Prepare Azure resources for Hyper-V disaster recovery
In this tutorial we will understand about how to prepare Azure components when you want to replicate on-premises VMs (Hyper-V) to Azure. And, we will lean about how to verify that your Azure account has replication permissions, create an Azure storage account, create a Recovery Services vault, and set up an Azure network.
Azure Site Recovery helps business continuity and disaster recovery (BCDR) by keeping business apps running during planned and unplanned outages. Site Recovery manages and orchestrates disaster recovery of on-premises machines and Azure virtual machines (VMs), including replication, failover, and recovery.
Verify account permissions
If you just created a free Azure account, you’re the administrator for that subscription. However, if you’re not the administrator, then work with the administrator to assign the permissions you need. For enabling replication for a new virtual machine, you must have permission to:
- Firstly, create a VM in the selected resource group.
- Secondly, create a VM in the selected virtual network.
- Lastly, write to the selected storage account.
However, to complete these tasks, your account should be assigned the Virtual Machine Contributor built-in role. And further, to manage Site Recovery operations in a vault, your account should be assigned the Site Recovery Contributor built-in role.
Create a storage account
Images of replicated machines are held in Azure storage. And, the Azure VMs are created from the storage when you fail over from on-premises to Azure. The storage account must be in the same region as the Recovery Services vault.
- Firstly, in the Azure portal menu, select Create a resource > Storage > Storage account – blob, file, table, queue.
- Secondly, in Create storage account, enter a name for the account. The name you choose must be unique within Azure, be from 3 to 24 characters long, and only use lowercase letters and numbers.
- Thirdly, in Deployment model, select Resource Manager.
- Then, in Account kind, select Storage (general-purpose v1). Don’t select blob storage.
- Next, in Replication, select the default Read-access geo-redundant storage for storage redundancy. Leave the Secure transfer required setting as Disabled.
- In Performance, select Standard. Next, in Access tier, select the default option of Hot.
- Then, in Subscription, choose the subscription in which you want to create the new storage account.
- In Resource group, enter a new resource group. An Azure resource group is a logical container in which Azure resources are deployed and managed.
- After that, in Location, choose the geographic location for your storage account.
- Lastly, select Create to create the storage account.
Create a recovery services vault
- Firstly, in the Azure portal, select +Create a resource, and then search the Azure Marketplace for Recovery Services.
- Secondly, select Backup and Site Recovery (OMS). Next, on the Backup and Site Recovery page, select Create.
- Thirdly, in Recovery services vault > Name, enter a friendly name to identify the vault.
- Then, in Resource group, select an existing resource group or create a new one.
- In Location, select the region where the vault should be located.
- Lastly, to quickly access the vault from the dashboard, select Pin to dashboard > Create.
Set up an Azure network
When Azure VMs are created from storage after failover, they’re joined to this network.
- Firstly, in the Azure portal, select Create a resource > Networking > Virtual network. Leave Resource Manager selected as the deployment model.
- Secondly, in Name, enter a network name. The name must be unique within the Azure resource group.
- Thirdly, specify the resource group in which to create the network.
- In Address range, enter 10.0.0.0/24 as the range for the network. There’s no subnet for this network.
- After that, in Subscription, select the subscription in which to create the network.
- Next, in Location, choose West Europe. The network must be in the same region as the Recovery Services vault.
- Then, leave the default options of basic DDoS protection, with no service endpoint on the network.
- Lastly, select Create.
Reference: Microsoft Documentation