High availability and disaster recovery are key components of an Enterprise’s IT environment. While more and more companies are adopting Hyper-V on Server 2012 R2 for their private cloud solution, this session will show you how you can leverage on the power of Microsoft Azure, for building a Hyper-V based disaster recovery datacenter. That’s right! You can migrate your in-house VM’s to Microsoft Azure, guaranteeing uptime and availability of the machine and the applications to your end-users. Learn how to achieve this in this session that are full of live demos
ICT role in 21st century education and its challenges
ITPROCEED_TransformTheDatacenter_Leveraging the power of Microsoft Azure to build your Hyper-V disaster recovery datacenter in 50min
1. Leveraging the power of Microsoft Azure to
build your Hyper-V disaster recovery
datacenter… in 50min
Peter De Tender @pdtit #itproceed
Tweet and win an Ignite 2016 ticket #itproceed
7. How to stay calm when the lights go
out…
Panic…
Turn
on….
8.
9. “Familiar” DR Solutions
• Storage replication
• Stretch cluster using
single vLAN with single
address space
• Active / passive
• Dynamic incoming
connection failover
Effective, although expensive to
deploy and maintain
Normally tied to hardware vendor
specific technologies
Difficult to perform partial failovers
Stretch cluster – Single vLAN
DataCenter 1
Fault-tolerant data storage
Compute nodes
SAN replication
DataCenter 2
Fault-tolerant data storage
Compute nodes
Geo-Load Balancing
11. • Historically challenging
– Complicated solutions
– Required end-to-end planning and design
– Vendor lock-in
– In most cases “pretty” expensive
• Commodity solutions are now in the market
– Public cloud offerings
– OPEX vs. CAPEX for your DR = it’s way cheaper!!!!
Reasons to reconsider your DR today
12. - Monthly scheduled reboots “maintenance plan”
- Backup or long term data solution
(but having a backup already helps… )
- “I can blame it on the IT guy anyway”
D/R is not…
15. Microsoft D/R solutions
Hyper-V Failover
Clusteringfor VM
Resilience
Hyper-V GuestClusteringfor app-
levelHA, i.e. SQL ServerAlwaysOn FCI
Centralizedbackup with
Data ProtectionManager
Simplified protectionwith
Windows ServerBackup
Integrationof WSB/DPM
with Microsoft Azure Backup
OrchestratedPhysical, Hyper-V &
VMware VM Replication&
Recovery using Azure SiteRecovery,
betweenon-premises locations,or
between on-premises & Microsoft
Azure
17. Introducing Azure Backup
Simple and reliable
data backup to the
cloud
• Offsite FILES & FOLDERS data protection in Microsoft
Azure storage
• Integrated with existing data protection tools
• Coolest integration with Server Essentials Experience
• Efficient use of resources
Azure Backup enhances Microsoft backup tools with cloud backup capabilities
18. Introducing Backup to Azure
Simple and reliable
server backup to the
cloud
• Offsite FULL SYSTEM BACKUPS data protection in
Microsoft Azure storage
• Integrated with existing data protection tools
• Efficient use of resources
Azure Backup enhances Microsoft backup tools with cloud backup capabilities
19. When to Choose Backup to Azure
Already using System Center Data Protection
Manager or any other Backup-to-Disk solution?
Azure Backup integrates easily
Small business or branch office?
Azure Backup integrates with the in-box Windows
Server backup tool
20. How Azure Backup Works
4. Backup
2. Install Agent
1. Sign Up
Window Server 2012
R2 5. Recover - to the same or a different server
Encrypted Data
21. How Azure Backup Works
4. Backup
2. Install Agent
1. Sign Up
DPM or
3rd party
5. Recover - to the same or a different server
Encrypted Data
25. Primary Site
Azure Site Recovery (ASR) Initially
Secondary Site
Extensible Data Channel
(Hyper-V Replica)
Azure Site Recovery
26. Primary Site
Azure Site Recovery (ASR) Today
Secondary Site
Extensible Data Channel
(Hyper-V Replica)
Azure Site Recovery
27. Primary Site
Azure Site Recovery (ASR) Today
Secondary Site
can just be
Azure!!
Extensible Data Channel
(Hyper-V Replica)
Azure Site Recovery
28. ASR Deployment Options
On-prem Hyper-V hosts On-prem Hyper-V hosts On-prem Hyper-V hosts
1. On-Prem to On-Prem
• SC VMM required at
all locations
• Direct routable access
between each site (to
allow HVR to
replicate)
• Secondary and
territory replication
targets supported
• Recovery plans
managed by yourself
• Failover managed by
yourself
29. ASR Deployment Options
On-prem Hyper-V hosts
2. On-Prem to Azure • SC VMM required at
primary location
• ASR plug-in installed
in all Hyper-V hosts to
allow replication to
and from Azure
• Recovery plans
managed by yourself
• Failover managed by
yourself
30. ASR Deployment Options
On-prem Hyper-V hosts Service provider
3. On-Prem to validated service provider
• SC VMM required at
primary location
• Publishing of Hyper-V
hosts required to
allow replication
• Recovery plans
managed by service
provider
• Failover managed by
service provider
31. Azure Site Recovery Manager
• Protect important services by
coordinating replication and recovery of
VMM-managed private clouds
• Automates replication of VMs within clouds
between sites
• Hyper-V Replica provides replication,
orchestrated by Azure Site Recovery Manager
• Can be used for planned, unplanned and
testing failover between sites
• Integrate with scripts for customization of
recovery plans
Orchestrate protection and
recovery of private clouds
32. Azure Site Recovery – Step-by-Step
Step 1 : Create a vault Create an Azure Site Recovery vault.
Step 2 : Create a Hyper-V Site Create a Hyper-V site as a logical container for all the Hyper-V servers that contain virtual
machines you want to protect.
Step 3 : Prepare Hyper-V Servers Generate a registration key and download the Provider setup file. You run the file on each
Hyper-V server in the site and select the key to register the server in the vault.
Step 4 : Prepare Resources Create an Azure storage account to store replicated virtual machines.
Step 5 : Create and configure Protection Groups Create a protection group and apply protection settings to it. The protection settings will be
applied to every virtual machine you add to the group.
Step 6 : Enable Protection for VM’s Enable protection for virtual machines by adding them to a protection group.
Step 7 : Test Deployment Run a test failover for a virtual machine.
33. Microsoft Azure Site Recovery
How it works: initial configuration
System Center
Virtual Machine
Manager
Windows Azure Backup is a new service in Windows Azure. In a nutshell, it provides customers the ability to store backups offsite in storage provided by Windows Azure.
It integrates with Microsoft backup tools, both the in-box Windows Server backup tool and the System Center Data Protection Manager product, as well as being driven by PowerShell scripting.
By integrating into these existing tools, Windows Azure Backup delivers simple and reliable server backup to the cloud for customers.
Windows Azure Backup is a new service in Windows Azure. In a nutshell, it provides customers the ability to store backups offsite in storage provided by Windows Azure.
It integrates with Microsoft backup tools, both the in-box Windows Server backup tool and the System Center Data Protection Manager product, as well as being driven by PowerShell scripting.
By integrating into these existing tools, Windows Azure Backup delivers simple and reliable server backup to the cloud for customers.
When can you use Windows Azure Backup?
If you’re already using System Center Data Protection Manager, you can start using Windows Azure Backup today – it integrates with System Center Data Protection Manager.
If you’re a small business or branch office and have a small number of servers to protect, Windows Azure Backup integrates with the in-box Windows Server backup tools you may already be using.
Windows Azure Backup is suitable for any workload, file servers, SharePoint®, SQL, Exchange, or others. Windows Azure Backup integrates with Windows Server technologies to make this happen.
From the previous slide we’ve seen that Windows Azure Backup is suitable for a variety of organizations and workloads. Let’s look at how Windows Azure Backup works in more detail, starting with how to use Windows Azure Backup today in a small business environment or branch office.
As previously mentioned, if you have a small number of servers and you want to protect the data they hold using the built-in tools, the process to configure Windows Azure Backup is relatively simple.
[FIRST CLICK]
First, sign up for a Windows Azure account. This will provide you access to the Windows Azure Management Portal. From there, you can select the Recovery services option and add the Windows Azure Backup service to your account.
[SECOND CLICK]
The next step involves an exchange of data. We’ll cover the certificate part later on in the security section, but for now the important part is the installation of the agent on the server or servers that you want to register to use the Windows Azure Backup service.
[THIRD CLICK]
As mentioned, the Windows Azure Backup agent integrates with the existing Windows Server backup tool. When you start the tool after the agent installation, you register this server using your certificate. Then you configure what data you want to back up and what schedule you want to use.
[FOURTH CLICK]
That is it. So if you are using a schedule, the server will now back up your data to that schedule. You can monitor it from the backup tool, to see when the backup ran, when the next one will run, and view any issues.
[FIFTH CLICK]
If you need to recover data at any time, for example a server failure, or even an accidental deletion of a file or folder from a location being protected, you can use the backup tool to recover that data. Windows Azure Backup provides very granular recovery options, either to the original server or a different one.
Recovering data to an alternative server is a good practice for testing recovery procedures.
Let’s now look at how Windows Azure Backup works in an environment where you are using System Center Data Protection Manager.
Most of this procedure is the same as we’ve just seen.
[FIRST CLICK]
First, sign up for a Windows Azure account as we talked about in the previous slide.
[SECOND CLICK]
The next step involves installing the agent on the DPM server, not, as in the previous example onto the server you want to protect.
[THIRD CLICK]
The Windows Azure Backup agent integrates with DPM. When you restart DPM after the tool has been installed, you register this server using your certificate. Then you configure what data you want to back up and what schedule you want to use.
[FOURTH CLICK]
The DPM server will continue to protect the existing server as it did before the agent was installed, but the server will now back up data from servers you have configured.
[FIFTH CLICK]
If you need to recover data at any time, for example a server failure, or even an accidental deletion of a file or folder from a location being protected, you can use DPM to recover that data, while still continuing to monitor and protect the other servers.
[First Click]
The first stage in the transfer process is the encryption of your data on premise using your key.
[Second Click]
Your data stays encrypted with your key while in transit over the wire to Windows Azure storage.
[Third Click]
Your data stays encrypted while in Windows Azure storage. It is never decrypted while it resides in Windows Azure storage.
Your data can only be decrypted once it’s restored on your premises. Only you have the decryption key to do this.
This makes it very important to protect this key. Make sure you back up your key, keep it safe, and store a copy offsite. Your data cannot be decrypted without it. In the event of key loss, Microsoft cannot help you as Microsoft does not keep a copy of your key and has no access to it. The key is never passed to Windows Azure during any Windows Azure backup.
Hyper-V Replica
Business continuity depends on fast recovery of business functions after a downtime event, with minimal or no data loss. There are number of reasons why businesses experience outages, including power failure, IT hardware failure, network outage, human errors, IT software failures, and natural disasters. Depending on the type of outage, customers need a high availability solution that simply restores the service.
However, some outages that impact the entire datacenter, such as a natural disaster or an extended power outage, require a disaster recovery solution that restores data at a remote site and brings up the services and connectivity. Organizations need an affordable and reliable business continuity solution that helps them recover from a failure.
Beginning with Windows Server 2008 R2, Hyper-V and Failover Clustering could be used together to make a virtual machine highly available and minimize disruptions. Administrators could seamlessly migrate virtual machines to a different host in the cluster in the event of outage or to load balance their virtual machines without impacting virtualized applications.
While these measures could protect virtualized workloads from a local host failure or scheduled maintenance of a host in a cluster, they did not protect businesses from outages of an entire datacenter. While Failover Clustering can be used with hardware-based SAN replication across datacenters, these are typically expensive. Hyper-V Replica, a key feature of Windows Server 2012 R2, now offers an affordable in-box disaster recovery solution.
Hyper-V Replica provides asynchronous replication of virtual machines for the purposes of business continuity and disaster recovery. This asynchronous replication, in Windows Server 2012 R2, is now configurable. The administrator has the choice of:
30 seconds
5 minutes
15 minutes
Hyper-V Replica is incredibly simple to enable, through a wizard in Hyper-V Manager, through PowerShell, or through System Center Virtual Machine Manager. Once Replica is enabled for a particular virtual machine, the initial replication can begin.
The initial replication can be triggered immediately, scheduled for a later time, or even exported to a USB drive, for physical transportation to the target site, before replication begins. If a customer already has a backup of the source VM on the target site, this can also be used as the replication target.
As you can see from the figure above, Replica provides complete flexibility for replication. Being software based, there is no requirement on specific hardware on either site, ensuring complete flexibility and low cost. Administrators also have the ability to specify additional recovery points, outside of just the most recent. These recovery points, in Windows Server 2012 R2, are configurable up to a 24 hour period. The administrator also has the flexibility to choose what is replicated. For instance, if a VM had 4 virtual disks, but only 3 had important data, the 4th could be excluded from the replication, saving valuable bandwidth and disk space.
Hyper-V Replica tracks the write operations on the primary virtual machine and replicates these changes to the Replica server efficiently over a WAN.
The network connection between the two servers uses the HTTP or HTTPS protocol and supports both Windows-integrated and certificate-based authentication. For an encrypted connection, you should choose certificate-based authentication. Hyper-V Replica can also be closely integrated with Windows Failover Clustering, and provides easier replication across different migration scenarios in the primary and Replica servers. As it is integrated with Failover Clustering, Hyper-V Replica has full understanding of Live Migration, ensuring that VMs that are moving around the clustered environments, will still be replicated to their target sites as appropriate.
In the event of a disaster, VMs can be quickly and easily started on the second site, ensuring minimal data loss, and downtime for key applications and workloads.
Extended Replication
In Windows Server 2012, Hyper-V Replica would allow replication every 5 minutes, and only between 2 points. So, for instance, a customer could replicate their VMs to a Service Provider, but that would be the furthest that the VM could be replicated. The Service Provider wouldn’t easily be able to replicate your VM on to a DR site of their own, for instance.
With Windows Server 2012 R2 Hyper-V, not only have the replication intervals become configurable by the administrator, with the choice of 30 seconds, 5 minutes, or 15 minutes, but the replication capabilities have been enhanced to allow for replication of a VM to a tertiary location.
In the figure above, the VMs that were previously replicated to a second site, have now been replicated again, to a third site, providing an extra level of resiliency and peace of mind for the customer. The replication intervals for the extended replication are either 5 minutes, or 15 minutes. The data that was replicated from Primary to Secondary, will be the same data that will be replicated from Secondary to Tertiary, however the administrator has granular control over ports, initial replication (from Secondary to Tertiary), and recovery points. Again, as stated earlier, this provides complete flexibility, agnostic of hardware, with the above figure replicating to a low-cost DR site using DAS storage.
Again, this can be configured through Hyper-V Manager, PowerShell or SCVMM.