mountainss Cloud and Datacenter Management Blog

Microsoft SystemCenter blogsite about virtualization on-premises and Cloud

Set up protection between on-premises #VMware virtual machines or physical servers and #Azure #HybridCloud

Leave a comment


asrvmware_arch

Azure Site Recovery contributes to your business continuity and disaster recovery (BCDR) strategy by orchestrating replication, failover and recovery of virtual machines and physical servers. Read about possible deployment scenarios in the Azure Site Recovery overview.

This walkthrough describes how to deploy Site Recovery to:

  • Protect on-premises VMware virtual machines to Azure
  • Protect on-premises physical Windows and Linux servers to Azure

Business advantages include:

  • Protection of physical Windows or Linux servers.
  • Simple replication, failover, and recovery using the Azure Site Recovery portal.
  • Data replication over the Internet, a site-to-site VPN connection, or over Azure ExpressRoute.
  • Failback (restore) from Azure to an on-premises VMware infrastructure.
  • Simplified discovery of VMware virtual machines.
  • Multi VM consistency so that virtual machines and physical servers running specific workloads can be recovered together to a consistent data point.
  • Recovery plans for simplified failover and recovery of workloads tiered over multiple machines.

Deployment components

  • On-premises machines—Your on-premises site has machines that you want to protect. These are either virtual machines running on a VMware hypervisor, or physical servers running Windows or Linux.
  • On-premises process server—Protected machines send replication data to the on-premises process server. The process server performs a number of actions on that data. It optimizes it before sending it on to the master target server in Azure. It has a disk-based cache to cache replication data that it receives. It also handles push installation of the Mobility Service which must be installed on each virtual machine or physical server you want to protect, and performs automatic discovery of VMware vCenter servers. The process server is a virtual or physical server running Windows Server 2012 R2. We recommend it’s placed on the same network and LAN segment as the machines that you want to protect, but it can run on a different network as long as protected machines have L3 network visibility to it. During deploy you’ll set up the process server and register it to the configuration server.
  • Azure Site Recovery vault—The vault coordinates and orchestrates data replica, failover, and recovery between your on-premises site and Azure.
  • Azure configuration server—The configuration server coordinates communication between protected machines, the process server, and master target servers in Azure. It sets up replication and coordinates recovery in Azure when failover occurs. The configuration server runs on an Azure Standard A3 virtual machine in your Azure subscription. During deployment you’ll set up the server and register it to the Azure Site Recovery vault.
  • Master target server—The master target server in Azure holds replicated data from your protected machines using attached VHDs created on blob storage in your Azure storage account. You deploy it as an Azure virtual machine as a Windows server based on a Windows Server 2012 R2 gallery image (to protect Windows machines) or as a Linux server based on a OpenLogic CentOS 6.6 gallery image (to protect Linux machines). Two sizing options are available – standard A3 and standard D14. The server is connected to the same Azure network as the configuration server. During deployment you’ll create the server and register it to the configuration server.
  • Mobility service—You install the Mobility service on each VMware virtual machine or Windows/Linux physical server that you want to protect. The service sends replication data to the process server, which in turn sends it to the master target server in Azure. The process server can automatically install the Mobility service on protected machines, or you can deploy the service manually using your internal software deployment process.
  • Data communication and replication channel—There are a couple of options. Note that neither option requires you to open any inbound network ports on protected machines. All network communication is initiated from the on-premises site.
    • Over the Internet—Communicates and replicates data from protected on-premises servers and Azure over a secure public internet connection. This is the default option.
    • VPN/ExpressRoute—Communicates and replicates data between on-premises servers and Azure over a VPN connection. You’ll need to set up a site-to-site VPN or an ExpressRoute connection between the on-premises site and your Azure network.

Here you find the Microsoft Step-by-Step blogpost to Set up protection between on-premises VMware virtual machines or physical servers and Azure

Advertisements

Author: James van den Berg

I'm Microsoft Architect and ICT Specialist and Microsoft MVP System Center Cloud and Datacenter Management

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s