Danny Newport / Stephane - PowerPoint Presentation

Danny Newport / Stephane Budo Protecting Your VMware VM’s to Azure Using Microsoft Azure Site Recovery INF334B

Azure Site Recovery Azure Backup Enterprise Mobility Suite Operations Management Suite

Agenda PowerPoint Demo More PowerPoint

DR; how do YOU do it?

Options for DR Don’t bother – it’s all just too hard (and expensive) Backups and offsite tape storage Redundant secondary DC Active / Active across DC’s with additional capacity Cloud based, capacity on demand, automated, PAYG

C ommon DR strategies Ostrich DR What disaster, I don’t see no disaster That sort of thing doesn’t happen here… Check box DR Phew! The CIO is off my back God I hope this works! <Insert prayer here>Plan B = seek.com.au Iron Mountain DRWe have off-site tapes; I reckon I could get everything stood up in a week or 2 or 3 or 4…

What you’re really planning for Patch Tuesday gone wrong Network outage Misconfiguration Power outages Terrorism About 60% of all BC / DR events are caused by human error

BC / DR quick facts Loss of Data & Service Organizations experience 4+ disruptions each year Recovery times range from 1hr to 9hrs Cost of Disruption Average cost of the disruption is $1.5M/hour 4 in 10 businesses do not reopen after a major disaster Brand & Equity Loss of reputation is often irreparable Customer trust and brand severely impacted Compliance Clients want to partner with orgs that have BCDR in place Protection & recovery is a key tenet for compliance

Business Continuity Challenges Impact of data and application growth Higher costs as data size and number of virtual machines increase Complexity of protecting data and applications Business Continuity Long data-retention requirements Time-intensive media management Roadblock Untested disaster recovery and decreasing recovery confidence Too much data—often with insufficient protection

Business Continuity Solutions Bypassing the obstacles Too much data—often with insufficient protection Roadblock Costs scale with data size and number of VMs Protecting data and applications is complex Business Continuity Long data retention requirements Time-intensive media management Roadblock Untested DR and decreasing recovery confidence Integrate solutions which scale with data and VMs Eliminate media management Achieve cost and operations stability Increase breadth and depth of protection Implement testable solutions Automate, automate, automate

What is Azure Site Recovery (ASR)? The Azure Site Recovery service contributes to a robust business continuity and disaster recovery (BCDR) solution that protects your on-premises physical servers and virtual machines by orchestrating and automating replication and failover to Azure, or to a secondary on-premises datacentre.

Features Cost effective Replicate to Azure Blob Storage and only pay for compute during test failovers or an actual DR recovery event Workload-aware replication for heterogeneous environments Seamless protection for VMware, Hyper-V, and physical machines Discovery of VMware vSphere ESXi virtual machinesSupport for VMware vCenter ServerProtection for bare-metal and hosted server workloadsDiscovery based on IP addressContinuous Data Protection (CDP) Near-zero Recovery Point Objective (RPO) and Recovery Time Objective (RTO) of minutes

Features Support for public Internet and private networks Replicate data with or without Azure ExpressRoute Workload-aware recovery with Recovery Plans Optimize RTO with Azure AutomationFailback to on-premises VMware infrastructureFailback to physical server in the roadmap Health monitoringEvent reporting and e-mail notifications

Key definitions RTO How long can I afford to have my systems offline for RPO How much data can I afford to lose in the process

Orchestration and replication Microsoft Azure Site Recovery Enterprise & HSP primary site Windows Server Protect your applications On-premises to Microsoft Azure protection with Azure Site Recovery Orchestration and replication Microsoft Azure Site Recovery Enterprise, SMB & HSP primary site VMware/Physical vCenter Server Key features include: Use Azure as your disaster recovery site Automated VM protection and replication Remote health monitoring Customizable recovery plans No-impact recovery plan testing Orchestrated recovery of tiered applications Support for heterogeneous environments New : Replication into Azure for SMBs and remote branch offices without System Center Orchestration and replication Microsoft Azure Site Recovery SMB & branch primary site Windows Server Hyper-V

Protect your applications On-premises to on-premises protection with Azure Site Recovery Microsoft Azure Site Recovery Communication channel Replication channel: host-based or SAN-based Primary site Windows Server Recovery site Windows Server Microsoft Azure Site Recovery Download ASR components Replication and orchestration channel: guest-based Primary site VMware/Physical Recovery site VMware Agent Agent Key features include: Automated VM protection and replication Remote health monitoring Customizable recovery plans Integration with available investments No-impact recovery plan testing Orchestrated recovery of tiered applications Support for heterogeneous environments

Deployment Architecture Microsoft Azure Data Channel Microsoft Azure Site Recovery Process Server – Used for Caching, Compression & Encryption Config Server – Used for Centralized Management Master Target – Used as a repository & for retention Source: VMware VMs & Physical Machines Process Server Customer 1 Process Server Customer 2 Source: VMware VMs & Physical Machines Mobility Service – Captures all data writes from memory Microsoft Azure Customer 1 Customer 2 Target: Microsoft Azure

Prerequisites Infrastructure requirements when enabling protection for VMware and physical machines Process Server – Used for Caching, Compression & Encryption Config Server – Used for Centralized Management Master Target – Used as a repository & for retention On-premises Deployed in customer’s Azure subscription Windows Server 2012 R2 physical or virtual machine Same network as source machines VMware vSphere CLI 5.5 for automatic discovery of VMware vSphere ESXi VMs Sufficient resources in customer’s subscription Deploy the following in the same region Azure virtual network Geo-redundant Azure Storage account Azure Site Recovery vault Standard A3 Configuration Server Standard A4, D14 or DS4 Master Target Servers

Azure Traffic Manager Microsoft Azure Microsoft Azure Target: Microsoft Azure Azure Traffic Manager http ://asrsp02.vigilant.it/ Primary Secondary Web SQL SQL Web

Demo Stephane Budo – Vigilant

Summary of Actions Customer selects recovery region CREATE VAULT 1 Define recovery plan CREATE RECOVERY PLAN 7Register vCenter ServerREGISTER 4 Replicate disks to Azure PROTECT VIRTUAL MACHINES 6 View step-by-step guidance QUICK START 2 Infrastructure servers neededSETUP SERVERS (CS, MT, PS) 3 Perform failover FAILOVER TO AZURE 8 Define protection policy CONFIGURE PROTECTION 5

ASR requirements (VMware to Azure DR) Network connectivity from Source Site to Azure Process Server to Configuration Server (https 443 - outbound ) Process Server to Master Target (TCP 9443 and 9080 – outbound) Mobility Service to Configuration Server (https 443 – outbound) Network bandwidth to Azure Use Capacity Planner for infrastructure requirementsEnable protection in batches & can leverage ExpressRoute To control network replication traffic you can implement QoS policy for Process ServerSource InfrastructureVM and VMware tools inside the VM, should be running. WMI and File and Print Sharing are enabled in firewall – More Info Supported vSphere CLI on Process Server – More InfoAccount for vCenter discovery should have necessary permissions – More Info

Azure Prerequisites Subscription with sufficient resources Following in the same region Azure virtual network Geo Redundant Storage account Azure Site Recovery vault Standard A3 Configuration Server Standard A4, D14 or DS4 Master Target ServersSource machines comply with Azure VM requirements Disk count – maximum of 31 disks per protected source machineDisk sizes – individual disk capacity not more than 1023 GBClustering – clustered servers not supportedBoot – UEFI / EFI boot not supportedVolumes – BitLocker encrypted volumes not supported

Windows Source Machine Prerequisites Operating systems (64-bit) Windows Server 2012 R2 Windows Server 2012 Windows Server 2008 R2 with Service Pack 1 Storage No dynamic disk support Single or multiple NICs All NICs on protected Azure VMs can be assigned to Azure VNETs

Linux Source Machine Prerequisites Operating systems (64-bit) CentOS 6.4 / 6.5 / 6.6 Oracle Linux 6.4 / 6.5 SUSE Linux Enterprise Server (SLES) 11 Service Pack 3 Storage File systems - EXT3 / EXT4 / ReiserFS / XFSMultipath software – Device Mapper-MultipathVolume manager – LVM2Physical servers with HP CCISS controller storage not supported Single NICFor multi-NIC source machines, only one NIC on protected Azure VM can be assigned to Azure VNET

Common Source Machine Prerequisites Source machines turned on ASR-guest based replication requires running source machines Remote Desktop or Secure Shell enabled For connectivity to recovered Azure VMs

Capacity Planning

Azure Capacity Planning tool Key Inputs No. of VMs and Size (Overall IR) Average Churn rate (Daily delta replication) Peak Churn # VMs/batch How long we can wait for IR (IR Window) Key OutputsInitial network bandwidth (For IR)Average network bandwidth (For delta replication)Peaks – TradeoffsConfigurations and Units for Process Server, Master Target and Configuration Servers

Azure Capacity Planning - Compute Configuration Server Single Standard A3 VM manages up to ~750 protected source machine volumes Assuming average three volumes per source machine, single Configuration Server scales to ~250 protected machines Master Target Server Two Master Target Server VM sizes Standard A4 -16 data disks Standard D14 - 32 data disks One disk on every Master Target Server reserved for retentionMaximum protected disks per standard A4 =15 and per standard D14 = 31Better scale out economics with multiple standard A4 Master Target Servers Recommend using standard D14 only if single source machine has greater than 15 total disksWindows sources need Windows Master Target Servers, Linux sources need Linux Master Target Servers

Capacity Planning – Component Servers Component Deployed Azure instances Cores Memory Max disks Disk size Configuration serverStandard A347 GB8 1023 GB Master target serverStandard A4814 GB161023 GB Standard D1416112 GB321023 GB Standard DS4828 GB161023 GB

Azure Capacity Planning - Storage Storage accounts provisioning Single Master Target Server can span multiple storage accounts One disk is required for its operating system and at least one for retention disk/sOne or more for replicated data disksASR-guest based replication has a ~2.5 IOPS multiplier on the Azure subscriptionFor every source I/O, two I/Os issued on replicated data disk and ~0.5 I/O issued on retention diskEvery standard Azure storage account supports maximum 20000 IOPS Best practice to provision new storage account for every 8000-10000 source machine IOPS

Capacity Planning – Process Server

Fail- back to VMware on- prem Reverse the process Process server in Azure Master Target server on prem Need to use vContinuum (Inmage component) tools to fail back Step by step here https:// azure.microsoft.com/en-us/documentation/articles/site-recovery-failback-azure-to-vmwareBUT; why would you…

Migration to Azure with ASR

Migration to Azure with ASR Microsoft Migration Accelerator functionality now available in ASR All source types supported in ASR VMware vSphere ESXi VMs Hyper-V VMs Physical machines Amazon Web Services VMsAzure VMs cross-regionFeedback incorporated from Migration Accelerator PreviewAutomated deployment of infrastructure components No inbound ports needed on-premisesEnhanced push installation of mobility service to source machinesConsistent, unified experience in Azure with ASR portalSecurity, scale, and quality improvements

ASR Resources

ASR Resources Blog Pricing Guide Service Updates Documentation Center VMware to Azure - step by step User Voice

Stephane Budo Danny Newport www.cubesys.com.au/ignite Questions

Complete your session evaluation on My Ignite for your chance to win one of many daily prizes.

Continue your Ignite learning path Visit Microsoft Virtual Academy for free online training visit https:// www.microsoftvirtualacademy.com Visit Channel 9 to access a wide range of Microsoft training and event recordings https://channel9.msdn.com/Head to the TechNet Eval Centre to download trials of the latest Microsoft products http://Microsoft.com/en-us/evalcenter/