Set up disaster recovery for Hyper-V VMs to a secondary on-premises site
The Azure Site Recovery service contributes to your disaster recovery strategy by managing and orchestrating replication, failover, and failback of on-premises machines, and Azure virtual machines (VMs).
This article shows you how to set up disaster recovery to a secondary site, for on-premises Hyper-V VMs managed in System Center Virtual Machine Manager (VMM) clouds. In this article, you learn how to:
- Prepare on-premises VMM servers and Hyper-V hosts
- Create a Recovery Services vault for Site Recovery
- Set up the source and target replication environments.
- Set up network mapping
- Create a replication policy
- Enable replication for a VM
To complete this scenario:
- Review the scenario architecture and components.
- Make sure that VMM servers and Hyper-V hosts comply with support requirements.
- Check that VMs you want to replicate comply with replicated machine support.
- Prepare VMM servers for network mapping.
Prepare for network mapping
Network mapping maps between on-premises VMM VM networks in source and target clouds. Mapping does the following:
- Connects VMs to appropriate target VM networks after failover.
- Optimally places replica VMs on target Hyper-V host servers.
- If you don’t configure network mapping, replica VMs won’t be connected to a VM network after failover.
Prepare VMM as follows:
- Make sure you have VMM logical networks on the source and target VMM servers.
- The logical network on the source server should be associated with the source cloud in which Hyper-V hosts are located.
- The logical network on the target server should be associated with the target cloud.
- Make sure you have VM networks on the source and target VMM servers. VM networks should be linked to the logical network in each location.
- Connect VMs on the source Hyper-V hosts to the source VM network.
Create a Recovery Services vault
- Sign in to the Azure portal > Recovery Services.
- Click Create a resource > Monitoring + Management > Backup and Site Recovery.
- In Name, specify a friendly name to identify the vault. If you have more than one subscription, select the appropriate one.
- Create a resource group, or select an existing one. Specify an Azure region.
To quickly access the vault from the dashboard, click Pin to dashboard > Create.
The new vault will appear on the Dashboard > All resources, and on the main Recovery Services vaults page.
Choose a protection goal
Select what you want to replicate and where you want to replicate to.
- Click Site Recovery > Step 1: Prepare Infrastructure > Protection goal.
- Select To recovery site, and select Yes, with Hyper-V.
- Select Yes to indicate you're using VMM to manage the Hyper-V hosts.
- Select Yes if you have a secondary VMM server. If you're deploying replication between clouds on a single VMM server, click No. Then click OK.
Set up the source environment
Install the Azure Site Recovery Provider on VMM servers, and discover and register servers in the vault.
- Click Prepare Infrastructure > Source.
- In Prepare source, click + VMM to add a VMM server.
- In Add Server, check that System Center VMM server appears in Server type.
- Download the Azure Site Recovery Provider installation file.
Download the registration key. You need this when you install the Provider. The key is valid for five days after you generate it.
Install the Provider on each VMM server. You don't need to explicitly install anything on Hyper-V hosts.
Install the Azure Site Recovery Provider
- Run the Provider setup file on each VMM server. If VMM is deployed in a cluster, install for the first time as follows:
- Install the Provider on an active node, and finish the installation to register the VMM server in the vault.
- Then, install the Provider on the other nodes. Cluster nodes should all run the same version of the Provider.
- Setup runs a few prerequisite checks, and requests permission to stop the VMM service. The VMM service will be restarted automatically when setup finishes. If you install on a VMM cluster, you're prompted to stop the Cluster role.
- In Microsoft Update, you can opt in to specify that provider updates are installed in accordance with your Microsoft Update policy.
- In Installation, accept or modify the default installation location, and click Install.
After installation is complete, click Register to register the server in the vault.
- In Vault name, verify the name of the vault in which the server will be registered. Click Next.
- In Proxy Connection, specify how the Provider running on the VMM server connects to Azure.
- You can specify that the provider should connect directly to the internet, or via a proxy. Specify proxy settings as needed.
- If you use a proxy, a VMM RunAs account (DRAProxyAccount) is created automatically, using the specified proxy credentials. Configure the proxy server so that this account can authenticate successfully. The RunAs account settings can be modified in the VMM console > Settings > Security > Run As Accounts.
- Restart the VMM service to update changes.
- In Registration Key, select the key that you downloaded and copied to the VMM server.
- The encryption setting isn't relevant in this scenario.
- In Server name, specify a friendly name to identify the VMM server in the vault. In a cluster, specify the VMM cluster role name.
- In Synchronize cloud metadata, select whether you want to synchronize metadata for all clouds on the VMM server. This action only needs to happen once on each server. If you don't want to synchronize all clouds, leave this setting unchecked. You can synchronize each cloud individually, in the cloud properties in the VMM console.
- Click Next to complete the process. After registration, Site Recovery retrieves metadata from the VMM server. The server is displayed in Servers > VMM Servers in the vault.
- After the server appears in the vault, in Source > Prepare source select the VMM server, and select the cloud in which the Hyper-V host is located. Then click OK.
Set up the target environment
Select the target VMM server and cloud:
- Click Prepare infrastructure > Target, and select the target VMM server.
VMM clouds that are synchronized with Site Recovery are displayed. Select the target cloud.
Set up a replication policy
Before you start, make sure that all hosts using the policy have the same operating system. If hosts are running different versions of Windows Server, you need multiple replication policies.
- To create a new replication policy, click Prepare infrastructure > Replication Settings > +Create and associate.
- In Create and associate policy, specify a policy name. The source and target type should be Hyper-V.
- In Hyper-V host version, select which operating system is running on the host.
- In Authentication type and Authentication port, specify how traffic is authenticated between the primary and recovery Hyper-V host servers.
- Select Certificate unless you have a working Kerberos environment. Azure Site Recovery will automatically configure certificates for HTTPS authentication. You don't need to do anything manually.
- By default, port 8083 and 8084 (for certificates) will be opened in the Windows Firewall on the Hyper-V host servers.
- If you do select Kerberos, a Kerberos ticket will be used for mutual authentication of the host servers. Kerberos is only relevant for Hyper-V host servers running on Windows Server 2012 R2 or later.
- In Copy frequency, specify how often you want to replicate delta data after the initial replication (every 30 seconds, 5 or 15 minutes).
- In Recovery point retention, specify \how long (in hours) the retention window will be for each recovery point. Replicated machines can be recovered to any point within a window.
- In App-consistent snapshot frequency, specify how frequently (1-12 hours) recovery points containing application-consistent snapshots are created. Hyper-V uses two types of snapshots:
- Standard snapshot: Provides an incremental snapshot of the entire virtual machine.
- App-consistent snapshot: Takes a point-in-time snapshot of the application data inside the VM. Volume Shadow Copy Service (VSS) ensures that apps are in a consistent state when the snapshot is taken. Enabling application-consistent snapshots, affects app performance on source VMs. Set a value that's less than the number of additional recovery points you configure.
- In Data transfer compression, specify whether transferred replication data should be compressed.
- Select Delete replica VM, to specify that the replica virtual machine should be deleted if you disable protection for the source VM. If you enable this setting, when you disable protection for the source VM it's removed from the Site Recovery console, Site Recovery settings for the VMM are removed from the VMM console, and the replica is deleted.
In Initial replication method, if you're replicating over the network, specify whether to start the initial replication or schedule it. To save network bandwidth, you might want to schedule it outside your busy hours. Then click OK.
The new policy is automatically associated with the VMM cloud. In Replication policy, click OK.
- Click Replicate application > Source.
- In Source, select the VMM server, and the cloud in which the Hyper-V hosts you want to replicate are located. Then click OK.
- In Target, verify the secondary VMM server and cloud.
- In Virtual machines, select the VMs you want to protect from the list.
You can track progress of the Enable Protection action in Jobs > Site Recovery jobs. After the Finalize Protection job completes, the initial replication is complete, and the VM is ready for failover.