Tutorial: How-to Setup Azure Site Recovery using Windows Server Essentials, Part 1: Pre-requisites
Windows Server Essentials (or the Essentials Experience role) can be leveraged to quickly provision and enable a full Disaster Recovery site in the cloud using built-in Azure integration features. The solution is composed of two Azure products: Azure Virtual Network and Azure Site Recovery.
I have previously written about our struggles to configure this solution using the Windows Server Essentials role (after all, it is supposed to make things easier). Thanks to my friend Daniel Santos, who is an MVP working in Brazil, we now have a full understanding of how to use this feature without getting inexplicable and maddening errors. Check out his blog posts on this topic here. He has put a lot of time into this, so thank you, Daniel.
I have a few more points and considerations to add to this for failing over multiple servers, so we will cover everything end-to-end and step-by-step with this series.
Here is a picture of the environment we are going to build:
Image credit: Alex Fields, ITProMentor.com
We start with an on-premises Hyper-V host and several virtual machines that we want to protect. One of the virtual machines is running Windows Server Essentials or Windows Server Standard/Datacenter with the Essentials Experience role. The Essentials server will be used to setup and connect to the Azure Virtual Network. Additionally, it will help us to register our Hyper-V host to the Azure Site Recovery vault, and begin replicating virtual machines. Finally, we will be able to test failover to the Azure virtual network.
Everything has to be just right…
The checklist for getting everything setup and configured correctly is documented here in brevity for ease of reference. Straying from these steps can spell certain DOOM for your implementation.
1. Obviously, you will need an Azure subscription
Hyper-V Host Server(s):
2. Hyper-V must be Windows Server 2012 R2 or 2016, fully up-to-date
3. Hyper-V server(s) must be joined to the same domain as your Essentials server
4. Virtual machines in Hyper-V should not contain spaces or special characters in the name
5. You will need to allow File and Printer Sharing inbound on the Windows Firewall
Windows Server Essentials:
6. Your Essentials Server must be Windows Server 2016, fully up-to-date; the edition can be Essentials, Standard or Datacenter with the Essentials Experience role enabled
7. On the Essentials Server, you will need to allow the Windows Management Instrumentation rules inbound on the Windows Firewall
8. On the Essentials Server and any other VM you wish to protect, enable Remote Desktop, or you will not be able to RDP into the machine after failover.
9. Using the Essentials Dashboard integration features, you will create an Azure Virtual Network and an Azure storage account, both of which are required in order to use Azure Site Recovery.
- When you create the objects, be sure to always use lowercase letters, with no spaces or special characters in the name
- The virtual network and storage account must be in the same geographic region in Azure (e.g. West US)
- The Azure Virtual Network wizard may fail in some cases to identify your local IP address space, so you may be required to specify it manually in the Azure portal
Azure portal notes:
10. For best results, I recommend that you make these changes in the Azure portal after everything is setup:
- Specify static IP addresses for your protected VM’s in the Azure recovery vault
- Add DNS server addresses to your Azure virtual network in advance of failover
These pieces will be covered throughout this series. Following these steps, you should not experience errors setting up the environment. Stray from these steps, and there are no guarantees!
Step-by-Step Guide: Pre-requisites
1. Setup your Azure Free Trial, if you don’t already have a subscription.
2. On the Hyper-V host, ensure you are fully up-to-date with 2012 R2 or 2016.
2012 R2: Control Panel > Windows Update
2016: Settings > Update & Security
3. Your Hyper-V host server needs to be joined to the same domain as your Windows Essentials Server. Many folks setup their Hyper-V host in a workgroup; if that is true in your case, make sure you join the domain before proceeding (requires a reboot).
4. Virtual Machines in Hyper-V that you want to protect cannot have any spaces or special characters in the name, and at least one VM must be 2012 R2 or newer.
5. On the Hyper-V host, you also need to allow File and Printer Sharing inbound on the Windows Firewall. Click Inbound Rules, then scroll down to find the File and Printer Sharing rules. Select them and click Enable in the right pane.
6. You need to have a Windows Server Essentials Server, or add the Essentials Experience role to any Windows Server Standard or Datacenter edition. If you don’t have it already, the easiest way to add the role is using PowerShell:
You will also need to configure the role from Server Manager to complete the setup.
Step through the rest of the wizard. Once it is completed, open the Windows Server Essentials Dashboard. Click Devices to ensure you are up-to-date.
7. On the Essentials Server, you have to allow the WMI rules inbound in the Windows Firewall. Click on Inbound Rules, scroll to find the Windows Management Instrumentation rules, select them and click Enable Rule in the right pane.
8. Don’t forget to enable Remote Desktop for the VM’s you want to protect, or you won’t be able to connect to them after failover is complete.
And that is basically it for laying the ground work.
In this part of the tutorial, we have described the pre-requisites that you need to have, before you deploy the Azure Virtual Network and Azure Site Recovery components using Windows Server Essentials.
From this point forward, we will start configuring the Azure Virtual Network, and then Azure Site Recovery–all from the Windows Server Essentials Dashboard. Stay tuned for part 2 of this series.