Set up disaster recovery to Azure for Hyper-V VMs using PowerShell and Azure Resource Manager
Article
Azure Site Recovery contributes to your business continuity and disaster recovery (BCDR) strategy by orchestrating replication, failover, and recovery of Azure virtual machines (VMs), and on-premises VMs and physical servers.
This article describes how to use Windows PowerShell, together with Azure Resource Manager, to replicate Hyper-V VMs to Azure. The example used in this article shows you how to replicate a single VM running on a Hyper-V host, to Azure.
Azure PowerShell provides cmdlets to manage Azure using Windows PowerShell. Site Recovery PowerShell cmdlets, available with Azure PowerShell for Azure Resource Manager, help you protect and recover your servers in Azure.
Microsoft partners in the Cloud Solution Provider (CSP) program can configure and manage protection of customer servers to their respective CSP subscriptions (tenant subscriptions).
Azure PowerShell. For information about this release and how to install it, see Install Azure PowerShell.
In addition, the specific example described in this article has the following prerequisites:
A Hyper-V host running Windows Server 2012 R2 or Microsoft Hyper-V Server 2012 R2 containing one or more VMs. Hyper-V servers should be connected to the Internet, either directly or through a proxy.
Open a PowerShell console and run this command to sign in to your Azure account. The cmdlet brings up a web page prompts you for your account credentials: Connect-AzAccount.
Alternately, you can include your account credentials as a parameter in the Connect-AzAccount cmdlet, using the Credential parameter.
If you're a CSP partner working on behalf of a tenant, specify the customer as a tenant, by using their tenantID or tenant primary domain name. For example: Connect-AzAccount -Tenant "fabrikam.com"
Associate the subscription you want to use with the account, since an account can have several subscriptions:
Set-AzContext -Subscription $SubscriptionName
Verify that your subscription is registered to use the Azure providers for Recovery Services and Site Recovery, using these commands:
Verify that in the command output, the RegistrationState is set to Registered, you can proceed to Step 2. If not, you should register the missing provider in your subscription, by running these commands:
Create an Azure Resource Manager resource group in which to create the vault, or use an existing resource group. Create a new resource group as follows. The $ResourceGroupName variable contains the name of the resource group you want to create, and the $Geo variable contains the Azure region in which to create the resource group (for example, "Brazil South").
$sitename = "MySite" #Specify site friendly name
New-AzRecoveryServicesAsrFabric -Type HyperVSite -Name $sitename
This cmdlet starts a Site Recovery job to create the site, and returns a Site Recovery job object. Wait for the job to complete and verify that the job completed successfully.
Use the Get-AzRecoveryServicesAsrJob cmdlet to retrieve the job object, and check the current status of the job.
Generate and download a registration key for the site, as follows:
If you're running a Hyper-V core server, download the setup file and follow these steps:
Extract the files from AzureSiteRecoveryProvider.exe to a local directory by running this command:
AzureSiteRecoveryProvider.exe /x:. /q
Run the following command:
.\setupdr.exe /i
Results are logged to %ProgramData%\ASRLogs\DRASetupWizard.log.
Register the server by running this command:
cd C:\Program Files\Microsoft Azure Site Recovery Provider\DRConfigurator.exe" /r /Friendlyname "FriendlyName of the Server" /Credentials "path to where the credential file is saved"
Step 6: Create a replication policy
Before you start, the storage account specified should be in the same Azure region as the vault, and should have geo-replication enabled.
Create a replication policy as follows:
$ReplicationFrequencyInSeconds = "300"; #options are 30,300,900
$PolicyName = “replicapolicy”
$Recoverypoints = 6 #specify the number of recovery points
$storageaccountID = Get-AzStorageAccount -Name "mystorea" -ResourceGroupName "MyRG" | Select-Object -ExpandProperty Id
$PolicyResult = New-AzRecoveryServicesAsrPolicy -Name $PolicyName -ReplicationProvider “HyperVReplicaAzure” -ReplicationFrequencyInSeconds $ReplicationFrequencyInSeconds -NumberOfRecoveryPointsToRetain $Recoverypoints -ApplicationConsistentSnapshotFrequencyInHours 1 -RecoveryAzureStorageAccountId $storageaccountID
Check the returned job to ensure that the replication policy creation succeeds.
Retrieve the protection container that corresponds to the site, as follows:
Retrieve the protectable item that corresponds to the VM you want to protect, as follows:
$VMFriendlyName = "Fabrikam-app" #Name of the VM
$ProtectableItem = Get-AzRecoveryServicesAsrProtectableItem -ProtectionContainer $protectionContainer -FriendlyName $VMFriendlyName
Protect the VM. If the VM you're protecting has more than one disk attached to it, specify the operating system disk by using the OSDiskName parameter.
Wait for the VMs to reach a protected state after the initial replication. This can take a while, depending on factors such as the amount of data to be replicated, and the available upstream bandwidth to Azure. When a protected state is in place, the job State and StateDescription are updated as follows:
If you wish to replicate to CMK enabled managed disks in Azure, do the following steps using Az PowerShell 3.3.0 onwards:
Enable failover to managed disks by updating VM properties
Use the Get-AzRecoveryServicesAsrReplicationProtectedItem cmdlet to fetch the disk ID for each disk of the protected item
Create a dictionary object using New-Object "System.Collections.Generic.Dictionary``2[System.String,System.String]" cmdlet to contain the mapping of disk ID to disk encryption set. These disk encryption sets are to be pre-created by you in the target region.
Update the VM properties using Set-AzRecoveryServicesAsrReplicationProtectedItem cmdlet by passing the dictionary object in DiskIdToDiskEncryptionSetMap parameter.
Step 8: Run a test failover
Run a test failover as follows:
$nw = Get-AzVirtualNetwork -Name "TestFailoverNw" -ResourceGroupName "MyRG" #Specify Azure vnet name and resource group
$rpi = Get-AzRecoveryServicesAsrReplicationProtectedItem -ProtectionContainer $protectionContainer -FriendlyName $VMFriendlyName
$TFjob = Start-AzRecoveryServicesAsrTestFailoverJob -ReplicationProtectedItem $VM -Direction PrimaryToRecovery -AzureVMNetworkId $nw.Id
Verify that the test VM is created in Azure. The test failover job is suspended after creating the test VM in Azure.
Provide disaster recovery for your Azure infrastructure by customizing replication, failover, and failback of Azure virtual machines with Azure Site Recovery.
As a Windows Server hybrid administrator, you integrate Windows Server environments with Azure services and manage Windows Server in on-premises networks.