Preparing Host Clusters For Hyper-V Replica

We previously looked at how to configure Hyper-V Replica on non-clustered hosts. You can configure replication between non-clustered hosts and host clusters (in either direction), and between two different host clusters. The process of configuring VM replication does not change. However, you must prepare the clusters for Hyper-V Replica by enabling and configuring a role in the failover cluster known as the Hyper-V Replica Broker.

Hyper-V Replica Broker: Introduction

With non-clustered hosts we did the following:

  1. Enabled an inbound replication policy in the Hyper-V Settings of the secondary site host using the primary site host computer name as the authorized source.
  2. Configured per-VM replication on the primary site host, using the secondary site host computer name as the destination.

Imagine that you wanted to replicate VMs from one 8-node cluster to another 8-node cluster, or maybe we could push Windows Server to the extreme and replicate from a 64-node cluster to another 64-node cluster. Do you really want to configure all those hosts, one at a time, and configure 1-1 replication between nodes, thus preventing the mobility that is inherent within a failover cluster?

Failover clustering gives us a role called the Hyper-V Replica Broker. The role of the broker is:

  • Primary Site Identification: The entire primary site cluster will be identified for Hyper-V Replica purposes using the computer name of the broker. This simplifies policy creation in the secondary site; you authorize the broker instead of each cluster node.
  • Secondary Site Administration: The secondary site is configured once, in the broker’s settings, instead of managing the Hyper-V Settings of each node in the cluster. The settings are automatically synchronized throughout the entire cluster.

There is an additional use of the Hyper-V Replica Broker; you normally should configure inbound replication from the secondary site to the primary site. This allows you to reverse replication, which is required for a planned failover.

    Add Hyper-V Replica Broker

    You should add the Hyper-V Replica Broker role to any host cluster (primary or secondary site) that will be involved in Hyper-V Replica. You do this by:

    • Place the cluster’s computer accounts (including any CAPs) into an OU, where the cluster has the ability to create computer objects. The new broker requires a computer object and the role will fail to start if you do not grant the cluster the Add Computer right to create it.
    • Launch Failover Cluster Manager and connect to the cluster.
    • Click Configure Role.
    • Select Hyper-V Replica Broker.
    • Enter in the desired computer name for the new broker, select the network that it should communicate on, and give it a routable IP address. Note that this is the network that will be used for replication traffic to and from the other host/cluster.

    Use Hyper-V Replica Broker to Prepare Host Clusters: high availability wizard

    Adding the Hyper-V Replica Broker.

    Note that the computer name that you enter in this wizard will be the name used for Hyper-V Replica:

    • Primary Site Broker Name: Will be used in the secondary site to define authorized replication clusters.
    • Secondary Site Broker Name: Will be used in the primary site to specify the destination for replication.

    Configure a Primary Site Broker

    You will probably want to make reverse replication from the secondary site to the primary site possible. To do this, do the following:

    • Configure the Hyper-V Replica Broker on any primary site host clusters to allow inbound replication from secondary site hosts/clusters.
    • Configure the Windows Firewall and any firewall appliances to allow inbound replication.

    If reverse replication is not required then you’ve already done everything you need when creating the broker – you specified a computer name and IP address.

    Configure a Secondary Site Broker

    You will configure replication settings on the secondary site broker instead of configuring Hyper-V Settings on each host:

    • Open Failover Cluster Manager, select the Hyper-V Replica Broker, and select the Replication Settings action.
    • Enable replication on HTTP and/or HTTPS, depending on the trust level of the replication network and if both hosts are in the same AD forest (HTTP is possible) or not (HTTPS is required).
    • Specify the Authorization And Storage to list what primary site hosts/clusters (broker name) are authorized to replicate and where their replica VMs will be stored in the secondary site.

    The below example is configured to accept replication over HTTP (Kerberos authentication). A cluster with a Hyper-V Replica broker called demo-hvc1-brkr will be allowed to replicate to this cluster and its virtual machines will be stored in a sub-folder called Demo-HVC1 in the Cluster Shared Volume called CSV1.

    configure Hyper-V Replica Broker

    A configured secondary site Hyper-V Replica Broker.

    Configure Firewalls

    You have quite a bit of firewall engineering to do to enable inbound replication from the primary site hosts to the secondary site hosts. You need to configure any firewall appliances and the Windows Firewall to allow the replication traffic. If you have a lot of hosts you can save some time by configuring Windows Firewall with some remotely executed PowerShell. The following example authorizes Demo\Administrator to configure the Windows Firewall on Demo-Host3 and Demo-Host4 for replication over the HTTP protocol:
    Invoke-Command -ComputerName Demo-Host3,Demo-Host4 -ScriptBlock { Enable-NetFirewallRule -DisplayName “Hyper-V Replica HTTP Listener (TCP-In)” } -Credential “Demo\Administrator”

    Enable Replication from a Primary Site Cluster

    When you have a Hyper-V cluster then you should do all of your VM administration in Failover Cluster Manager. This includes enabling per-VM replication.

    • Open Failover Cluster Manager, select the VM you want to replicate, and start the Replication action.
    • Configure VM replication as you would from a non-clustered host.

    The below example shows a VM being replicated to a cluster with a Hyper-V Replica broker called Demo-FSC1-Brkr.demo.internal.
    Hyper-V Replica Broker: enable site replication

    Replicating a Linux VM to a Hyper-V Cluster in the secondary site.