Would like some more info on Azure Site Recovery

Category: microsoft azure site recovery

Question

Chris Day Microsoft (MSFT CSG) on Wed, 24 Feb 2016 02:20:43


From @visenthil via Twitter

"We would like to know more info on Azure site recovery for our DR setup. Can you please help me out on this.
azure.microsoft.com/en-us/document…
1, Is Windows 2003 machines does not support in Azure site recovery? 
Unfortunately, at the present time our DR strategy will need to be able to support this (otherwise we will only be able to fail over a portion of our VMs, leading to an inoperable DR environment). Our Windows VM requirements as follows:

WINDOWS SERVER MACHINES (on VMware VM or physical server)
The server should be running a supported 64-bit operating system: Windows Server 2012 R2, Windows Server 2012, or Windows Server 2008 R2 with at least SP1.

So we need to confirm whether or not their solution supports legacy Windows 2003 machines?
2) Networking: Their documentation assumes a single network on the client side as well as on the Azure side. However, our current infrastructure employs multiple zoned subnets protected by firewalls so we can isolate DMZ machines from their backend servers, as well as isolate PCI-related machines from the rest of the machines in the environment. While granting access from our existing VMs to the Site Recovery Management server is trivial, we need to know more about how the Site Recovery process needs to be configured so that we end up with a supportable DR site at Azure once we turn on replication. More specifically:
a. Do they support replication of VMs to multiple Azure networks? If so, does this require us to deploy multiple process servers in order to replicate VMs to multiple locations, or will a single Management/Process server still work?
b. What is the mechanism for controlling traffic between Azure virtual network segments? Will we need to provide our own virtual firewalls? (in its simplest form, Azure relies on Windows firewalls to manage traffic between Azure VMs, which is sustainable for a simple web application, etc. However, with an environment as large and complex as ours, if we had to manage Windows firewalls at the host level to control access between environment servers, it would turn into an administrative headache to maintain—we really need to scope out what our options are regarding firewalling capabilities within Azure, as well as other services such as load balancers.
3) Furthermore, several VMs in our DMZ and in our Inside networks need to be able to communicate with each other (i.e., intra-DMZ and intra-Inside network traffic) in many cases to the VIP address of a load balancer but in some cases via direct communication between individual hosts.) How will we replicate these kinds of traffic flows in Azure in such a way that DR can work seamlessly with a minimum of reverse engineering on the Azure side of things.
4) For #s 2) and 3) above, we also need to find firewall and load balancer solutions that is easy to manage because whenever we make changes in the primary site (i.e., new firewall rules to support new development efforts or servers), we will want it to be easy to deploy parallel rules in the DR site’s network configuration so that DR will continue to operate seamlessly after the new code or computing resource is deployed.
5) SQL: Although Azure supports RDM disks, they don’t support replication of clustered SQL servers natively, but instead encourage customers to ‘consider using database replication such as SQL Server Always On or Oracle Data Guard.’ Before we consider using Azure as a DR solution, we should scope out the effort and pre-requisites involved in setting up an appropriate SQL replication/instance solution that will suit our needs and interoperate with the requirements laid out in the points above (including the fail-back strategy for SQL)."

Over DM

Thanks,

@AzureSupport

Replies

visenthil on Wed, 24 Feb 2016 03:03:03


Could you please answer my questions...

Rémi Dineuff on Wed, 24 Feb 2016 18:41:19


Hi,

1. Is Windows 2003 machines does not support in Azure site recovery?

Officially, 2003 is not supported in Azure. But you can replicate your VM with ASR to Azure. It works. I did it.

 

b. What is the mechanism for controlling traffic between Azure virtual network segments? Will we need to provide our own virtual firewalls? (in its simplest form, Azure relies on Windows firewalls to manage traffic between Azure VMs, which is sustainable for a simple web application, etc. However, with an environment as large and complex as ours, if we had to manage Windows firewalls at the host level to control access between environment servers, it would turn into an administrative headache to maintain—we really need to scope out what our options are regarding firewalling capabilities within Azure, as well as other services such as load balancers.

 

b. You can use your own firewall. You just need to use a virtual appliance in the marketplace. You can also create DMZ in Azure with NSG (Network Security Group).

Rémi

senthil1988 on Tue, 05 Apr 2016 09:19:20


Hi Remi,

As you said , "Officially, 2003 is not supported in Azure. But you can replicate your VM with ASR to Azure. It works. I did it"


Can you confirm me how you have prepared that setup, please explain me briefly?

- Is there any tool we have to use for replication or their any trick ?

If you have any documents please share the same, I have documents links for ASR azure.. i need for VM based windows 2003 server has to replicate with Azure ASR.




SCCMadmin09 on Fri, 22 Jul 2016 17:22:46


Hi Rémi,

Does the Win2003 servers were x64 or x86? physical or virtual? (if virtual: hyper-v or vmware?)

Thanks in advance!

SCCMadmin09 on Fri, 22 Jul 2016 20:46:35


I get the following message:

Thanks!

Ruturaj Dhekane on Thu, 13 Oct 2016 10:56:40


You cannot migrate VMware based 2003 VMs. Only Hyper-V Based 2003 VMs can b attempted (not sure if they will work).