Azure Site Recovery Step by Step: Configuring and Testing a Recovery Plan

Author

Reads 1.3K

Emergency tents set up in Gaziantep for disaster relief efforts, featuring chairs and trees.
Credit: pexels.com, Emergency tents set up in Gaziantep for disaster relief efforts, featuring chairs and trees.

To configure and test a recovery plan in Azure Site Recovery, you'll need to create a recovery plan and add VMs to it. This involves selecting the VMs you want to recover and specifying the recovery point and time.

First, create a recovery plan in the Azure portal, which is the central location for managing your Azure resources. A recovery plan is a collection of recovery tasks that are executed together.

Next, select the VMs you want to add to your recovery plan, which can be virtual machines, physical servers, or even other Azure resources. You can filter the list of available VMs by name, location, or other criteria.

Now, specify the recovery point and time for each VM, which determines when the VM will be recovered and what data will be used for the recovery. You can choose from a range of recovery points, including the latest, a specific point in time, or a daily snapshot.

You might enjoy: Point to Point Vpn Azure

Prerequisites

Credit: youtube.com, Azure Site Recovery Setup Step by Step Demo | VM Replication Tutorial

To start setting up Azure Site Recovery, you need to meet certain prerequisites.

First, make sure you understand the architecture and components for this scenario. You should also review the support requirements for all components.

It's essential to ensure that the servers you want to replicate comply with Azure VM requirements.

You'll need to prepare Azure by getting an Azure subscription, an Azure virtual network, and a storage account.

Additionally, prepare an account for automatic installation of the Mobility service on each server you want to replicate.

Here are the key requirements to keep in mind:

  • Make sure you understand the architecture and components.
  • Review the support requirements for all components.
  • Ensure servers comply with Azure VM requirements.
  • Prepare Azure subscription, virtual network, and storage account.
  • Prepare an account for automatic installation of the Mobility service.

Network Setup

To set up an Azure network for Azure Site Recovery, you'll need to create a virtual network in the same region as your Recovery Services vault. This virtual network will be used to connect your Azure VMs after failover.

The virtual network should be created with a unique name within the Azure resource group, and its address space should be defined. For example, you can use the address space 10.1.0.0/16.

Credit: youtube.com, Azure Site Recovery Setup Step by Step Demo | Azure Disaster Recovery | VM Replication

To create the virtual network, follow these steps: In the Azure portal, select Create a resource > Networking > Virtual network. Then, enter a name for the network, and specify its address space. Make sure to select the same region as your Recovery Services vault.

You'll also need to create a subnet within the virtual network. The subnet name should be unique, and its address range should be defined. For example, you can use the address range 10.1.0.0/24.

Here's a summary of the virtual network settings:

VMs that you want to replicate need outbound network connectivity. To set up VM connectivity, ensure that the virtual network has the necessary outbound connectivity.

Vault Configuration

To create a Recovery Services vault, sign in to the Azure portal and select Recovery Services vaults from the search results.

In the Azure portal, you can also click on +Create a resource and search for Recovery in the Marketplace.

See what others are reading: Recovery Services Vault Azure

Credit: youtube.com, Azure Site Recovery: vault configuration

Select Backup and Site Recovery, and then click Create to initiate the vault creation process.

To create the vault, you'll need to specify a friendly name, select an existing resource group or create a new one, and choose the region where the vault will be located.

Here are the details you'll need to provide:

  • Subscription: Select the subscription in which to create the vault.
  • Resource group: Select an existing resource group or create a new one.
  • Vault name: Specify a friendly name to identify the vault.
  • Region: Select the Azure region in which to place the vault.

After creating the vault, you can pin it to your dashboard for quick reference and access it from there.

Grant Vault Permissions

To grant the necessary permissions to your Recovery Services vault, you'll need to ensure that the managed identity has the required permissions to the cache storage accounts. This includes creating the storage account in advance and using the same for enabling replication.

The type of storage account you're using will determine the specific role permissions you need to grant. For Resource Manager-based storage accounts, you'll need to ensure that the managed identity has the following permissions:

  • For Standard Type storage accounts: Resource Manager based storage accounts (Standard Type)
  • For Premium Type storage accounts: Resource Manager based storage accounts (Premium Type)

Make sure to verify and modify your Azure role-based access control (Azure RBAC) permissions to ensure that your account has the necessary permissions for replicating VMs to Azure. This will help you avoid any issues with replication.

Register Configuration Server

Credit: youtube.com, EVault Server Protection - Registering an Agent to the Vault using WinCC

To register the configuration server, you'll need to follow these steps. First, turn on the VM from the VMware vSphere Client console.

The VM will boot up into a Windows Server 2016 installation experience, where you'll need to accept the license agreement and enter an administrator password. After installation finishes, sign in to the VM as the administrator.

The first time you sign in, the Azure Site Recovery Configuration Tool will start within a few seconds. Provide a Computer Name and click on Next.

The tool will check that the VM can connect to Azure, and after the connection is established, click on Sign in to sign in to your Azure subscription. The credentials must have access to the vault in which you want to register the configuration server.

The tool will perform some configuration tasks and then reboot the machine. Sign in to the machine again, and in a few seconds, the Configuration Server Management Wizard will start automatically.

Note: To ensure a smooth process, assign a static IP to the VM Site Recovery Configuration Server.

Target Settings

Credit: youtube.com, Azure Site Recovery | A Complete Guide to Azure Disaster Recovery (ASR)

To set up your target settings in Azure Site Recovery, select the Azure subscription you want to use. This will be the subscription where your VMs will be created during disaster recovery.

Under the Post-failover deployment model, specify the target deployment model. Only Resource Manager deployment model should be selected, as Classic deployment model will be deprecated by March 1, 2023.

You can check the last discovered time for your servers in Configuration Servers > Last Contact At to monitor their status. To add machines without waiting for a scheduled discovery time, highlight the configuration server and click Refresh.

Here are the steps to set up your target settings in Azure Site Recovery:

  1. Select the Azure subscription you want to use.
  2. Specify the target deployment model as Resource Manager.
  3. Highlight the configuration server and click Refresh to add machines without waiting for a scheduled discovery time.

Target Settings

To set up target settings for Azure Site Recovery, start by selecting the Azure subscription you want to use. You'll need to choose the subscription from the drop-down menu under the Subscription section.

Under Post-failover deployment model, specify the target deployment model. Only Resource Manager deployment model should be selected, as Classic deployment model will be deprecated by March 1, 2023. This ensures that your setup is compatible with future updates.

Detailed view of a black data storage unit highlighting modern technology and data management.
Credit: pexels.com, Detailed view of a black data storage unit highlighting modern technology and data management.

Next, click Next to proceed to the Replication policy tab. Here, you can review the replication settings and make any necessary adjustments. Site Recovery creates default settings for the target region, but you can choose to use the High Churn option to protect VMs with high data change rates.

To do this, go to Storage > View/edit storage configuration > Churn for the VM and select the High Churn option. This will allow you to use a Premium Block Blob type of storage account.

Readers also liked: Azure Storage Exploere

Account for Auto Discovery

To set up an account for auto discovery, you need to create a role at the vCenter level. Give the role a name such as Azure_Site_Recovery.

Site Recovery needs at least a read-only account to automatically discover VMs, and an account that can run operations such as creating and removing disks, and powering on VMs to orchestrate replication, failover, and failback.

To use a dedicated account, create a user on the vCenter server or vSphere host and assign the role to the user.

Here are the required permissions for the Azure_Site_Recovery role:

Infrastructure

Credit: youtube.com, Overview of Azure Site Recovery

Before setting up disaster recovery for physical VMware machines in Azure, it's essential to prepare the infrastructure. This is a crucial step to ensure a smooth process.

To prepare the infrastructure, you'll need to select the Recovery Services vault name, which in this scenario is ArnaudVMVault. Then, navigate to the Getting Started section and select Site Recovery, followed by Prepare Infrastructure.

The next step is to configure the protection goal, where you'll specify the location of your machines and the replication destination. You'll need to select On-premises as the location of your machines and To Azure as the replication destination. Additionally, you'll need to indicate that you're not performing a migration and that your machines are virtualized with VMware vSphere Hypervisor.

IP Address Range Connectivity

IP Address Range Connectivity is crucial for Azure infrastructure. You need to allow communication to Azure URLs over HTTPS (443) port for proper functioning.

To simplify and limit the IP ranges, it's recommended that URL filtering is done. This can be achieved by allowing the Azure Datacenter IP Ranges and the HTTPS (443) port. Additionally, allow IP address ranges for the Azure region of your subscription to support Microsoft Entra ID, Backup, Replication, and Storage URLs.

Credit: youtube.com, IP addressing and Subnetting | CIDR | Subnet | TechTerms

For Commercial IPs, allow the Azure Datacenter IP Ranges and the HTTPS (443) port. Allow IP address ranges for the Azure region of your subscription to support Microsoft Entra ID, Backup, Replication, and Storage URLs.

For Government IPs, allow the Azure Government Datacenter IP Ranges and the HTTPS (443) port for all USGov Regions (Virginia, Texas, Arizona, and Iowa) to support Microsoft Entra ID, Backup, Replication, and Storage URLs.

If you're using network security groups (NSGs) to control connectivity, create a service-tag based NSG rules that allow HTTPS outbound to port 443 for these service tags:

Set Up Appliance

To set up an Azure Site Recovery replication appliance, you need to prepare your infrastructure, starting with setting up the appliance itself on the on-premises environment.

You'll want to make sure you have the necessary setup in place to channel mobility agent communications, which involves setting up an Azure Site Recovery replication appliance.

Credit: youtube.com, StarWind HyperConverged Appliance: Turnkey Hyperconverged Setup for Virtualization Infrastructure

This appliance will act as a central hub for mobility agent communications, allowing you to replicate your data and applications to the cloud.

To get started, you'll need to follow the instructions for setting up the Azure Site Recovery replication appliance, which involves installing and configuring the necessary software and hardware.

The Azure Site Recovery replication appliance will then take care of replicating your data and applications to the cloud, allowing you to recover quickly in case of an outage or disaster.

Infrastructure

To set up disaster recovery for physical VMware machines in Azure, you need to prepare the infrastructure first. This involves selecting the right tools and configurations to ensure a smooth process.

In Azure, you can create a Recovery Services vault, which is a central location for managing disaster recovery operations. For this scenario, I'm using a vault named ArnaudVMVault.

To prepare the infrastructure, you'll need to follow these steps:

  • Select the vault name in Recovery Services vaults.
  • Select Prepare Infrastructure in the Getting Started section.
  • Choose On-premises as the location of your machines.
  • Select To Azure as the destination for replication.
  • Choose No for Are you performing a migration.
  • Select Yes, with VMware vSphere Hypervisor for Are your machines virtualized.

By following these steps, you'll be able to set up the infrastructure needed for disaster recovery of physical VMware machines in Azure.

On-Premises VMware Servers

Credit: youtube.com, Migrate Virtual Machines On-Premise to Azure Cloud | VMware Cloud Migration Azure | Step by Step

To protect your on-premises VMware servers, you'll need to set up disaster recovery to Azure. This involves creating a Recovery Services vault and configuring the Azure Site Recovery replication appliance.

In the Azure portal, select the vault name and then go to the Getting Started section, where you'll select Site Recovery and then Prepare Infrastructure. You'll need to specify the location of your machines and where you want to replicate them.

To enable replication, you'll need to add an Azure Site Recovery replication appliance to the vault. This appliance will be used to discover and protect your VMware VMs. You'll also need to ensure that the pre-requisites across storage and networking are met.

Here are the permissions required for automatic discovery:

To create the account, you'll need to create a role at the vCenter level, give it a name like Azure_Site_Recovery, and assign the required permissions. You'll also need to create a user on the vCenter server or vSphere host and assign the role to that user.

Once you've enabled replication, you can select the machine type you want to protect and choose the vCenter server added to the Azure Site Recovery replication appliance. You'll then need to select the source machine name and provide the replication appliance and VM credentials.

Set Up for On-Premises VMs

Credit: youtube.com, Migrate Virtual Machines On-Premise to Azure Cloud | VMware Cloud Migration Azure | Step by Step

To set up disaster recovery for on-premises VMware VMs, you need to prepare the infrastructure. This includes setting up an Azure Site Recovery replication appliance on the on-premises environment to channel mobility agent communications.

You'll need to ensure that your subscription has enough resources in the target region to create VMs with sizes that match the VMs in the source region. Site Recovery doesn't support using an authentication proxy to control network connectivity.

Before you start, you'll need to set up VM connectivity, making sure that the VMs you want to replicate have outbound network connectivity.

To register the configuration server, you'll need to set up a VM with a Windows Server 2016 installation experience, and then sign in to the VM as the administrator. The Azure Site Recovery Configuration Tool will start automatically, and you'll need to provide a Computer Name and sign in to your Azure subscription.

Assign a static IP to the VM Site Recovery Configuration Server to ensure a stable connection.

Credit: youtube.com, Azure Essentials: Integrating Azure with On-Prem infrastructure

To prepare an account for automatic discovery, you'll need to create a role at the vCenter level, give it a name like Azure_Site_Recovery, and assign the necessary permissions. Create a user on the vCenter server or vSphere host and assign the role to the user.

Here's a summary of the required permissions:

To select the VMs, you can choose up to 10 VMs in the Virtual machines section, and then select Next to proceed.

Frequently Asked Questions

What is the difference between Azure Backup and site recovery?

Azure Backup focuses on backing up files and VM snapshots, while Azure Site Recovery prioritizes replicating active VM images between zones/regions for fast disaster recovery. This difference in focus helps you choose the right tool for your specific backup and disaster recovery needs.

How long does Azure site recovery take?

Azure Site Recovery typically fails over virtual machines within minutes, but its Recovery Time Objective (RTO) is one hour. Review the failover job to see the actual time it took to bring up a virtual machine.

Melba Kovacek

Writer

Melba Kovacek is a seasoned writer with a passion for shedding light on the complexities of modern technology. Her writing career spans a diverse range of topics, with a focus on exploring the intricacies of cloud services and their impact on users. With a keen eye for detail and a knack for simplifying complex concepts, Melba has established herself as a trusted voice in the tech journalism community.

Love What You Read? Stay Updated!

Join our community for insights, tips, and more.