud in which the virtual machine is located, click Enable protection and then select Add virtual machines.
- From the list of virtual machines in the cloud, select the one you want to protect.
Track progress of the Enable Protection action in the **Jobs** tab, including the initial replication. After the Finalize Protection job runs the virtual machine is ready for failover. After protection is enabled and virtual machines are replicated, you’ll be able to view them in Azure.
Step 7: Test the deployment
Test your deployment to make sure virtual machines and data fail over as expected. To do this you'll create a recovery plan by selecting replication groups.Then run a test failover on the plan.
- On the Recovery Plans tab, click Create Recovery Plan.
Specify a name for the recovery plan, and source and target VMM servers. The source server must have virtual machines that are enabled for failover and recovery. Select Hyper-V to view only clouds that are configured for Hyper-V replication.
In Select Virtual Machine, select replication groups. All virtual machines associated with the replication group will be selected and added to the recovery plan. These virtual machines are added to the recovery plan default group—Group 1. you can add more groups if required. Note that after replication virtual machines will start up in accordance with the order of the recovery plan groups.
After a recovery plan has been created, it appears in the list on the Recovery Plans tab.
On the Recovery Plans tab, select the plan and click Test Failover.
On the Confirm Test Failover page, select None. Note that with this option enabled the failed over replica virtual machines won't be connected to any network. This will test that the virtual machine fails over as expected but does not test your replication network environment. If you want to run a more comprehensive test failover see Test an on-premises deployment on MSDN.
The test virtual machine will be created on the same host as the host on which the replica virtual machine exists. It isn’t added to the cloud in which the replica virtual machine is located.
After replication the replica virtual machine will have an IP address that isn’t the same as the IP address of the primary virtual machine. If you're issuing addresses from DHCP then DNS will be updated automatically. If you're not using DHCP and you want to make sure the addresses are the same you'll need to run a couple of scripts.
Run this sample script to retrieve the IP address. $vm = Get-SCVirtualMachine -Name $na = $vm.VirtualNetworkAdapters> $ip = Get-SCIPAddress -GrantToObjectID $na.id $ip.address
Run this sample script to update DNS, specifying the IP address you retrieved using the previous sample script.
[string]$Zone, [string]$name, [string]$IP ) $Record = Get-DnsServerResourceRecord -ZoneName $zone -Name $name $newrecord = $record.clone() $newrecord.RecordData.IPv4Address = $IP Set-DnsServerResourceRecord -zonename com -OldInputObject $record -NewInputObject $Newrecord
You can use the Jobs tab and Dashboard to view and monitor the main jobs performed by the Azure Site Recovery vault, including configuring protection for a cloud, enabling and disabling protection for a virtual machine, running a failover (planned, unplanned, or test), and committing an unplanned failover.
From the Jobs tab you view jobs, drill down into job details and errors, run job queries to retrieve jobs that match specific criteria, export jobs to Excel, and restart failed jobs.
From the Dashboard you can download the latest versions of Provider and Agent installation files, get configuration information for the vault, see the number of virtual machines that have protection managed by the vault, see recent jobs, manage the vault certificate, and resynchronize virtual machines.
For more information about interacting with jobs and the dashboard, see the Operations and Monitoring Guide.