Share the love

Azure Site Recovery (ASR) is a disaster recovery solution that helps you to replicate and recover your on-premises or Azure virtual machines (VMs) in case of an outage. Azure Virtual WAN is a networking service that allows you to connect your on-premises and Azure resources to the cloud in a highly available and scalable manner. Together, ASR and Azure Virtual WAN can be used to build a highly available and scalable multi-region disaster recovery solution.

Here’s a tutorial on how to build a disaster recovery solution using ASR and Azure Virtual WAN:

  1. Create an Azure Virtual WAN and configure it with the appropriate virtual hub, VPN gateway, and virtual network gateways.
  2. Create a disaster recovery vault in Azure and configure it with the appropriate settings.
  3. Create a replication policy in the disaster recovery vault and assign it to your VMs.
  4. Configure ASR to replicate your on-premises VMs to the disaster recovery vault in Azure (Check the example below).
  5. Configure the Azure Virtual WAN to connect the on-premises network to the disaster recovery vault in Azure.
  6. Create a disaster recovery plan in the disaster recovery vault and configure it with the appropriate settings.
  7. Test the disaster recovery plan to ensure that it works as expected.
  8. Once you are confident that your disaster recovery plan works, enable it to automatically failover in case of an outage.

Here is an example of how to use Azure CLI to create a virtual WAN, virtual hub, and VPN gateway:

# Create a virtual WAN
az network vwan create -n myVwan -g myResourceGroup

# Create a virtual hub
az network vhub create -n myVhub -g myResourceGroup --vwan myVwan

# Create a VPN gateway
az network vpn-gateway create -n myVpnGateway -g myResourceGroup --vhub myVhub

And here is an example of how to use Azure PowerShell to create a replication policy and start replication:

# Create a replication policy
$policy = New-AzRecoveryServicesAsrPolicy -Name "MyPolicy" -RecoveryPointHistoryDurationInMinutes 30 -AppConsistentFrequencyInMinutes 30

# Assign the policy to the VM
Add-AzRecoveryServicesAsrProtection -Policy $policy -Name "MyVM" -ResourceGroupName "MyResourceGroup"

# Start replication
Start-AzRecoveryServicesAsrReplication -Name "MyVM" -ResourceGroupName "MyResourceGroup"

Sample Code – Terraform

Here is an example of how to use Terraform to create a disaster recovery solution using Azure Site Recovery (ASR) and Azure Virtual WAN:

Create a Terraform configuration file that defines the Azure Virtual WAN, virtual hub, and VPN gateway resources.

resource "azurerm_virtual_wan" "example" {
  name                = "example"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
}

resource "azurerm_virtual_hub" "example" {
  name                = "example"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
  virtual_wan_id      = azurerm_virtual_wan.example.id
}

resource "azurerm_vpn_gateway" "example" {
  name                = "example"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
  virtual_hub_id      = azurerm_virtual_hub.example.id
}

Create a Terraform configuration file that defines the ASR replication policy, and the target and source VM resources.

resource "azurerm_recovery_services_protection_policy_vm" "example" {
  name                = "example"
  resource_group_name = azurerm_resource_group.example.name
  recovery_point_history = 30
  app_consistent_snapshot_frequency_in_minutes = 30
}

resource "azurerm_recovery_services_replication_protected_item" "example" {
  name                = "example"
  resource_group_name = azurerm_resource_group.example.name
  recovery_vault_name = azurerm_recovery_services_vault.example.name
  source_resource_id  = azurerm_virtual_machine.source.id
  policy_id           = azurerm_recovery_services_protection_policy_vm.example.id
}

Example

Here is an example scenario of how to use Azure Site Recovery (ASR) and Azure Virtual WAN to create a disaster recovery solution:

Scenario: A company called “Acme Corp” has two Azure regions: “East US” and “West US”. They have a 3-tier application running on a set of virtual machines in “East US” region. They want to implement a disaster recovery solution that will allow them to failover to the “West US” region in case of an outage or disaster in the “East US” region.

Solution:

  1. Create an Azure Virtual WAN in the “East US” region and configure it to connect to the “West US” region using a VPN gateway.
  2. Create an Azure Virtual Hub in the “East US” region and connect it to the Virtual WAN.
  3. Create an Azure VPN gateway in the “East US” region and connect it to the Virtual Hub.
  4. Create an Azure Site Recovery (ASR) replication policy in the “East US” region.
  5. Add the virtual machines that host the 3-tier application to the ASR replication policy.
  6. Configure the ASR replication policy to replicate the virtual machines to the “West US” region.
  7. Test the disaster recovery solution by failing over to the “West US” region.
  8. Monitor the disaster recovery solution and make any necessary adjustments.

Example – Replication Policy

The ASR replication policy configuration would vary depending on your specific requirements, but here’s an example of how it might look like:

{
    "properties": {
        "providerSpecificDetails": [
            {
                "instanceType": "VMware",
                "recoveryAzureVmName": "replicated-vm",
                "recoveryAzureStorageAccountId": "/subscriptions/<subscription-id>/resourceGroups/<rg-name>/providers/Microsoft.Storage/storageAccounts/<storage-account-name>",
                "recoveryAzureResourceGroupId": "/subscriptions/<subscription-id>/resourceGroups/<rg-name>",
                "recoveryAzureNetworkId": "/subscriptions/<subscription-id>/resourceGroups/<rg-name>/providers/Microsoft.Network/virtualNetworks/<vnet-name>",
                "recoveryAzureSubnetName": "default",
                "selectedRecoveryAzureNetworkId": "/subscriptions/<subscription-id>/resourceGroups/<rg-name>/providers/Microsoft.Network/virtualNetworks/<vnet-name>",
                "multiVmSyncStatus": "Disabled",
                "useManagedDisks": "Enabled",
                "recoveryBootDiagStorageAccountId": "/subscriptions/<subscription-id>/resourceGroups/<rg-name>/providers/Microsoft.Storage/storageAccounts/<storage-account-name>",
                "enableRdpOnTargetOption": "Disabled"
            }
        ],
        "recoveryAzureResourceGroupId": "/subscriptions/<subscription-id>/resourceGroups/<rg-name>",
        "recoveryAzureStorageAccountId": "/subscriptions/<subscription-id>/resourceGroups/<rg-name>/providers/Microsoft.Storage/storageAccounts/<storage-account-name>",
        "recoveryAzureNetworkId": "/subscriptions/<subscription-id>/resourceGroups/<rg-name>/providers/Microsoft.Network/virtualNetworks/<vnet-name>",
        "recoveryAzureSubnetName": "default",
        "selectedRecoveryAzureNetworkId": "/subscriptions/<subscription-id>/resourceGroups/<rg-name>/providers/Microsoft.Network/virtualNetworks/<vnet-name>",
        "multiVmSyncStatus": "Disabled",
        "useManagedDisks": "Enabled",
        "recoveryBootDiagStorageAccountId": "/subscriptions/<subscription-id>/resourceGroups/<rg-name>/providers/Microsoft.Storage/storageAccounts/<storage-account-name>",
        "enableRdpOnTargetOption": "Disabled"
    }
}

This example policy is replicating vm from East US to West US region, it specifies the recovery Azure VM name, recovery Azure storage account, recovery Azure resource group, recovery Azure network, and recovery Azure subnet that the replicated VM will be connected to in the West US region. It also specifies that the replication should use Managed Disks and that the multi-VM sync feature should be enabled.

Configure the replication policy to replicate the VM

To configure the replication policy to replicate the VM to the West US region, you would need to do the following steps:

  1. In the Azure portal, navigate to the Azure Site Recovery service.
  2. Select the Replication Policies tab, and then click on the “+Create” button to create a new policy.
  3. Give the policy a name and select the target subscription, resource group, and region (West US) for the replicated VMs.
  4. Select the “Managed Disks” option for the disk type and enable the “Multi-VM Synchronization” feature.
  5. Click on “OK” to create the replication policy.
  6. Once the replication policy is created, you can then associate it with the VM that you want to replicate to the West US region.
  7. In the Azure portal, navigate to the VM that you want to replicate, and then click on the “Replicate” button.
  8. Select the replication policy that you created earlier and then click on “OK” to start the replication process.
  9. The replication process may take some time to complete, and you can monitor the progress of the replication by going to the Azure Site Recovery service and checking the replication jobs.

Note: Replication policy can be also configured using terraform or Azure CLI commands or azure powershell commands.