Microsoft Azure

Replicate Azure Virtual Machines to Another Region for Disaster Recovery

In this post, I will show you how to enable disaster recovery replication of Azure virtual machines (VMs) from one region to another region. This will enable your services to survive a massive outage in an Azure data center or region.



Sponsored Content

Passwords Haven’t Disappeared Yet

123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?

Note that this service is in preview at the time of writing this article, so the UI is very likely to change by the time of general availability.

The Source Machines

In my demo lab, I have deployed two ARM VMs in a resource group called petri-rg in the Azure North Europe region.

The virtual machines running in North Europe [Image Credit: Aidan Finn]
The Virtual Machines Running in North Europe [Image Credit: Aidan Finn]

Note that at this time there is no support for:

  • VMs running Windows Server 2016 Microsoft recently added support for WS2016 virtual machines
  • VMs with managed disks

I want to enable replication of these VMs to another region. I have to choose from a region that is in the same geographic cluster as my VMs in North Europe:

The Azure to Azure Site Recovery geographic clusters [Image Credit: Microsoft]
The Azure to Azure Site Recovery Geographic Clusters [Image Credit: Microsoft]

Create Recovery Services Vault

I am going to replicate my VMs to West Europe. Here, I will create a recovery services vault in a resource group that is also in West Europe.

Creating a new recovery services vault in West Europe [Image Credit: Aidan Finn]
Creating a New Recovery Services Vault in West Europe [Image Credit: Aidan Finn]

All we have now in the “disaster recovery site” (a resource group in the West Europe region) is a recovery services vault.

The new DR site for my Azure virtual machines [Image Credit: Aidan Finn]
The New Disaster Recovery Site for My Azure Virtual Machines [Image Credit: Aidan Finn]

Replicate Virtual Machines

Open the recovery services vault and click + Replicate. In Source:

  1. Select Azure as the source.
  2. Select the region where the running virtual machines are, which is North Europe for me.
  3. Select the deployment model, which is Resource Manager in my example.
  4. Select the source resource group, which is petri-rg in my case.

Configure the source for replicating Azure virtual machines [Image Credit: Aidan Finn]
Configure the Source for Replicating Azure Virtual Machines [Image Credit: Aidan Finn]

In Virtual Machines, select the VMs that you want to replicate with a common replication policy. If you need multiple policies, then you can return to this wizard again.

Select Azure virtual machines to replicate to another region [Image Credit: Aidan Finn]
Select Azure Virtual Machines to Replicate to Another Region [Image Credit: Aidan Finn]

Note that the VMs must have a provisioned Azure VM Agent. This extension might not be active yet if you have recently deployed the VMs. The agent will be required to provision the Azure Site Recovery Mobility Service as an extension in the guest OS of the VMs.

Things such as storage accounts, availability sets, and virtual networks must be deployed in the disaster recovery region to allow VMs to failover to that region. By default, the original names are re-used with a -asr suffix to create a failover resource group and the required resources. You can customize the destination resource group in the Configure Settings screen:

  • You can select a destination resource group and virtual network if they already exist in the region.
  • You can select an availability set (if required) if it already exists in the region.
  • You can select storage accounts for the virtual machines if they already exist in the region.

The default replication configuration can be customized [Image Credit: Aidan Finn]
The Default Replication Configuration Can be Customized [Image Credit: Aidan Finn]

You can use the default replication policy or customize it:

  • Name: This is what the policy is called.
  • Recovery point retention: This is how many hourly recovery points will be retained. The maximum is 24 hours.
  • How often an application consistent (VSS) snapshot will be created: This is not important for non-database workloads. Things like SQL Server are actually pretty tolerant. A consistent snapshot becomes one of your (up to 24) recovery points.

Customize an Azure virtual machine replication policy [Image Credit: Aidan Finn]
Customize an Azure Virtual Machine Replication Policy [Image Credit: Aidan Finn]

At the end of the wizard, click Create Target Resources. Azure will validate the configuration. If all goes well, the resources will be deployed to the disaster recovery site. Wait for the Enable Replication button and click it. The Azure Site Recovery Mobility Service extension will be deployed into the VMs and an initial sync will start. After the initial sync, you have a VM that can be failed over and regular continuous or asynchronous replication will begin.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Aidan Finn, Microsoft Most Valuable Professional (MVP), has been working in IT since 1996. He has worked as a consultant and administrator for the likes of Innofactor Norway, Amdahl DMR, Fujitsu, Barclays and Hypo Real Estate Bank International where he dealt with large and complex IT infrastructures and MicroWarehouse Ltd. where he worked with Microsoft partners in the small/medium business space.
13 Email Threat Types to Know About Right Now

As email threats evolve and multiply, keeping track of them all—and staying protected against the many different types—becomes a complex challenge. Today, that requires more than just the traditional email gateway solution that used to be good enough.

In this eBook you will learn:

  • What are the most common and challenging email attacks for organizations?
  • How to defend against sophisticated email threats, such as spoofing, social engineering, and fraud
  • How to protect employees at the inbox level with the right technologies and security-awareness training
  • How to use a multilayered protection strategy to reduce susceptibility to email attacks and better defend your business and employees

Sponsored by: