In Virtual Machine Manager (VMM) a private cloud is an entity where you specify an amount of computing resource (CPU, RAM, storage etc.) that you provide to users called tenant in VMM. When a cloud is created and available, some rights can be set on tenants such as create Virtual Machines (VM). So these last can use the private cloud for their needs until the consumption of the total amount of computing resource allowed. Some critical VM needs to be highly available even if his datacenter burns. This is why Hyper-V Replica exists. This technology performs a replica of the VM and if it brings down, it can be started on the other side, where the replica is stored. However, the Hyper-V Replica is implemented VM per VM and it is difficult to orchestrate the VM starting on a secondary site. This is why Hyper-V Recovery Manager (HRM) in Azure is interesting. HRM provides automated protection, an orchestrated recovery to start VMs in good order and some monitoring. If you want more information about HRM view this link.
In this topic we will see how to implement Hyper-V Recovery Manager with Virtual Machine Manager. However I will not finish the presentation because I have only one Hyper-V host and so I can’t make a failover. To implement Hyper-V Recovery Manager, the below prerequisites are needed:
- An Azure account (I use a free trial account). To view pricing details open this link.
- A CER certificate. It will be used to register VMM servers in a Hyper-V Recovery Manager vault.
- If you have many VMM, a PFX certificate file is necessary with private key and related CER certificate. This PFX will be imported on each VMM.
- At least on VMM (2012 SP1 and 2012 R2).
- Two private clouds are necessaries: one protected and the other for recovery purpose.
- One or more VMM host groups
- One or more Hyper-V host in each group
- To ensure the VM connectivity after failover the protected private cloud have to be connected to a VM network that will be mapped to a corresponding VM network on the destination private cloud.
For further information about prerequisites, please visit this link.
Prepare a certificate for Hyper-V Recovery Manager using
Request a new certificate with Active Directory enrollment (AD CS)
This step involve that you have an operational AD CS with some template set to deliver the certificate with enrollment. Also you can use a self-signed certificate.
First open a computer certificate MMC. Next right click on certificate in personal store and select Request New Certificate as below.
I have created a template called _Azure that is the same as Computer certificate template in AD CS console.
At this point, you have a certificate on the server with the private key. Now I will export this certificate as CER file and as a PFX file for other VMM servers.
Export as a CER file
In this example, my certificate is issued to HYPERV01 (because I have only one Hyper-V in my home). So I select the previously created certificate and I export it as below.
A CER file is the certificate without the private key (it is like a P7B). It provides only the public key to other entities.
I select DER encoded binary X.509 with .CER extension.
Choose where you want to export this certificate.
Now I have the certificate needed for Hyper-V Recovery Manager. In my example I don’t use PFX file because I have only one VMM but I will show you how to export your certificate as PFX.
Export as a PFX file
A PFX file is a file that contains the CER file and his private key. Sometime this PFX file contains certificate chain. So as below, right click on your certificate and export it as below.
Select that you want to export the private key.
Here I select to export certificate including all certificates of the certificate chain.
Choose a password to protect the private key.
Choose a destination folder to export your certificate.
Now we have certificates for Hyper-V Recovery Manager. It is time to create it.
Create the Hyper-V Recovery Manager
First open your Azure portal and select the Recovery Services item. Choose to create a new vault.
I create a Hyper-V Recovery Manager called FabrikamDRP located in West Europe.
Now that your Hyper-V Recovery Manager is created you can follow the steps indicated. First you have to upload the certificate (CER) created previously. For that, click on Manage Certificate.
Now click on download the latest provider to download it.
Install Hyper-V Recovery Manager provider on VMM server.
Once you have downloaded the latest Hyper-V Recovery Manager provider, launch the setup.
If your VMM is running, you have to stop it otherwise you will have the below error.
Once the provider is installed, you start the configuration between your VMM and the Hyper-V Recovery Manager in Azure.
Configure the proxy for your Internet Connection. At home I don’t have proxy so I click next.
Select the certificate that you have uploaded to Azure previously. Because I am on the same server where I have created certificate, the wizard find my certificate. If you are on another VMM server don’t forget to import PFX in computer personal store before.
Type a friendly name of your VMM server. I have called mine VMM.fabrikam.com. Make sure that Synchronize cloud data with vault is set as you want. It is not mandatory and you can make the initial synchronization later.
At this point, my VMM can communicate with my Hyper-V Recovery Manager called FabrikamDRP. As you can see below, my VMM server is connected to FabrikamDRP.
Create private clouds in VMM
I create two private clouds:
- Fabrikam Datacenter NY which is the protected cloud.
- Fabrikam Datacenter LON which is the recovery cloud.
So in VMM I click on Create Cloud as below:
Enter a name and a description of your cloud and make sure that Send Configuration data about this cloud to the Windows Azure Hyper-V Recovery Manager is checked.
Select your host groups that deliver resource for this cloud.
Select logical networks for this cloud. This setting is important especially to map networks in Hyper-V Recovery Manager.
Repeat this operation to create Fabrikam Datacenter LON. When it is finished you should have two Clouds as below.
Configure the replication between clouds
Now that my private clouds are synchronized with my Hyper-V Recovery Manager, they appear in Protected Items as below. Note that in this example the source and target location are the same because I have one and only one VMM and Hyper-V. In reality you should have two VMM in two different locations and at least two Hyper-V hosts. This is why I can’t accomplish this demonstration because I have only one Hyper-V host.
So I select Fabrikam Datacenter NY to protect it. The target location is VMM.Fabrikam.com and the target cloud is Fabrikam Datacenter LON. The replication is made every 5 minutes. I don’t create recovery points or snapshots.
Once it is done, you will see that Fabrikam Datacenter NY is the protected cloud and Fabrikam Datacenter LON is the recovery cloud.
Network mapping enables to bind VM networks between source and target cloud. In this way, if the primary VM is down, the replica can start without network configuration. Because my two clouds use the same logical network, the source and the target VM network are the same. So select your source VM Network and click on map.
Select the target VM Network and validate your setting.
Now your VM Network are mapped. It is time to configure Virtual Machines.
Configure your VMs
So I have a VM called VMMON01 that I will add to the Fabrikam Datacenter NY cloud. Right click on your VM in Virtual Machine Manager and select properties. In the General tab, select your cloud as below.
Now the VM is added to the cloud.
To activate the support of Hyper-V Recovery Manager, right click on your VM and select properties. In Hardware Configuration tab, open advanced part and enable Hyper-V Recovery Manager protection for this virtual machine. Don’t configure a Replication frequency less than the replication set in Hyper-V Recovery Manager previously.
Now in your Hyper-V Recovery Manager a Virtual Machine is added in cloud.
Create the recovery plan
Select recovery plans and click on Create Recovery Plan to create it.
Enter a name and select a source and a target. As I said previously my source and target is the same because I have one VMM.
Select the virtual machines that take part of your recovery plan.
As you can see below, you can organize your VM in group to orchestrate the restart of your VM. Scripts can be used to orchestrate before or after the group. That means that before or after a group failover, you can run scripts.
Now that your recovery plan is created you can test the failover as below.
So I’m sorry I can continue this topic. From here, it will not work because I do not have enough hyper-v host.
Hyper-V Recovery Manager (HRM) is a good service that enables to centralize the orchestration of DRP and monitoring. HRM works as a witness site to make the failover. It is pretty easy to bind networks between remote site and HRM enables to script the failover to start VM in the good order. So if you have already in Hybrid cloud world, I recommend you this service. For further information about HRM visit this link.