This document is a step by step guide to configuring Azure Site Recovery Services (ASR) for Cloud Solution Provider (CSP) partners. The purpose is to help service provider administrators become familiar with the process required to setup and configure the Microsoft Azure, System Center Virtual Machine Manager (VMM), and Hyper-V (HV) environment to utilize the capabilities found within the ASR service.
This version of the guide focuses on using PowerShell (PS) and Azure Resource Manager (ARM) to accomplish the configuration tasks. This guide assumes understanding of basic PowerShell concepts such as modules, cmdlets, and sessions. For more information about Windows PowerShell, please refer to the article Getting Started with Windows PowerShell. To learn more about Azure PowerShell with Azure Resource Manager, please refer to this article Using Azure PowerShell with Azure Resource Manager.
Please note that the PowerShell cmdlets are under development and changing continuously, while it transitions from ASM to ARM. Please take the time to review the latest documentation for the cmdlets used in this guide.
Please completely review the scenario, and step-by-step sections before proceeding to actual implementation. This document is authored with a lot of clarifying points and explanation of the bigger picture situation throughout. Actual steps necessary to perform the implementation are clearly marked under titles "Step X".
This version of the guide discusses the following scenarios:
Enables service providers (hosters) to help protect their tenants' virtual machines (VMs) where the VMs are hosted in the same shared infrastructure.
This scenario maps to Microsoft's default Cloud OS Network deployments.
A key requirement for this scenario is configuration of the Azure subscriptions. Both CSP and Enterprise Agreement (EA) subscriptions are required. Multiple CSP subscriptions (at least two) are required to demonstrate/validate the multi-tenant capabilities. EA equivalent subscriptions (Direct, Azure Pass, Trial) can be used if necessary.
The diagram below presents a logical view of the scenario. The diagram depicts:
Enables service providers (outsourcers) to help protect their tenant's virtual machines (VMs) where the management plane is fully dedicated to one tenant.
In the dedicated instance of the E2A scenario, only a CSP subscription is required. This simplifies the Azure requirements. However, this scenario does require a dedicated VMM infrastructure. All VMM clouds and associated objects must serve a single tenant.
The diagram below presents a logical view of the scenario. The diagram depicts:
The prerequisites and configuration steps for the Enterprise to Azure - VMM to Azure - Multi-Tenant scenario are detailed in this section. The overall process, including unique considerations for multi-tenant are summarized in this table.
STEP | Description | Multi-Tenant |
0.1 | Prerequisites - Azure | CSP & EA subscriptions |
0.2 | Prerequisites - VMM | VMM is shared |
0.3 | Prerequisites - Hyper-V | |
0.4 | Prerequisites - Network Mapping | |
0.5 | Prerequisites - PowerShell | |
1 | Configure Subscriptions & Register Providers | Extra account delegation and registration steps |
2 | Create Resource Group | Subscription context switching |
3 | Configure Site Recovery Vault | Subscription context switching |
4 | Install ASR provider | |
5 | Install MARS agent | |
6 | Configure Storage Account | Subscription context switching |
7 | Configure Cloud Protection Settings | Subscription context switching |
8 | Configure Network Mapping | Subscription context switching |
9 | Enable Protection | Subscription context switching |
10 | Validate VMM to Azure VM Protection |
One general prerequisite/requirement is administrative/owner rights for all resources.
Azure v2 (Azure Resource Manager, ARM) storage account to store data replicated to Azure. The account needs to have geo-replication enabled. As of December 2015, the storage account and the Azure Site Recovery service must be in the same Azure region. To learn more about setting up Azure storage, refer to this article Introduction to Microsoft Azure Storage.
VMs that will be protected must comply with Azure VM requirements. To learn more about Azure VM requirements, refer to this article Sizes for Virtual Machines.
All resources used to enable ASR must be in the same region. This includes the virtual networks, storage account, and resource groups. To learn more about Azure regions, refer to this article Azure Regions.
As of December 2015
System Center Virtual Machine Manager 2012 R2 with the latest Update Release and updates installed. This document was validated against VMM 2012 R2 UR7, Windows Server 2012 R2, and updates released through November 20, 2015.
At least one VMM cloud containing the VMs to be protected. The VMM cloud must include:
The VMM infrastructure can be shared amongst many tenants.
Version 5.1.1256.0 or later. The latest version can be downloaded at this link http://aka.ms/downloaddra. If the version is older, when trying to register the VMM server, an "unknown error" will occur while trying to read the certificate.
As of December 2015, do not assume the provider will be updated during the installation process. The installation step "looking for the latest version" does not update the ASR provider. Similarly, Microsoft Updates does not update the ASR provider. Manually download and install the latest version of the ASR Provider.
Windows Server 2012 R2, with the Hyper-V role enabled, and the latest updates installed is required for the Hyper-V host servers. This document was validated against VMM 2012 R2 UR7, Windows Server 2012 R2, and updates released through November 20, 2015.
For Hyper-V clusters, the cluster broker is not created automatically if using a static IP address-based cluster. Manually configure the cluster broker. Refer to the "Set up a cluster" section of this article Deploy Hyper-V Replica.
All Hyper-V host servers or clusters hosting VMs to be protected must be included in a VMM cloud.
Protected VMs must be connected to a VM network.
The VM network must be linked to a VMM logical network associated with a VMM cloud.
Replicated VMs in Azure will use this network. This network must be in the same region as the Azure Site Recovery subscription, the Resource Group, and the Storage Account. Select this network at the time of failover.
Network mapping between VM networks on the source VMM server and the target Azure networks enables:
Multiple on-premises VM networks can be mapped to a single Azure network.
If the target (Azure) network has multiple subnets, then after failover:
To learn more about network mapping, refer to the following articles:
Enabling protection of a VM will fail if the VM is not connected to a network, or if the networks are not mapped.
This version of the guide focuses on using PowerShell (PS) and Azure Resource Manager (ARM) to accomplish the configuration tasks. This guide assumes understanding of basic PowerShell concepts such as modules, cmdlets, and sessions. For more information about Windows PowerShell, please refer to the article Getting Started with Windows PowerShell. To learn more about Azure PowerShell with Azure Resource Manager, please refer to this article Using Azure PowerShell with Azure Resource Manager.
Please note that the PowerShell cmdlets are under development and changing continuously, while it transitions from ASM to ARM. Please take the time to review the latest documentation for the cmdlets used in this guide.
Windows Management Framework 5.0 is required. For Windows Server 2012 R2, WMF 5.0 must be installed. Download.
Azure PowerShell 1.0. To learn more about Azure PowerShell, refer to this article How to install and configure Azure PowerShell. Download the latest version of Azure PowerShell from https://github.com/Azure/azure-powershell/releases/tag/v1.0.1-November2015.
Several PowerShell modules are required. These modules add Azure Resource Manager (ARM) functionality to PowerShell. The latest versions of these modules are available from the PowerShell gallery. Direct links to the ASR modules:
PowerShell installation and configuration is required once on each service provider administrator's remote machine. From which all configuration steps are performed.
Install-Module AzureRM.Profile -force -Repository PSGallery*
Install-Module AzureRM -force -Repository PSGallery*
Install-Module AzureRM.Resources -force -Repository PSGallery*
Install-Module AzureRM.SiteRecovery -force -Repository PSGallery*
Install-Module AzureRM.RecoveryServices -force -Repository PSGallery*
Do not proceed until all prerequisites have been satisfied.
For the multi-tenant scenario, at least three subscriptions are required:
Login-AzureRmAccount
Get-AzureRmSubscription
Get-AzureRMSubscription returns only subscriptions attached to the logged in account. When using the CSP account (AOBO), no subscriptions are returned.
Set-AzureRmSubscription -SubscriptionID <SubscriptionID>
Set-AzureRmContext -SubscriptionID <SubscriptionID> -TenantID <TenantID>
$freetrial = <subscriptionID> # Service Provider's EA subscription
$CSP1 = <SubscriptionID> # Tenant 1's CSP subscription
$CSP2 = <SubscriptionID> # Tenant 2's CSP subscription
Register-AzureRmProviderFeature -FeatureName betaAccess -ProviderNamespace Microsoft.RecoveryServices
Register-AzureRmResourceProvider -ProviderNamespace Microsoft.RecoveryServices
Register-AzureRmResourceProvider -ProviderNamespace Microsoft.SiteRecovery
We have observed that registering the betaAccess feature can take over 30 minutes. An InvalidResourceNamespace 'Microsoft.RecoveryServices' is invalid error indicates that registration has not completed, even if the cmdlet returns "registered".
Register-AzureRmResourceProvider -ProviderNamespace Microsoft.SiteRecovery
Failing to register the SiteRecovery provider will lead to an error with linking the Storage Account, depicted below.
Get-AzureRmProviderFeature -FeatureName betaAccess -ProviderNamespace Microsoft.RecoveryServices
Get-AzureRmResourceProvider -ProviderNamespace Microsoft.RecoveryServices
Get-AzureRmResourceProvider -ProviderNamespace Microsoft.SiteRecovery
All Azure resources for a tenant's Azure Site Recovery service must be associated with the same resource group and region.
Select-AzureRmSubscription -SubscriptionID $freetrial
$ResourceGroupName = New-AzureRmResourceGroup -Name <string> -Location <string>
Select-AzureRmSubscription -SubscriptionID $CSP1
$ResourceGroupName = New-AzureRmResourceGroup -Name <string> -Location <string>
ASM cmdlets | ARM cmdlets |
AzureRMSiteRecoveryVaultSettingsFile
| AzureRmRecoveryServicesVault |
Select-AzureRmSubscription -SubscriptionID $freetrial
$Vault = New-AzurermRecoveryServicesVault -Name <string> -ResourceGroupName <string> -Location <string>
Get-AzureRmRecoveryServicsVaultSettingsFile -Vault $Vault -Path <filepath>
Import-AzureRmSiteRecoveryVaultSettingsFile -Path <filepath>
Install the ASR Provider on the VMM servers.
MD C:\ASR
PUSHD C:\ASR
.\AzureSiteRecoveryProvider.exe /x:. /q
.\SetupDr.exe /i
$BinPath = $ENV:SystemDrive + "\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin"
PUSHD $BinPath
.\DRConfigurator.exe /r /Friendlyname <VMMServerName> /Credentials <VaultSettingFilePath> /EncryptionEnabled <PathToExportCertificateFile> /startvmmservice
Example:
$BinPath = $ENV:SystemDrive + "\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin"
PUSHD $BinPath
\DRConfigurator.exe /r /Friendlyname VMM011 /Credentials D:\VaultBCDR_2015-11-26T14-37-56.VaultCredentials /EncryptionEnabled C:\temp\cert.pfx /startvmmservice
To learn more, refer to this article Set up protection between an on-premises VMM site and Azure.
Install the MARS agent on each Hyper-V host server that comprise the VMM clouds containing VMs to be protected. To learn more about installing the MARS agent on many Hyper-V host servers, please refer to this article Agent install and configuration for Hyper-V hosts when using Microsoft Azure Site Recovery for disaster recovery to Azure.
As of December 2015, the agent is not available from the new Azure portal. Please download from the v1 portal.
marsagentinstaller.exe /q /nu
Repeat the steps below for each tenant.
Select-AzureRmSubscription -SubscriptionID $CSP1
Get-AzureRmResourceProvider -ProviderNamespace Microsoft.SiteRecovery
$StorageAccountName = <FriendlyStorageAccountName>
$StorageAccountGeo = <Region>
$ResourceGroupName = <ResourceGroupName>
$RecoveryStorageAccount = New-AzureRmStorageAccount -ResourceGroupName $ResourceGroupName -Name $StorageAccountName -Type "Standard\_GRS" -Location $StorageAccountGeo
ASM cmdlets | ARM cmdlets |
AzureRMsiteRecoveryProtectionProfile | AzureRmSiteRecoveryPolicy |
Select-AzureRmSubscription -SubscriptionID $freetrial
$ReplicationFrequencyInSeconds = "300" # options are 30,300,900
$PolicyName = "replicapolicy"
$Recoverypoints = 6
$policyResult = New-AzureRmSiteRecoveryPolicy -Name ReplicaPolicy -ReplicationProvider "HyperVReplicaAzure" -ReplicationFrequencyInSeconds 300 -RecoveryPoints 6 -ApplicationConsistentSnapshotFrequencyInHours 1 -RecoveryAzureStorageAccountId $recoverystorageaccount.Id
Validate creation of the replication policy using the $Policyresult variable and the Get-AzureRmSiteRecoveryPolicy cmdlet.
$PrimaryCloud = <NameOfTheVMMCloud>
$protectionContainer = Get-AzureRmSiteRecoveryProtectionContainer -FriendlyName $PrimaryCloud
Example:
$PrimaryCloud = "testcloud"
$protectionContainer = Get-AzureRmSiteRecoveryProtectionContainer –FriendlyName $PrimaryCloud
$PolicyRslt = Get-AzureRmSiteRecoveryPolicy
$associationJob = Start-AzureRmSiteRecoveryPolicyAssociationJob -Policy $PolicyRslt -PrimaryProtectionContainer $protectionContainer
Get-AzureRMSiteRecoveryJob -name $AssocationJob.Name
Repeat this section for each tenant.
Select-AzureRmSubscription -SubscriptionID $freetrial
$Servers = Get-AzureRmSiteRecoveryServer
$Networks = Get-AzureRmSiteRecoveryNetwork -Server $Servers[0]
Review the network names returned. Note the index offset of the correct network name in the $Network[] array.
Select-AzureRmSubscription -SubscriptionID $CSP1
$AzureVmNetworks = Get-AzureRmVirtualNetwork
Review the network names returned. Note the index offset of the correct network name in the $AzureVmNetworks[] array.
Select-AzureRmSubscription -SubscriptionID $freetrial
$networks
$AzureVMNetworks
New-AzureRmSiteRecoveryNetworkMapping -PrimaryNetwork $Networks[2] -AzureVMNetworkId $AzureVmNetworks[0].Id
The network mapping cmdlet will map random networks if the specific networks are not defined.
For the two tenants in this example, the end result will look like this
To enable protection the operating system and operating system disk properties must be set for the virtual machine. These can be set when creating VMs using a virtual machine template. These can also be configured for existing VMs on the General and Hardware Configuration tabs of the VM properties page.
Repeat this section for each tenant.
Select-AzureRmSubscription -SubscriptionID $freetrial
$primaryCloud = <VMM cloud name>
$ProtectionContainer = Get-AzureRmSiteRecoveryProtectionContainer -FriendlyName $primaryCloud
$Vmname = <Name of the VM>
$vm = Get-AzureRmSiteRecoveryProtectionEntity -ProtectionContainer
$protectioncontainer -FriendlyName $vmname
Select-AzureRmSubscription -SubscriptionID $CSP1
$RecoveryStorageAccount = Get-AzureRmStorageAccount
Select-AzureRmSubscription -SubscriptionID $freetrial
Set-AzureRmSiteRecoveryProtectionEntity -ProtectionEntity $VM -Protection Enable -Policy $PolicyRslt -RecoveryAzureStorageAccountId $RecoveryStorageAccount.ID -Force
Get-AzureRmSiteRecoveryJob -name <JobID>
Get-AzureRmSiteRecoveryProtectionEntity -ProtectionContainer $ProtectionContainer -FriendlyName $VMName
More detail is available from the Hyper-V server.
More detail is available from the VMM console.
If desired, the target VM size can be modified after protection has been enabled.
Get-AzureRmVMSize -Location "Brazil South" | Select-Object Name $targetVM = Get-AzureRmSiteRecoveryVM -FriendlyName <string> -ProtectionContainer <ASRProtectionContainer> Set-AzureRmSiteRecoveryVM -VirtualMachine $targetVM -Size "Standard\_D3"
Test configuration of VM protection by running a test failover. Test failover simulates failover and recovery mechanism in an isolated network.
$jobIDResult = Start-AzureRmSiteRecoveryPlannedFailoverJob -Direction PrimaryToRecovery -ProtectionEntity $VM
Get-AzureRmSiteRecoveryJob –Name <JobID>
For failed jobs, detailed error messages can be retrieved.
$Job = get-azureRMsiteRecoveryJob -name <jobName>
$job.Errors[x].ServiceErrorDetails
Start-AzureRmSiteRecoveryCommitFailoverJob -ProtectionEntity $VM
These are the mappings done for each of the two tenants
VMM settings:
Azure portal view of the two machines
The disks of the two machines, in different Storage Accounts, which are in different Azure Subscriptions (CSP created)
Configuration of the Step-By-Step - Enterprise to Azure - VMM to Azure - Multi-Tenant scenario is complete
The prerequisites and configuration steps for the Enterprise to Azure - VMM to Azure - Dedicated VMM scenario are detailed in this section. The overall process, including unique considerations for dedicated VMM are summarized in this table.
STEP | Description | Multi-Tenant |
0.1 | Prerequisites - Azure | CSP subscription only |
0.2 | Prerequisites - VMM | VMM dedicated to a single tenant |
0.3 | Prerequisites - Hyper-V | |
0.4 | Prerequisites - Network Mapping | |
0.5 | Prerequisites - PowerShell | |
1 | Configure Subscriptions & Register Providers | |
2 | Create Resource Group | |
3 | Configure Site Recovery Vault | |
4 | Install ASR provider | |
5 | Install MARS agent | |
6 | Configure Storage Account | |
7 | Configure Cloud Protection Settings | |
8 | Configure Network Mapping | |
9 | Enable Protection | |
10 | Validate VMM to Azure VM Protection |
Azure v2 (Azure Resource Manager, ARM) storage account to store data replicated to Azure. The account needs to have geo-replication enabled. As of December 2015, the storage account and the Azure Site Recovery service must be in the same Azure region. To learn more about setting up Azure storage, refer to this article Introduction to Microsoft Azure Storage.
VMs that will be protected must comply with Azure VM requirements. To learn more about Azure VM requirements, refer to this article Sizes for Virtual Machines.
All resources used to enable ASR must be in the same region. This includes the virtual networks, storage account, and resource groups. To learn more about Azure regions, refer to this article Azure Regions.
As of December 2015
System Center Virtual Machine Manager 2012 R2 with the latest Update Release and updates installed. This document was validated against VMM 2012 R2 UR7, Windows Server 2012 R2, and updates released through November 20, 2015.
At least one VMM cloud containing the VMs to be protected. The VMM cloud must include:
The VMM infrastructure must be dedicated to a single tenant.
Version 5.1.1256.0 or later. The latest version can be downloaded at this link http://aka.ms/downloaddra. If the version is older, when trying to register the VMM server, an "unknown error" will occur while trying to read the certificate.
As of December 2015, do not assume the provider will be updated during the installation process. The installation step "looking for the latest version" does not update the ASR provider. Similarly, Microsoft Updates does not update the ASR provider. Manually downlaod and install the latest version of the ASR Provider.
Windows Server 2012 R2, with the Hyper-V role enabled, and the latest updates installed is required for the Hyper-V host servers. This document was validated against VMM 2012 R2 UR7, Windows Server 2012 R2, and updates released through November 20, 2015.
For Hyper-V clusters, the cluster broker is not created automatically if using a static IP address-based cluster. Manually configure the cluster broker. Refer to the "Set up a cluster" section of this article Deploy Hyper-V Replica.
All Hyper-V host servers or clusters hosting VMs to be protected must be included in a VMM cloud.
Protected VMs must be connected to a VM network.
The VM network must be linked to a VMM logical network associated with a VMM cloud.
Replicated VMs in Azure will use this network. This network must be in the same region as the Azure Site Recovery subscription, the Resource Group, and the Storage Account. Select this network at the time of failover.
Network mapping between VM networks on the source VMM server and the target Azure networks enables:
To learn more about network mapping, refer to the following articles:
Enabling protection of a VM will fail if the VM is not connected to a network, or if the networks are not mapped.
This version of the guide focuses on using PowerShell (PS) and Azure Resource Manager (ARM) to accomplish the configuration tasks. This guide assumes understanding of basic PowerShell concepts such as modules, cmdlets, and sessions. For more information about Windows PowerShell, please refer to the article Getting Started with Windows PowerShell. To learn more about Azure PowerShell with Azure Resource Manager, please refer to this article Using Azure PowerShell with Azure Resource Manager.
Please note that the PowerShell cmdlets are under development and changing continuously, while it transitions from ASM to ARM. Please take the time to review the latest documentation for the cmdlets used in this guide.
Windows Management Framework 5.0 is required. For Windows Server 2012 R2, WMF 5.0 must be installed. Download.
Azure PowerShell 1.0. To learn more about Azure PowerShell, refer to this article How to install and configure Azure PowerShell. Download the latest version of Azure PowerShell from https://github.com/Azure/azure-powershell/releases/tag/v1.0.1-November2015.
Several PowerShell modules are required. These modules add Azure Resource Manager (ARM) functionality to PowerShell. The latest versions of these modules are available from the PowerShell gallery. Direct links to the ASR modules:
PowerShell installation and configuration is required once on each service provider administrator's remote machine. From which all configuration steps are performed.
Install-Module AzureRM.Profile -force -Repository PSGallery*
Install-Module AzureRM -force -Repository PSGallery*
Install-Module AzureRM.Resources -force -Repository PSGallery*
Install-Module AzureRM.SiteRecovery -force -Repository PSGallery*
Install-Module AzureRM.RecoveryServices -force -Repository PSGallery*
Do not proceed until all prerequisites have been satisfied.
For the dedicated VMM scenario, only the CSP subscription is required. No context switching is required.
Login-AzureRmAccount
Get-AzureRMSubscription returns only subscriptions attached to the logged in account. When using the CSP account (AOBO), no subscriptions are returned.
Set-AzureRmContext -SubscriptionID <SubscriptionID> -TenantID <MicrosoftID>
Get-AzureRmContext
Register-AzureRmProviderFeature -FeatureName betaAccess -ProviderNamespace Microsoft.RecoveryServices
Register-AzureRmResourceProvider -ProviderNamespace Microsoft.RecoveryServices
Register-AzureRmResourceProvider -ProviderNamespace Microsoft.SiteRecovery
We have observed that registering the betaAccess feature can take over 30 minutes. An InvalidResourceNamespace 'Microsoft.RecoveryServices' is invalid error indicates that registration has not completed, even if the cmdlet returns "registered".
Failing to register the SiteRecovery provider will lead to an error with linking the Storage Account, depicted below.
Get-AzureRmProviderFeature -FeatureName betaAccess -ProviderNamespace Microsoft.RecoveryServices
Get-AzureRmResourceProvider -ProviderNamespace Microsoft.RecoveryServices
Get-AzureRmResourceProvider -ProviderNamespace Microsoft.SiteRecovery
All Azure resources for a tenant's Azure Site Recovery service must be associated with the same resource group and region.
$ResourceGroupName = New-AzureRmResourceGroup -Name <string> -Location <string>
ASM cmdlets | ARM cmdlets |
AzureRMSiteRecoveryVaultSettingsFile
| AzureRmRecoveryServicesVault |
$Vault = New-AzurermRecoveryServicesVault -Name <string> -ResourceGroupName <string> -Location <string>
Get-AzureRmRecoveryServicsVaultSettingsFile -Vault $Vault -Path <filepath>
Import-AzureRmSiteRecoveryVaultSettingsFile -Path <filepath>
Install the ASR Provider on the VMM servers.
MD C:\ASR
PUSHD C:\ASR
.\AzureSiteRecoveryProvider.exe /x:. /q
.\SetupDr.exe /i
$BinPath = $ENV:SystemDrive + "\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin"
PUSHD $BinPath
.\DRConfigurator.exe /r /Friendlyname <VMMServerName> /Credentials <VaultSettingFilePath> /EncryptionEnabled <PathToExportCertificateFile> /startvmmservice
Example:
$BinPath = $ENV:SystemDrive + "\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin"
PUSHD $BinPath
\DRConfigurator.exe /r /Friendlyname VMM011 /Credentials D:\VaultBCDR_2015-11-26T14-37-56.VaultCredentials /EncryptionEnabled C:\temp\cert.pfx /startvmmservice
To learn more, refer to this article Set up protection between an on-premises VMM site and Azure.
Install the MARS agent on each Hyper-V host server that comprise the VMM clouds containing VMs to be protected. To learn more about installing the MARS agent on many Hyper-V host servers, please refer to this article Agent install and configuration for Hyper-V hosts when using Microsoft Azure Site Recovery for disaster recovery to Azure.
As of December 2015, the agent is not available from the new Azure portal. Please download from the v1 portal.
marsagentinstaller.exe /q /nu
$StorageAccountName = <FriendlyStorageAccountName>
$StorageAccountGeo = <Region>
$ResourceGroupName = <ResourceGroupName>
$RecoveryStorageAccount = New-AzureRmStorageAccount -ResourceGroupName $ResourceGroupName -Name $StorageAccountName -Type "Standard\_GRS" -Location $StorageAccountGeo
ASM cmdlets | ARM cmdlets |
AzureRMsiteRecoveryProtectionProfile | AzureRmSiteRecoveryPolicy |
$ReplicationFrequencyInSeconds = "300" # options are 30,300,900
$PolicyName = "replicapolicy"
$Recoverypoints = 6
$policyResult = New-AzureRmSiteRecoveryPolicy -Name ReplicaPolicy -ReplicationProvider "HyperVReplicaAzure" -ReplicationFrequencyInSeconds 300 -RecoveryPoints 6 -ApplicationConsistentSnapshotFrequencyInHours 1 -RecoveryAzureStorageAccountId $recoverystorageaccount.Id
Validate creation of the replication policy using the $Policyresult variable and the Get-AzureRmSiteRecoveryPolicy cmdlet.
$PrimaryCloud = <NameOfTheVMMCloud>
$protectionContainer = Get-AzureRmSiteRecoveryProtectionContainer -FriendlyName $PrimaryCloud
Example:
$PrimaryCloud = "testcloud"
$protectionContainer = Get-AzureRmSiteRecoveryProtectionContainer –FriendlyName $PrimaryCloud
$PolicyRslt = Get-AzureRmSiteRecoveryPolicy
$associationJob = Start-AzureRmSiteRecoveryPolicyAssociationJob -Policy $PolicyRslt -PrimaryProtectionContainer $protectionContainer
Get-AzureRMSiteRecoveryJob -name $AssocationJob.Name
$Servers = Get-AzureRmSiteRecoveryServer
$Networks = Get-AzureRmSiteRecoveryNetwork -Server $Servers[0]
Review the network names returned. Note the index offset of the correct network name in the $Network[] array.
$AzureVmNetworks = Get-AzureRmVirtualNetwork
Review the network names returned. Note the index offset of the correct network name in the $AzureVmNetworks[] array.
$networks
$AzureVMNetworks
New-AzureRmSiteRecoveryNetworkMapping -PrimaryNetwork $Networks[2] -AzureVMNetworkId $AzureVmNetworks[0].Id
The network mapping cmdlet will map random networks if the specific networks are not defined.
The end result can be checked by running the "Get-AzureRMSiteRecoveryNetworkMappping"
To enable protection the operating system and operating system disk properties must be set for the virtual machine. These can be set when creating VMs using a virtual machine template. These can also be configured for existing VMs on the General and Hardware Configuration tabs of the VM properties page.
$primaryCloud = <VMM cloud name>
$ProtectionContainer = Get-AzureRmSiteRecoveryProtectionContainer -FriendlyName $primaryCloud
$Vmname = <Name of the VM>
$vm = Get-AzureRmSiteRecoveryProtectionEntity -ProtectionContainer
$protectioncontainer -FriendlyName $vmname
$RecoveryStorageAccount = Get-AzureRmStorageAccount
Select-AzureRmSubscription -SubscriptionID $freetrial
Set-AzureRmSiteRecoveryProtectionEntity -ProtectionEntity $VM -Protection
Enable -Policy $PolicyRslt -RecoveryAzureStorageAccountId $RecoveryStorageAccount.ID -Force
Get-AzureRmSiteRecoveryJob -name <JobID>
Get-AzureRmSiteRecoveryProtectionEntity -ProtectionContainer $ProtectionContainer -FriendlyName $VMName
More detail is available from the Hyper-V server.
More detail is available from the VMM console.
If desired, the target VM size can be modified after protection has been enabled.
Get-AzureRmVMSize -Location "Brazil South" | Select-Object Name $targetVM = Get-AzureRmSiteRecoveryVM -FriendlyName <string> -ProtectionContainer <ASRProtectionContainer> Set-AzureRmSiteRecoveryVM -VirtualMachine $targetVM -Size "Standard\_D3"
Test configuration of VM protection by running a test failover. Test failover simulates failover and recovery mechanism in an isolated network.
$jobIDResult = Start-AzureRmSiteRecoveryPlannedFailoverJob -Direction PrimaryToRecovery -ProtectionEntity $VM
Get-AzureRmSiteRecoveryJob –Name <JobID>
For failed jobs, detailed error messages can be retrieved.
$Job = get-azureRMsiteRecoveryJob -name <jobName>
$job.Errors[x].ServiceErrorDetails
Start-AzureRmSiteRecoveryCommitFailoverJob -ProtectionEntity $VM
These are the mappings done for each of the two tenants
VMM settings:
Azure portal view of the two machines
The disks of the two machines, in different Storage Accounts, which are in different Azure Subscriptions (CSP created)
Configuration of the Step-By-Step - Enterprise to Azure - VMM to Azure - Dedicated VMM scenario is complete
Removing the Site Recovery Vault is not a normal action. It might perhaps be useful to clean up dev/test environments. It is not required when deprovisioning a specific tenant. To remove the Vault
$vault = Get-AzureRmSiteRecoveryVault -Name <vault name>
Remove-AzureRmRecoveryServicesVault -Vault $vault