Perform a Hyper-V Replica Initial Copy Using External Media

An important step in implementing Hyper-V Replica is performing the initial copy. There are three ways to do this. In this post, I will talk about how to perform the Hyper-V Replica initial copy using external media or removable storage. (In a previous post, I showed you how to perform the Hyper-V Replica initial copy over the network.)

Initial Copy Using External Media: How It Works

With this approach, you will use removable storage to physical transport the files of your Hyper-V Replica-protected virtual machines from the primary site to the secondary site. This is done once, just for the initial copy. The files are imported on the host/cluster in the secondary site. Hyper-V Replica will fix up any differences between the production and replica virtual machines since the export was done, and then replication will automatically begin.

Pros and Cons

There is one significant benefit to performing the initial copy using removable storage. You do not need endless amounts of bandwidth to get terabytes (or even petabytes) of virtual machine files from the production site to the secondary site. This means that even a smaller company or a branch office can perform that initial copy without the Internet or WAN connection delaying replication for weeks or even months.

There are three things to consider when thinking about using removable storage to perform your Hyper-V Replica initial copy:

Sponsored Content

Passwords Haven’t Disappeared Yet

123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?

  • Manual effort: Someone has to perform an export of the virtual machines (part of the wizard), transport the removable storage (probably USB disk or NAS), and import the virtual machines before replication can start. This is a process that requires human effort. This implies that there is a cost (even if it is an internal cross-charge) and that this approach does not lend itself to a cloud model with self-service (requiring automation).
  • Risk of data loss: Virtual machine files, including all of their data, are being removed from the (hopefully) physically secure computer room or data center, and being transported in the back of a car, van, or even on a courier bike. No security officer or data protection commissioner will dance for joy at that thought! You can offset the risk by encrypting the removable storage; consider using the built-in Bitlocker to Go.
  • Service provider friendliness: Some service providers will offer a DR-as-a-Service feature where you can replicate your Hyper-V virtual machines to their multi-tenant public cloud. Those service providers that operate on low margins with high numbers of tenants will be unlikely to allow out-of-band initial copies such as removable storage, and will require the initial copy to be done over the network (Internet). Such hosting companies need to eliminate the risk of connecting “alien” removable storage and the costs of human effort.

Enabling BitLocker to Go

BitLocker to Go is available on Hyper-V Replica capable hosts running Windows Server 2012 or later. You can use this security feature to encrypt your removable storage. You should consider encryption a requirement, not as an option. It is always best to perform best effort security to offset the risk of data loss. Consider this: How many USB drives have you lost over the years? Now imagine one of those has your company’s employees social security numbers or customer private data. Encrypt the disk!

You can make BitLocker to Go available by adding the BitLocker Drive Encryption feature in Server Manager.

Perform a Hyper-V Replica Initial Copy Using External Media bitlocker

Adding the BitLocker Drive Encryption feature.

When the feature is installed, attach your removable storage onto the primary site host that is running the virtual machine. Open Explorer, right-click on the disk, and select Turn On BitLocker. Select the option to secure the disk using a password and enter a strong pass phrase. Save the recovery key somewhere secure.

Implement the Initial Copy

Proceed through the Enable Replication wizard and choose the Send Initial Copy Using External Media option. Browse to select the path where the production virtual machine will be exported to; this is the attached removable media. When you finish the wizard, two things will happen:

  1. A stub replica virtual machine will be created in the secondary site with no disks.
  2. A checkpoint (Hyper-V snapshot) will be created of the running production virtual machine and this is used to export the files to the removable media. The files of the virtual machine are stored in a unique sub-folder.

Perform a Hyper-V Replica Initial Copy Using External Media

Send initial copy using external media.

Replication has not started yet. Transport the removable media to the secondary site, connect it to the server and enter the BitLocker password to access the media. Launch Hyper-V Manager, browse to the sub replica virtual machine, right-click on it, and select Replication > Import Initial Replica. You will need to enter the path of the subfolder that contains the exported files.

Perform a Hyper-V Replica Initial Copy Using External Media

Importing the initial replica.

Once completed, replication will automatically start and your production site virtual machine is protected in the secondary site.

Related Topics:

Aidan Finn, Microsoft Most Valuable Professional (MVP), has been working in IT since 1996. He has worked as a consultant and administrator for the likes of Innofactor Norway, Amdahl DMR, Fujitsu, Barclays and Hypo Real Estate Bank International where he dealt with large and complex IT infrastructures and MicroWarehouse Ltd. where he worked with Microsoft partners in the small/medium business space.
Live Webinar - Thursday, December 2nd! Active Directory Masterclass: AD Configuration Strategies for Stronger SecurityREGISTER NOW - Thursday, December 2, 2021 @ 1 pm ET

Active Directory (AD) is leveraged by over 90% of enterprises worldwide as the authentication and authorization hub of their IT infrastructure—but its inherent complexity leaves it prone to misconfigurations that can allow attackers to slip into your network and wreak havoc. 

Join this session with Microsoft MVP and MCT Sander Berkouwer, who will explore:

  • Whether you should upgrade your domain controllers to Windows Server
    2019 and beyond
  • Achieving mission impossible: updating DCs within 48 hours
  • How to disable legacy protocols and outdated compatibility options in
    Active Directory

Sponsored by: