Category Archives: Azure VMware Solution

Disaster recovery with Azure VMware Solution

The adoption of flexible and cutting-edge solutions to achieve greater stability, continuity and resilience of the main application workloads that support the company business is an important goal to pursue. Azure VMware Solution (AVS) is the service designed, made and supported by Microsoft and approved by VMware, which allows customers to use physical VMware vSphere clusters hosted in Azure. This article describes the main Azure VMware Solution adoption scenarios to meet disaster recovery needs.

The Azure VMware solution can be contemplated to address different scenarios, including the implementation of disaster recovery and business continuity plans (BCDR). The following diagram is useful for guiding the possible choices in this area at a high level:

Figure 1 - Diagram to guide choices in the BCDR area

Disaster Recovery Strategies Considerations

First of all, it helps to align business requirements with RPO, RTO and with the availability of IT resources. An effective Disaster Recovery plan must be designed to achieve these goals by adopting the most appropriate technologies. About this, the adoption of native BCDR solutions for applications can be evaluated, for example SQL Always On availability group or SAP HANA System Replication (HSR), or non-native solutions such as VMware Site Recovery Manager (SRM) and Azure Site Recovery.

Azure VMware solution should be evaluated if, in enterprise environments, there are particularly stringent requirements in terms of RPO and RTO. Otherwise, you can use Azure Site Recovery or rely on system recovery using the Data Protection solution you are using.

Disaster Recovery Solutions using Azure VMware Solution

To implement disaster recovery plans using Azure VMware Solution, it is possible to adopt native VMware solutions or third-party solutions.

VMware Site Recovery Manager (SRM)

VMware Site Recovery Manager is an automation solution, which integrates with underlying replication technology, able to offer:

  • Recovery test without service interruptions
  • Workflow able to carry out the orchestration of DR plans in an automated way
  • Automatic reset of network and security settings (integration with VMware NSX)

The solution offers the possibility to insure, in a simple and reliable way, restore and move virtual machines between multiple VMware sites with little or no downtime.

Site Recovery Manager requires one of the following replication technologies to orchestrate virtual machine recovery operations:

  • VMware vSphere Replication: replication focused on VMs and based on the hypervisor. It is the solution natively integrated with Site Recovery Manager and included in most versions of vSphere.
  • Third party solutions: Site Recovery Manager uses plug-in SRA (Storage Replication Adapter) developed by storage partners for integration with third-party systems.

Site Recovery Manager (SRM) for Azure VMware Solution (AVS) is able to automate and orchestrate failover and failback processes in the following Disaster Recovery scenarios:

  • On-premise VMware to Azure VMware Solution private cloud disaster recovery.
  • Primary Azure VMware Solution to a secondary disaster recovery Azure VMware Solution private cloud.

Furthermore, thanks to the possibility of carrying out failover tests, without generating interruptions on the production environment, it is possible to periodically guarantee the achievement of the objectives, related to the recovery time, required for disaster recovery plans. In this scenario SRM is licensed and supported directly by VMware.

For further details you can consult this Microsoft's document.

VMware HCX Disaster Recovery (DR)

Although the VMware HCX solution can be used with the Azure VMware Solution private cloud as a recovery target or destination, this possibility should only be considered in particular cases. Indeed, the adoption of this solution is not recommended for large environments, as the orchestration of activities during disaster recovery is totally manual. Currently the AVS solution does not have runbooks or features that can support failover operations during a disaster recovery. For enterprise DR scenarios it is therefore recommended to use the VMware Site Recovery Manager solution (SRM) or the third-party solutions described in the following paragraph. For more details about DR with VMware HCX you can consult this Microsoft's document.

Third party solutions

Microsoft, in order to guarantee its customers the opportunity to make the most of the investments made in skills and technologies, has partnered with some of the industry's leading partners to ensure integration and support. Among the main third-party solutions that can be used we find:

The adoption of some of these solutions, like JetStream, can also be advantageous in terms of cost, as Azure Blob Storage is used to keep copies of virtual machines and related data.

Figure 2 - DR operations with solutions such as JetStream

The data written by the virtual machines locally is replicated directly to an Azure Blob Storage and the resources of the DR infrastructure are not needed until a disaster occurs (or when a test is required) which prompts you to initiate the disaster recovery procedure. This approach implies that costs are minimized, with a consequent reduction in infrastructure costs compared to alternative DR solutions.

When an event occurs that involves the activation of the DR plan, the application and configuration data stored in the Blob Storage come quickly “rehydrated” in a vSphere cluster activated in AVS, allowing applications to resume operation in AVS.

Conclusions

When you need to develop a disaster recovery solution, each company has specific requirements to be respected and unique preferences on where to place workloads and how to manage the emergency plan. Azure VMware Solution (AVS) can be used flexibly according to different implementation models, easily integrating with both native VMware solutions and third-party solutions. This allows, to organizations at the enterprise level, to be able to rely on Azure VMware Solution for their DR scenarios, with the guarantee of obtaining effective protection and respecting corporate objectives in the Disaster Recovery field.

How to run VMware workloads natively on Azure

Businesses should adopt flexible and cutting-edge solutions to achieve greater stability, continuity and resilience of the main application workloads that support their core business. Azure VMware Solution (AVS) is the service designed, built and supported by Microsoft, and approved by VMware, which allows customers to easily extend or completely migrate their VMware applications residing on-premises to Azure. This article lists the key aspects of this solution that benefits from the efficiency of Microsoft's public cloud, while maintaining operational consistency with the VMware environment.

What is Azure VMware Solution (AVS)?

Azure VMware Solution (AVS) is a service that allows the provisioning and execution of an environment VMware Cloud Foundation full on Azure. VMware Cloud Foundation is VMware's hybrid cloud platform for managing virtual machines and orchestrating containers, where the entire stack is based on a hyperconverged infrastructure (HCI). This architecture model ensures consistent infrastructure and operation across any private and public cloud, including Microsoft Azure.

Figure 1 – Azure VMware Solution Overview

The solution called Azure VMware allows customers to adopt a full set of VMware features, with the guarantee of holding the validation "VMware Cloud Verified". This solution helps to achieve consistency, performance and interoperability for existing VMware workloads, without sacrificing speed, scalability and availability of Azure global infrastructure.

An Azure VMware Solution Private Cloud includes:

  • Dedicated bare-metal servers provided with ESXi VMware hypervisor
  • vCenter server for managing ESXi and vSAN
  • VMware NSX-T software defined networking for vSphere vMs
  • VMware vSAN datastore for vSphere vMs
  • VMware HCX for workload mobility management

Figure 2 – Azure VMware Solution Macro-Architecture

On these infrastructures, it will be possible to create, deploy or migrate VMware virtual machines, but with the advantage of also using the various services offered by Azure.

Main adoption scenarios

The Azure VMware solution can be adopted to address the following scenarios:

  • Need to expand your datacenter
  • Disaster recovery and business continuity
  • Application Modernization
  • Reduction, consolidation or decommissioning of your datacenter

Thanks to this solution it is possible to redistribute your VMware-based virtual machines in an automated way, scalable and highly available without changing the underlying vSphere hypervisor. Systems can be migrated by adopting native VMware solutions (VMware HCX) or using Azure Migrate.

Benefits of the solution

Among the main benefits of adopting this solution it is possible to mention:

  • Ability to take advantage of investments already made in the skills and tools for managing on-premises VMware environments.
  • Modernization of your application workloads by adopting Azure services and without facing interruptions.
  • Convenience especially for running Windows and SQL Server workloads. Indeed, Customers adopting this solution are entitled to three years of free Extended Security Updates for Windows Server and SQL Server. Furthermore, being in effect an Azure service, Azure VMware Solution supports Azure Hybrid Benefits, that allow you to maximize the investments made in local Windows Server and SQL Server licenses during the migration or extension to Azure. Finally, you can get a financial benefit by buying Reserved Instances (to 1 or 3 years) to save on the cost of the Azure VMware Solution.

Features of the solution

Azure Private Cloud infrastructure contains vSphere clusters on dedicated bare metal systems, able to scale from 3 to 16 host. It also provides the ability to have multiple clusters in a single Azure Private Cloud. The hosts are high-end and equipped with two Intel processors 18 core, 2,3 GHz and 576 GB RAM.

Storage

Azure Private Clouds provide cluster-level storage using software-defined technology vMware vSAN. All local storage of each host in a cluster is used in a vSAN datastore and at-rest data encryption is enabled by default. The vSAN datastore also enables deduplication and data compression.

All disk groups use an NVMe cache of 1,6 TB with a raw capacity of 15,4 TB per host, based on SSD disks. The raw capacity of a cluster is the capacity per host multiplied by the number of nodes.

You can use Azure storage to extend the storage capacity of these private clouds. For more information about storage, see the Microsoft-specific documentation.

Networking

The solution offers a private cloud environment accessible from on-premises and Azure-based resources. Services like Azure ExpressRoute, VPN connections or Azure Virtual WAN are required to ensure connectivity.

In particular, ExpressRoute is used to connect physical components to the Azure backbone. Since Virtual Network Gateways connected to an ExpressRoute circuit cannot pass traffic between two circuits (one circuit will go to the on-premises environment and one will go to the Azure VMware solution) Microsoft uses the feature ExpressRoute Global Reach to directly connect the local circuit to AVS.

Figure 3 – Azure VMware Solution Networking

If ExpressRoute Global Reach cannot be activated, it is possible to evaluate the adoption of a routing solution using third-party appliances (NVA) or Azure Virtual WAN. In the scenario with NVA it becomes useful Azure Route Server, which simplifies dynamic routing between the virtual network appliance (NVA) and the Azure virtual network. Azure Route Server allows you to exchange routing information directly through the Border Gateway Protocol (BGP) between any NVA (which supports this protocol) and the Azure virtual network, without the need to configure or maintain routing tables.

When you activate an Azure Private Cloud with Azure VMware Solution private networks are created for management, provisioning and vMotion functionality.

For further information on networking, see the Microsoft documentation and this document where more details are reported on possible scenarios to ensure connectivity.

Access and security

In order to achieve greater security, Azure VMware solution's private clouds use vSphere role-based access control. vSphere SSO LDAP features can be integrated with Azure Active Directory. For more information on this, see this Microsoft's document.

Management of updates and maintenance of the solution

One of the main advantages of this solution is that the platform is maintained by Microsoft and automatic and regular updates are included, providing the latest feature sets and increased security and stability.

The components of the Azure VMware solution that are subject to updates are as follows:

  • vCenter and ESXi
  • vSAN
  • NSX-T
  • Underlying hardware with bare metal node and network switch drivers and firmware

The following updates are applied to the Azure VMware solution:

  • Security patches and bug fixes released by VMware.
  • Major and minor version updates of VMware components.

In addition to performing updates, the Azure VMware solution also provides a backup of the configuration of the following VMware components:

  • vCenter Server
  • NSX-T Manager

More details about maintenance and platform updates can be found in this Microsoft article.

Support and Responsibility

Azure VMware Solution is validated, supported and certified by VMware and Microsoft. The support of the solution is provided by Microsoft which is always the first and only point of contact for the customer. If necessary, Microsoft will coordinate with VMware support for specific issues regarding VMware solutions.

Azure VMware Solution uses a shared responsibility model according to the following matrix:

Figure 4 – Azure VMware Solution: shared responsibility matrix

Solution security

Azure VMware Solution can count on a high degree of security consisting of the following factors:

Figure 5 – Factors that make up the security of Azure VMware Solution

Solution availability

The solution can be adopted in production environments and is currently available on several Azure regions, available at this link.

Solution monitor

The complete monitor of the solution can be done via Azure Monitor and, after the solution is activated in the Azure subscription, automatically starts collecting its logs. Furthermore, you can install the Azure Monitor agent on Linux and Windows virtual machines hosted in the private clouds of the Azure VMware solution, you can also enable the Azure diagnostics extension.

Conclusions

Thanks to the close collaboration between Microsoft and VMware, this solution offers customers who already have an on-premises VMware environment the same possibilities also in the Microsoft public cloud., being able to adopt the wide range of services offered by Azure. Furthermore, this solution allows you to take advantage of a consistent operating model that can increase agility, deployment speed and resiliency of your business critical workloads.

Azure VMware Solution: Disaster Recovery scenarios using VMware Site Recovery Manager

The corporate business is heavily dependent on IT solutions and often these are not properly structured to deal with incidents of any kind, even the most remote, which could cause damage, an interruption or loss of data. VMware Site Recovery Manager (SRM) is a disaster recovery solution that allows you to minimize the downtime of workloads in the VMware environment in the event of a disaster. SRM is very popular for customers who use VMware at on-premises datacenters and recently the possibility of using the same solution with Azure VMware Solution was announced (AVS). This article describes how SRM for AVS can simplify the management of Disaster Recovery strategies, ensuring rapid and predictable recovery times.

What is VMware Site Recovery Manager (SRM)?

VMware Site Recovery Manager is an automation solution, which integrates with underlying replication technology, able to offer:

  • Recovery test without service interruptions
  • Workflow able to guarantee the orchestration of DR plans in an automated way
  • Automatic reset of network and security settings (integration with VMware NSX)

The solution offers the possibility to insure in a simple and reliable way, restore and move virtual machines between multiple VMware sites with little or no downtime.

Site Recovery Manager allows you to natively take advantage of VMware vSphere and use the SDDC architecture (Software-Defined Data Center) integrating with other VMware solutions, such as VMware NSX (network virtualization) and VMware vSAN.

Site Recovery Manager requires one of the following underlying replication technologies to orchestrate virtual machine recovery operations:

  • VMware vSphere Replication: replication focused on VMs and based on the hypervisor. It is the solution natively integrated with Site Recovery Manager and included in most versions of vSphere.
  • Third party solutions: Site Recovery Manager uses plug-in SRA (Storage Replication Adapter) developed by storage partners for integration with third-party systems.

How to purchase SRM

Site Recovery Manager is available in two versions: Standard ed Enterpirse. Both versions of Site Recovery Manager are licensed “per protected virtual machine”.

  SRM STANDARD SRM ENTERPRISE
Licenses As far as 75 Protected VMs per site No license limit on the number of protected VMs
Exclusive features   –          Integration with VMware NSX

–          VMotion orchestrated movement between multiple vCenter instances

–          Extended storage support

–          Policy-based storage management

 

What is Azure VMware Solution (AVS)?

Azure VMware Solution (AVS) is a service that allows the provisioning and execution of an environmentVMware Cloud Foundationfull in Azure.VMware Cloud Foundation is VMware's hybrid cloud platform for managing virtual machines and orchestrating containers, where the entire stack is based on a hyperconverged infrastructure (HCI). This architecture model ensures consistent infrastructure and operation across any private and public cloud, including Microsoft Azure.

Figure 1 – Azure VMware Solution Overview

The solution calledAVS allows customers to adopt a full set of VMware features, with the guarantee of holding the validation "VMware Cloud Verified". At the same time the platform is maintained by Microsoft and automatic and regular updates are guaranteed, that allow you to take advantage of the latest feature sets, as well as obtaining high security and stability.

Thanks to this solution it is therefore possible to have consistency, performance and interoperability for existing VMware workloads, without sacrificing speed, the scalability and availability of the global Azure infrastructure.

An Azure VMware Solution Private Cloud includes:

  • vCenter server for managing ESXi and vSAN
  • Dedicated bare-metal servers provided with ESXi VMware hypervisor
  • VMware vSAN datastore for vSphere vMs
  • VMware NSX-T software defined networking for vSphere vMs
  • VMware HCX for workload mobility management

Figure 2 - Azure VMware Solution interconnection with the on-premises and Azure environment

Azure Private Cloud infrastructure contains vSphere clusters on dedicated bare metal systems, able to scale from 3 to 16 host. It also provides the ability to have multiple clusters in a single Azure Private Cloud. The hosts are high-end and equipped with two Intel processors 18 core, 2,3 GHz and 576 GB RAM.

VMware Site Recovery Manager (SRM) with Azure VMware Solution (AVS)

Site Recovery Manager (SRM) for Azure VMware Solution (AVS) is able to automate and orchestrate failover and failback processes in the following Disaster Recovery scenarios:

  • On-premise VMware to Azure VMware Solution private cloud disaster recovery
  • Primary Azure VMware Solution to a secondary disaster recovery Azure VMware Solution private cloud

Furthermore, thanks to the ability to perform failover tests without generating disruption to the production environment, it is possible to periodically guarantee the achievement of the recovery time objectives required for the disaster recovery plans.

Figure 3 - Diagram of a DR scenario between two Azure VMware Solution environments

Also in this scenario SRM is licensed and supported directly by VMware. Customers cannot reuse SRM licenses from the on-premises environment even in AVS environments, but new SRM licenses must be available for AVS environments.

Azure VMware Solution also provides a mechanism to simplify the installation and management of the SRM life cycle. Indeed, by accessing the navigation menu in the AVS private cloud it is possible to install VMware SRM with vSphere Replication as an additional service. To do this, simply select “VMware Site Recovery Manager (SRM) - vSphere Replication ”from the Disaster Recovery Solution menu and follow the relevant instructions.

Figure 4 - Enabling of “VMware Site Recovery Manager (SRM) – vSphere Replication” from Disaster Recovery Solution menu of AVS

Use cases

This integration between Azure VMware Solution and Site Recovery Manager can be activated to implement the following types of recovery scenarios:

  • Planned migration. This is an orderly migration of virtual machines from the protected site to the recovery site where no data loss is expected during the guided migration of workloads.
  • Disaster Recovery. SRM activates the DR plan when the primary site unexpectedly goes offline. Site Recovery Manager orchestrates the recovery process with replication mechanisms, to minimize data loss and environment downtime.
  • Bidirectional protection. Bi-directional protection uses a single set of paired SRM sites to protect virtual machines in both directions. Each site can be a protected site and a recovery site at the same time, but for a different set of virtual machines.

Conclusions

Thanks to the introduction of this feature in AVS, starting from the automation functionality of VMware Site Recovery Manager recovery plans and the hypervisor-based replication capabilities of vSphere Replication, you can take advantage of an end-to-end Disaster Recovery solution, able to accelerate the enabling of the protection, as well as simplifying the operations necessary to implement DR plans. In this way, you can make the most of the agility and convenience of this solution in an Azure environment.

The new VMware solution in the Microsoft Public Cloud

In the current economic context, many companies face new challenges to adopt flexible and economical solutions that allow for greater stability, continuity and resiliency for key application workloads that support their core business. It was recently announced that Azure VMware Solution (AVS) the new service designed, built and supported by Microsoft, and approved by VMware, which allows customers to easily extend or completely migrate their VMware applications residing on-premises to Azure. This article lists the key aspects of this solution that benefits from the efficiency of Microsoft's public cloud, while maintaining operational consistency with the VMware environment.

Features of the solution

Azure VMware Solution (AVS) is a service that allows the provisioning and execution of an environment VMware Cloud Foundation full on Azure. VMware Cloud Foundation is VMware's hybrid cloud platform for managing virtual machines and orchestrating containers, where the entire stack is based on a hyperconverged infrastructure (HCI). This architecture model ensures consistent infrastructure and operation across any private and public cloud, including Microsoft Azure.

Figure 1 – Azure VMware Solution Overview

The solution called Azure VMware allows customers to adopt a full set of VMware features, with the guarantee of holding the validation "VMware Cloud Verified". This solution helps to achieve consistency, performance and interoperability for existing VMware workloads, without sacrificing speed, scalability and availability of Azure global infrastructure.

An Azure VMware Solution Private Cloud includes:

  • Dedicated bare-metal servers provided with ESXi VMware hypervisor
  • vCenter server for managing ESXi and vSAN
  • VMware NSX-T software defined networking for vSphere vMs
  • VMware vSAN datastore for vSphere vMs
  • VMware HCX for workload mobility management

Figure 2 – Azure VMware Solution Macro-Architecture

On these infrastructures, it will be possible to create, deploy or migrate VMware virtual machines, but with the advantage of also using the various services offered by Azure.

All Azure Private Clouds currently come with the following software and hardware specifications:

Figure 3 – Azure VMware Solution software and hardware specifications

Azure Private Cloud infrastructure contains vSphere clusters on dedicated bare metal systems, able to scale from 3 to 16 host. It also provides the ability to have multiple clusters in a single Azure Private Cloud. The hosts are high-end and equipped with two Intel processors 18 core, 2,3 GHz and 576 GB RAM.

Storage

Azure Private Clouds provide cluster-level storage using software-defined technology vMware vSAN. All local storage of each host in a cluster is used in a vSAN datastore and at-rest data encryption is enabled by default. The vSAN datastore also enables deduplication and data compression. Hosts have two vSAN diskgroups with a total raw capacity of 15,36 TB (SSD disks) and a vSAN cache from 3,2 T B (NVMe disks). The raw capacity of a cluster is the capacity per host multiplied by the number of nodes. You can use Azure storage to extend the storage capacity of these private clouds. For more information about storage, see the Microsoft-specific documentation.

Networking

When you activate an Azure Private Cloud with Azure VMware Solution private networks are created for management, provisioning and vMotion functionality. Access to the private cloud from on-premises environments uses ExpressRoute Global Reach for a private and secure connection.

Figure 4 – Azure VMware Solution Networking

For further information on networking, see the Microsoft documentation.

Access and security

In order to achieve greater security, Azure VMware solution's private clouds use vSphere role-based access control. vSphere SSO LDAP features can be integrated with Azure Active Directory. For more information on this, see this Microsoft's document.

Management of updates and maintenance of the solution

One of the main advantages of this solution is that the platform is maintained by Microsoft and automatic and regular updates are included, providing the latest feature sets and increased security and stability.

The components of the Azure VMware solution that are subject to updates are as follows:

  • vCenter and ESXi
  • vSAN
  • NSX-T
  • Underlying hardware with bare metal node and network switch drivers and firmware

The following updates are applied to the Azure VMware solution:

  • Security and bug fixes released by VMware.
  • Major and minor version updates of VMware components.

In addition to performing updates, the Azure VMware solution also provides a backup of the configuration of the following VMware components:

  • vCenter Server
  • NSX-T Manager

More details about maintenance and platform updates can be found in this Microsoft article.

Support and Responsibility

Azure VMware Solution is validated, supported and certified by VMware and Microsoft. The support of the solution is provided by Microsoft which is always the first and only point of contact for the customer. If necessary, Microsoft will coordinate with VMware support for specific issues regarding VMware solutions.

Azure VMware Solution uses a shared responsibility model according to the following matrix:

Figure 5 – Azure VMware Solution: shared responsibility matrix

Solution security

Azure VMware Solution can count on a high degree of security consisting of the following factors:

Figure 6 – Factors that make up the security of Azure VMware Solution

Solution availability

The solution can be adopted in production environments and is currently available in a limited number of Azure regions:

Figure 7 – Azure VMware Solution Availability

To consult the updated availability of the solution by region, you can access this page.

Solution monitor

The complete monitor of the solution can be done via Azure Monitor and, after the solution is activated in the Azure subscription, automatically starts collecting its logs. Furthermore, you can install the Azure Monitor agent on Linux and Windows virtual machines hosted in the private clouds of the Azure VMware solution, you can also enable the Azure diagnostics extension.

Main adoption scenarios

The Azure VMware solution can be adopted to address the following scenarios:

  • Need to expand your datacenter
  • Disaster recovery and business continuity
  • Application Modernization
  • Reduction, consolidation or decommissioning of your datacenter.

Thanks to this solution, you can redistribute your VMware-based virtual machines in a non-destructive way, automated, scalable and highly available without changing the underlying vSphere hypervisor. Systems can be migrated by adopting native VMware solutions (VMware HCX) or using Azure Migrate.

Figure 8 – Adopting VMware HCX for migration to Azure VMware Solution

Benefits of the solution

Among the main benefits of adopting this solution it is possible to mention:

  • Ability to take advantage of investments already made in the skills and tools for managing on-premises VMware environments.
  • Modernization of your application workloads by adopting Azure services and without facing interruptions.
  • Convenience especially for running Windows and SQL Server workloads. Indeed, customers who adopt this solution are entitled to three years of free extended security updates for versions 2008 of Windows Server and SQL Server. Furthermore, being in effect an Azure service, Azure VMware Solution supports Azure Hybrid Benefits, that allow you to maximize the investments made in local Windows Server and SQL Server licenses during the migration or extension to Azure. Finally, you can get a financial benefit by buying Reserved Instances (to 1 or 3 years) to save on the cost of the Azure VMware Solution.

Conclusions

Thanks to the close collaboration between Microsoft and VMware, the new solution offers customers who already have an on-premises VMware environment the same possibilities also in the Microsoft public cloud, being able to adopt the wide range of services offered by Azure. With this solution, you can take advantage of a consistent operating model that can increase agility, deployment speed and resiliency of your business critical workloads.