Backup VMware Server Workloads to Azure Backup Server

In my previous article, I explained how to install and configure Azure Backup Server. This article explains how to configure Azure Backup Server to help protect VMware  Server workloads. I am assuming that you already have Azure Backup Server installed. Azure Backup Server can back up, or help protect, VMware vCenter Server version 5.5 and later version.

Step1: Create a secure connection to the vCenter Server

By default, Azure Backup Server communicates with each vCenter Server via an HTTPS channel. To turn on the secure communication, we recommend that you install the VMware Certificate Authority (CA) certificate on Azure Backup Server.

To fix this issue, and create a secure connection, download the trusted root CA certificates.

  1. In the browser on Azure Backup Server, enter the URL to the vSphere Web Client. The vSphere Web Client login page appears. Example, https://vcenter.domain.com

At the bottom of the information for administrators and developers, locate the Download trusted root CA certificates link.

  1. Click Download trusted root CA certificates.

The vCenter Server downloads a file to your local computer. The file’s name is named download. Depending on your browser, you receive a message that asks whether to open or save the file.

  1. Save the file to a location on Azure Backup Server. When you save the file, add the .zip file name extension. The file is a .zip file that contains the information about the certificates. With the .zip extension, you can use the extraction tools.
  2. Right-click zip, and then select Extract Allto extract the contents. The CRL file has an extension that begins with a sequence like .r0 or .r1. The CRL file is associated with a certificate.
  3. In the certsfolder, right-click the root certificate file, and then click Rename. Change the root certificate’s extension to .crt. When you’re asked if you’re sure you want to change the extension, click Yes or OK.  Right-click the root certificate and from the pop-up menu, select Install Certificate. The Certificate Import Wizard dialog box appears.
  4. In the Certificate Import Wizarddialog box, select Local Machine as the destination for the certificate, and then click Next to continue.

If you’re asked if you want to allow changes to the computer, click Yes or OK, to all the changes.

  1. On the Certificate Storepage, select Place all certificates in the following store, and then click Browse to choose the certificate store.

The Select Certificate Store dialog box appears.

  1. Select Trusted Root Certification Authoritiesas the destination folder for the certificates, and then click OK. The Trusted Root Certification Authorities folder is confirmed as the certificate store. Click Next.
  2. On the Completing the Certificate Import Wizardpage, verify that the certificate is in the desired folder, and then click Finish.
  3. Sign in to the vCenter Server to confirm that your connection is secure.

If you have secure boundaries within your organization, and don’t want to turn on the HTTPS protocol, use the following procedure to disable the secure communications.

Step2: Disable secure communication protocol

If your organization doesn’t require the HTTPS protocol, use the following steps to disable HTTPS. To disable the default behavior, create a registry key that ignores the default behavior.

  1. Copy and paste the following text into a .txt file.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Data Protection Manager\VMWare]

“IgnoreCertificateValidation”=dword:00000001

  1. Save the file to your Azure Backup Server computer. For the file name, use DisableSecureAuthentication.reg.
  2. Double-click the file to activate the registry entry.

Step3: Create a role and user account on the vCenter Server

To establish the necessary user credentials to back up the vCenter Server workloads, create a role with specific privileges, and then associate the user account with the role.

Azure Backup Server uses a username and password to authenticate with the vCenter Server. Azure Backup Server uses these credentials as authentication for all backup operations.

To add a vCenter Server role and its privileges for a backup administrator:

  1. Sign in to the vCenter Server, and then in the vCenter Server Navigatorpanel, click Administration.
  2. In Administrationselect Roles, and then in the Roles panel click the add role icon (the + symbol). The Create Role dialog box appears.
  3. In the Create Roledialog box, in the Role name box, enter BackupAdminRole. The role name can be whatever you like, but it should be recognizable for the role’s purpose.
  4. Select the privileges for the appropriate version of vCenter, and then click OK. The following table identifies the required privileges for vCenter 6.0 and vCenter 5.5.

When you select the privileges, click the icon next to the parent label to expand the parent and view the child privileges. To select the VirtualMachine privileges, you need to go several levels into the parent child hierarchy. You don’t need to select all child privileges within a parent privilege. After you click OK, the new role appears in the list on the Roles panel.

Privileges for vCenter 6.0 Privileges for vCenter 5.5
Datastore.AllocateSpace Datastore.AllocateSpace
Global.ManageCustomFields Global.ManageCustomerFields
Global.SetCustomFields
Host.Local.CreateVM Network.Assign
Network.Assign
Resource.AssignVMToPool
VirtualMachine.Config.AddNewDisk VirtualMachine.Config.AddNewDisk
VirtualMachine.Config.AdvanceConfig VirtualMachine.Config.AdvancedConfig
VirtualMachine.Config.ChangeTracking VirtualMachine.Config.ChangeTracking
VirtualMachine.Config.HostUSBDevice
VirtualMachine.Config.QueryUnownedFiles
VirtualMachine.Config.SwapPlacement VirtualMachine.Config.SwapPlacement
VirtualMachine.Interact.PowerOff VirtualMachine.Interact.PowerOff
VirtualMachine.Inventory.Create VirtualMachine.Inventory.Create
VirtualMachine.Provisioning.DiskRandomAccess
VirtualMachine.Provisioning.DiskRandomRead VirtualMachine.Provisioning.DiskRandomRead
VirtualMachine.State.CreateSnapshot VirtualMachine.State.CreateSnapshot
VirtualMachine.State.RemoveSnapshot VirtualMachine.State.RemoveSnapshot

Step4: Create a vCenter Server user account and permissions

After the role with privileges is set up, create a user account. The user account has a name and password, which provides the credentials that are used for authentication.

  1. To create a user account, in the vCenter Server Navigatorpanel, click Users and Groups. The vCenter Users and Groups panel appears.
  2. In the vCenter Users and Groupspanel, select the Users tab, and then click the add users icon (the + symbol). The New User dialog box appears.
  3. In the New Userdialog box, add the user’s information and then click OK. In this procedure, the username is BackupAdmin. The new user account appears in the list.
  4. To associate the user account with the role, in the Navigatorpanel, click Global Permissions. In the Global Permissions panel, select the Manage tab, and then click the add icon (the + symbol). The Global Permissions Root – Add Permission dialog box appears.
  5. In the Global Permission Root – Add Permissiondialog box, click Add to choose the user or group.  The Select Users/Groups dialog box appears.
  6. In the Select Users/Groupsdialog box, choose BackupAdmin and then click Add. In Users, the domain\username format is used for the user account. If you want to use a different domain, choose it from the Domain Click OK to add the selected users to the Add Permission dialog box.
  7. Now that you’ve identified the user, assign the user to the role. In Assigned Role, from the drop-down list, select BackupAdminRole, and then click OK. On the Managetab in the Global Permissions panel, the new user account and the associated role appear in the list.

Step6: Establish vCenter Server credentials on Azure Backup Server

  1. To open Azure Backup Server, double-click the icon on the Azure Backup Server desktop.
  2. In the Azure Backup Server console, click Management, click Production Servers, and then on the tool ribbon, click Manage VMware. The Manage Credentialsdialog box appears.
  3. In the Manage Credentialsdialog box, click Add to open the Add Credential dialog box.
  4. In the Add Credentialdialog box, enter a name and a description for the new credential. Then specify the username and password. The name, Contoso Vcenter credential is used to identify the credential in the next procedure. Use the same username and password that is used for the vCenter Server. If the vCenter Server and Azure Backup Server are not in the same domain, in User name, specify the domain.

Click Add to add the new credential to Azure Backup Server. The new credential appears in the list in the Manage Credentials dialog box.

  1. To close the Manage Credentialsdialog box, click the X in the upper-right corner.

Step7: Add the vCenter Server to Azure Backup Server

Production Server Addition Wizard is used to add the vCenter Server to Azure Backup Server. To open Production Server Addition Wizard, complete the following procedure:

  1. In the Azure Backup Server console, click Management, click Production Servers, and then click Add. The Production Server Addition Wizarddialog box appears.
  2. On the Select Production Server typepage, select VMware Servers, and then click Next.
  3. In Server Name/IP Address, specify the fully qualified domain name (FQDN) or IP address of the VMware server. If all the ESXi servers are managed by the same vCenter, you can use the vCenter name.
  4. In SSL Port, enter the port that is used to communicate with the VMware server. Use port 443, which is the default port, unless you know that a different port is required.
  5. In Specify Credential, select the credential that you created earlier.
  6. Click Addto add the VMware server to the list of Added VMware Servers, and then click Next to move to the next page in the wizard.
  7. In the Summarypage, click Add to add the specified VMware server to Azure Backup Server. The VMware server backup is an agentless backup, and the new server is added immediately. The Finishpage shows you the results.

After you add the vCenter Server to Azure Backup Server, the next step is to create a protection group. The protection group specifies the various details for short or long-term retention, and it is where you define and apply the backup policy. The backup policy is the schedule for when backups occur, and what is backed up.

Step8: Configure a protection group

After you check that you have proper storage, use the Create New Protection Group wizard to add VMware virtual machines.

  1. In the Azure Backup Server console, click Protection, and in the tool ribbon, click Newto open the Create New Protection Group wizard.

The Create New Protection Group wizard dialog box appears. Click Next to advance to the Select protection group type page.

  1. On the Select Protection group typepage, select Servers and then click Next. The Select group memberspage appears.
  2. On the Select group memberspage, the available members and the selected members appear. Select the members that you want to protect, and then click Next.

When you select a member, if you select a folder that contains other folders or VMs, those folders and VMs are also selected. The inclusion of the folders and VMs in the parent folder is called folder-level protection. To remove a folder or VM, clear the check box.

  1. On the Select Data Protection Methodpage, enter a name for the protection group. Short-term protection (to disk) and online protection are selected. If you want to use online protection (to Azure), you must use short-term protection to disk. Click Next to proceed to the short-term protection range.
  2. On the Specify Short-Term Goalspage, for Retention Range, specify the number of days that you want to retain recovery points that are stored to disk. If you want to change the time and days when recovery points are taken, click Modify. The short-term recovery points are full backups. They are not incremental backups. When you are satisfied with the short-term goals, click Next.
  3. On the Review Disk Allocationpage, review and if necessary, modify the disk space for the VMs. The recommended disk allocations are based on the retention range that is specified in the Specify Short-Term Goals page, the type of workload, and the size of the protected data (identified in step 3).
    • Data size:Size of the data in the protection group.
    • Disk space:The recommended amount of disk space for the protection group. If you want to modify this setting, you should allocate total space that is slightly larger than the amount that you estimate each data source grows.
    • Colocate data:If you turn on colocation, multiple data sources in the protection can map to a single replica and recovery point volume. Colocation isn’t supported for all workloads.
    • Automatically grow:If you turn on this setting, if data in the protected group outgrows the initial allocation, System Center Data Protection Manager tries to increase the disk size by 25 percent.
    • Storage pool details:Shows the status of the storage pool, including total and remaining disk size.

When you are satisfied with the space allocation, click Next.

  1. On the Choose Replica Creation Methodpage, specify how you want to generate the initial copy, or replica, of the protected data on Azure Backup Server.

The default is Automatically over the network and Now. If you use the default, we recommend that you specify an off-peak time. Choose Later and specify a day and time.  For large amounts of data or less-than-optimal network conditions, consider replicating the data offline by using removable media. After you have made your choices, click Next.

  1. On the Consistency Check Optionspage, select how and when to automate the consistency checks. You can run consistency checks when replica data becomes inconsistent, or on a set schedule. If you don’t want to configure automatic consistency checks, you can run a manual check. In the protection area of the Azure Backup Server console, right-click the protection group and then select Perform Consistency Check. Click Next to move to the next page.
  2. On the Specify Online Protection Datapage, select one or more data sources that you want to protect. You can select the members individually, or click Select All to choose all members. After you choose the members, click Next.
  3. On the Specify Online Backup Schedulepage, specify the schedule to generate recovery points from the disk backup. After the recovery point is generated, it is transferred to the Recovery Services vault in Azure. When you are satisfied with the online backup schedule, click Next.
  4. On the Specify Online Retention Policypage, indicate how long you want to retain the backup data in Azure. After the policy is defined, click Next.
  5. On the Summarypage, review the details for your protection group members and settings, and then click Create Group.

Now you are ready to backup VMware VM using Backup Server v2.

Azure Backup Server v2

Azure Backup is used for backups and DR, and it works with managed disks as well as unmanaged disks. You can create a backup job with time-based backups, easy VM restoration, and backup retention policies.

Azure Backup for VMware

The following table is a summary of the solutions available for DR.

Scenario Automatic replication DR solution
Premium SSD disks

Managed disks

Local (locally redundant storage)

Cross region (read-access geo-redundant storage)

Azure Backup

Azure Backup Server

Unmanaged LRS and GRS Local (locally redundant storage)

Cross region (geo-redundant storage)

Azure Backup

Azure Backup Server

This article illustrates on how to use Azure Backup Server v2 to backup on-premises and Azure Workloads. Though Azure Backup Server shares much of the same functionality as DPM. Azure Backup Server does not back up to tape, nor does it integrate with System Center. Azure Backup Server is a dedicated role. Do not run any other application or role with the Azure Backup Server.

You can deploy Azure Backup Server from the Azure marketplace or on a On-premises server. The requirement to deploy Azure Backup server on a on-prem infrastructure is to have the below OS.

Operating System Platform SKU
Windows Server 2016 and latest SPs 64 bit Standard, Datacenter
Windows Server 2012/R2 and latest SPs 64 bit Standard, Datacenter,

Microsoft recommends you start with a gallery image of Windows Server 2012 R2 Datacenter or Windows Server 2016 Datacenter to create a Azure Backup Server. Here are the steps, you need to go through to deploy Azure Backup server.

Step1: Install Windows Virtual Machine from the Marketplace

  1. Sign in to the Azure portal at https://portal.azure.com.
  2. Choose Create a resource in the upper left-hand corner of the Azure portal.
  3. In the search box above the list of Azure Marketplace resources, search for and select Windows Server 2016 Datacenter, then choose Create.
  4. Provide a VM name, such as myVM, leave the disk type as SSD, then provide a username, such as azureuser. The password must be at least 12 characters long and meet the defined complexity requirements.
  5. Choose to Create newresource group, then provide a name, such as myResourceGroup. Choose your Location, then select OK.
  6. Select a size for the VM. You can filter by Compute typeor Disk type, for example. A suggested VM size is D2s_v3. Click Select after you have chosen a size.
  7. On the Settingspage, in Network > Network Security Group > Select public inbound ports, select HTTPand RDP (3389) from the drop-down. Leave the rest of the defaults and select OK.
  8. On the summary page, select Createto start the VM deployment.
  9. The VM is pinned to the Azure portal dashboard. Once the deployment has completed, the VM summary automatically opens.

Step2: Create Recovery Vault

  1. Sign in to your subscription in the Azure portal.
  2. In the left-hand menu, select All Services.
  3. In the All services dialog, type Recovery Services. As you begin typing, your input filters the list of resources. Once you see it, select Recovery Services vaults.
  4. On the Recovery Services vaultsmenu, select Add. The Recovery Services vaults menu opens. It prompts you to provide information for NameSubscriptionResource group, and Location.
  5. When you are ready to create the Recovery Services vault, click Create.

Step3: Select Appropriate Storage Type

  1. Select your vault to open the vault dashboard and the Settings menu. If the Settingsmenu doesn’t open, click All settings in the vault dashboard.
  2. On the Settingsmenu, click Backup Infrastructure > Backup Configuration to open the Backup Configuration On the Backup Configuration menu, choose the storage replication option for your vault.
  3. Select LRS or GRS type storage.

Step4: Download Backup Software

  1. Sign in to the Azure portal.
  2. click Browse.In the list of resources, type Recovery Services.
  3. As you begin typing, the list will filter based on your input. When you see Recovery Services vaults,
  4. From the list of Recovery Services vaults, select a vault.
  5. The Settingsblade opens up by default. If it is closed, click on Settings to open the settings blade.
  6. Click Backupto open the Getting Started wizard. In the Getting Started with backup blade that opens, Backup Goals will be auto-selected.
  7. In the Backup Goalblade, from the Where is your workload running menu, select On-premises.
  8. From the What do you want to backup?drop-down menu, select the workloads you want to protect using Azure Backup Server, and then click OK.
  9. In the Prepare infrastructureblade that opens, click the Download links for Install Azure Backup Server and Download vault credentials. You use the vault credentials during registration of Azure Backup Server to the recovery services vault. The links take you to the Download Center where the software package can be downloaded.
  10. Select all the files and click Next. Download all the files coming in from the Microsoft Azure Backup download page, and place all the files in the same folder.

Step5: Extract Software Package

After you’ve downloaded all the files, click MicrosoftAzureBackupInstaller.exe. This will start the Microsoft Azure Backup Setup Wizard to extract the setup files to a location specified by you. Continue through the wizard and click on the Extract button to begin the extraction process.

Step 6: Install Software Package

  1. Click Microsoft Azure Backupto launch the setup wizard.
  2. On the Welcome screen click the Next This takes you to the Prerequisite Checkssection. On this screen, click Check to determine if the hardware and software prerequisites for Azure Backup Server have been met. If all prerequisites are met successfully, you will see a message indicating that the machine meets the requirements. Click on the Next button.
  3. Microsoft Azure Backup Server requires SQL Server Standard. Further,the Azure Backup Server installation package comes bundled with the appropriate SQL Server binaries needed if you do not wish to use your own SQL. When starting with a new Azure Backup Server installation, you should pick the option Install new Instance of SQL Server with this Setupand click the Check and Install Once the prerequisites are successfully installed, click Next.
  4. Provide a location for the installation of Microsoft Azure Backup server files and click Next.
  5. Provide a strong password for restricted local user accounts and click Next.
  6. Select whether you want to use Microsoft Updateto check for updates and click Next.
  7. Review the Summary of Settingsand click Install.
  8. The installation happens in phases. In the first phase the Microsoft Azure Recovery Services Agent is installed on the server. The wizard also checks for Internet connectivity. If Internet connectivity is available you can proceed with installation, if not, you need to provide proxy details to connect to the Internet.
  9. Once registration of the Microsoft Azure Backup server successfully completes, the overall setup wizard proceeds to the installation and configuration of SQL Server and the Azure Backup Server components. Once the SQL Server component installation completes, the Azure Backup Server components are installed.
  10. When the installation step has completed, the product’s desktop icons will have been created as well. Just double-click the icon to launch the product.

Step7: Add a Data Disk to Azure Backup Server

  1. Log on to Azure Portal. In the menu on the left, click Virtual Machines.
  2. Select the virtual machine from the list.
  3. On the virtual machine page, click Disks.
  4. On the Diskspage, click + Add data disk.
  5. In the drop-down for the new disk, select Create disk.
  6. In the Create managed diskpage, type in a name for the disk and adjust the other settings as necessary. When you are done, click Create.
  7. In the Diskspage, click Save to save the new disk configuration for the VM.
  8. After Azure creates the disk and attaches it to the virtual machine, the new disk is listed in the virtual machine’s disk settings under Data disks.

Step8: Initialise the Disk of the Azure Backup Server

  1. Connect to the VM.
  2. Click the start menu inside the VM and type mscand hit Enter. Disk Management snap-in opens.
  3. Disk Management recognizes that you have a new, un-initialized disk and the Initialize Diskwindow pops up.
  4. Make sure the new disk is selected and click OKto initialize it.

Step9: Create a Storage Pool for Azure Backup Server

  1. Navigating to the Storage Pools page in Server Manager
  2. Launch Server Manager and navigate to the “File and Storage Services” page.
  3. Navigate to the Storage Pools page. Refresh the UI by clicking on the Refresh button.
  4. Logon as a user with admin privileges to your server, launch Server Manager, and then navigate to the “Storage Pools” page within the File and Storage Services Role.
  5. Right-click the “Available Disks” pool for the Storage Spaces subsystem and launch the New Storage Pool Wizard.
  6. Launch the New Storage Pool Wizard from the TASKS list.
  7. In the New Storage Pool Wizard, enter desired pool name and optional description. Make sure that you have selected the Primordial pool for the Storage Spaces subsystem.
  8. Select the number of disks needed for pool creation. If you want to designate a physical disk as a hot spare, then select the “Hot Spare” allocation type.
  9. Confirm the selected settings and initiate pool creation by selecting “Create” on the “Confirm selections” page.

Step10: Create a Virtual Disk

  1. Right-click the concrete pool that you just created (the pool where type value is Storage Pool), and then launch the New Virtual Disk Wizard.
  2. In the New Virtual Disk Wizard, make sure that you have selected the appropriate pool. Enter the desired virtual disk name and optional description.
  3. Select the desired storage layout and provisioning scheme as per your storage requirements.
  4. On the “Specify the size of the virtual disk” page, enter the desired size for the new virtual disk or pick the “Maximum size” option.
  • If you pick the “Maximum size” option, the system will try to create the largest size possible for the virtual disk.
  • If you select the check box for “Create the largest virtual disk possible, up to the specified size” while specifying the size then the system will try to create the largest size possible for the virtual disk up to the requested size.
  • It is also important to note that the value showing up as the storage pool free space (in our example 43.8GB) shows the actual free allocation the pool has overall. For cases with a fixed provisioning of a non-simple storage layout such as Mirror or Parity, when defining the size of the virtual disk, you have to take into account the overhead of storage needed to create the extra copies of the virtual disks extents for resiliency. As a basic example, with the 43.8GB free space in the pool, creating a 30GB mirrored virtual disk is not possible since it will take at least 60GB of free space in the pool to create a mirrored virtual disk to hold the two copies of the mirrored data.
  1. Confirm the settings and initiate virtual disk creation by selecting “Create” on the “Confirm selections” page.

Step11: Add Disk to Azure Backup Server

  1. Launch  Azure Backup Server and locate Disk Storage and Add – Select the disk, you want to add
  2. Once Added, this disk will be formatted with REFS file system and the storage will be available for Azure Backup Server.

Now you are ready to use Azure Backup Server. On my next blog, I will explain how to backup VMware VM using Azure Backup Server.

Migrate a SQL Server database to Azure SQL Database

Azure Database Migration Service partners with DMA to migrate existing on-premises SQL Server, Oracle, and MySQL databases to Azure SQL Database, Azure SQL Database Managed Instance or SQL Server on Azure virtual machines.

 

SQL Migration.png
Azure SQL Migration (Source Microsoft Corp)

 

Moving a SQL Server database to Microsoft Azure SQL Database with Data Migration Assistant is a three-part process:

  1. Prepare a database in a SQL Server for migration to Azure SQL Database using the Data Migration Assistant (DMA).
  2. Export the database to a BACPAC file.
  3. Import the BACPAC file into an Azure SQL Database.

Using Microsoft Data Migration Assistant

Step 1: Prepare for migration

Complete these prerequisites:

  • Install the newest version of Microsoft SQL Server Management Studio (SSMS). Installing SSMS also installs the newest version of SQLPackage, a command-line utility that can be used to automate a range of database development tasks.
  • Download and Install the Microsoft Data Migration Assistant (DMA).
  • Identify and have access to a database to migrate.

Follow these steps to use Data Migration Assistant to assess the readiness of your database for migration to Azure SQL Database:

  1. Open the Microsoft Data Migration Assistant. You can run DMA on any computer with connectivity to the SQL Server instance containing the database that you plan to migrate; you do not need to install it on the computer hosting the SQL Server instance.
  2. In the left-hand menu, click New to create an Assessment project. Fill in the form with a Project name (all other values should be left at their default values), and then click Create.
  3. On the Options page, click Next.
  4. On the Select sources page, enter the name of SQL Server instance containing the server you plan to migrate. Change the other values on this page if necessary, and then click Connect.
  5. In the Add sources portion of the Select sources page, select the checkboxes for the databases to be tested for compatibility, and then click Add.
  6. Click Start Assessment.
  7. When the assessment completes, look for the checkmark in the green circle to see if the database is sufficiently compatible to migrate.
  8. Review the results the SQL Server feature parity results. Specifically review the information about unsupported and partially supported features, and the recommended actions.
  9. Review the Compatibility issues by clicking that option in the upper left. Specifically review the information about migration blockers, behavior changes, and deprecated features for each compatibility level. For the AdventureWorks2008R2 database, review the changes to Full-Text Search since SQL Server 2008, and the changes to SERVERPROPERTY(‘LCID’) since SQL Server 2000. For details about these changes, links for more information are provided. Many search options and settings for Full-Text Search have changed.
  10. Optionally, click Export report to save the report as a JSON file.
  11. Close the Data Migration Assistant.

Step 2: Export to BACPAC file

Follow these steps to use the SQLPackage command-line utility to export the AdventureWorks2008R2 database to local storage.

  1. Open a Windows command prompt and change your directory to a folder in which you have the 130 version of SQLPackage, such as C:\Program Files (x86)\Microsoft SQL Server\130\DAC\bin.
  2. Execute the following SQLPackage command at the command prompt to export the AdventureWorks2008R2 database from localhost to AdventureWorks2008R2.bacpac. Change any of these values as appropriate to your environment.

SQLPackageCopy

sqlpackage.exe /Action:Export /ssn:localhost /sdn:AdventureWorks2008R2 /tf:AdventureWorks2008R2.bacpac

Once the execution is complete the generated BACPAC file is stored in the directory where the sqlpackage executable is located. In this example, C:\Program Files (x86)\Microsoft SQL Server\130\DAC\bin.

  1. Log in to the Azure portal.
  2. Create a SQL Server logical server

A SQL Server logical server acts as a central administrative point for multiple databases. Follow these steps to create a SQL server logical server to contain the migrated Adventure Works OLTP SQL Server database.

  1. Click the New button found on the upper left-hand corner of the Azure portal.
  2. Type sql server in the search window on the New page, and select SQL server (logical server) from the filtered list.
  3. Click Create, and enter the properties for the new SQL Server (logical server).
  4. Complete the SQL server (logical server) form with the values from the red box in this image.
  5. Click Create to provision the logical server. Provisioning takes a few minutes.

Step 3: Create a server-level firewall rule

  1. Click All resources from the left-hand menu, and click the new server on the All resources page. The overview page for the server opens and provides options for further configuration.
  2. Click Firewall in the left-hand menu under Settings on the overview page.
  3. Click Add client IP on the toolbar to add the IP address of the computer you are currently using, and then click Save. This creates a server-level firewall rule for this IP address.
  4. Click OK.

Step 3: Import a BACPAC file to Azure SQL Database

The SQLPackage command-line utility is the preferred method to import your BACPAC database to Azure SQL Database for most production environments.

SqlPackage.exe /a:import /tcs:”Data Source=<your_server_name>.database.windows.net;Initial Catalog=<your_new_database_name>;User Id=<change_to_your_admin_user_account>;Password=<change_to_your_password>” /sf:AdventureWorks2008R2.bacpac /p:DatabaseEdition=Premium /p:DatabaseServiceObjective=P6

Connect using SQL Server Management Studio (SSMS)

  1. Open SQL Server Management Studio.
  2. In the Connect to Server dialog box, enter this information.
  • Server type: Specify Database engine
  • Server name: Enter your fully qualified server name, such as mynewserver20170403.database.windows.net
  • Authentication: Specify SQL Server Authentication
  • Login: Enter your server admin account
  • Password: Enter the password for your server admin account
  1. Click Connect.
  2. In Object Explorer, expand Databases, and then expand myMigratedDatabase to view the objects in the sample database.

Using Azure Database Migration Service

Azure Database Migration Service (ADMS), now in limited preview, can help you migrate existing on-premises SQL Server, Oracle, and MySQL databases to Azure SQL Database, Azure SQL Database Managed Instance, or SQL Server on an Azure Virtual Machine.

ADMS is designed to simplify the complex workflows you can encounter when migrating various database types to databases in Azure.

  1. In the Azure portal, select Data Migration Service, and then click New Migration Project.
  2. In New Migration Project, enter a unique project name, server source type and a target server type.
  3. Click Start.
  4. Provide all options under Migration target details, and then click Save.
  5. Provide all options under Migration source detail, and then click Save.
  6. In the Select source databases list, select each source database you want to migrate, and then click Save.
  7. Review the details summary, and then click Run Migration to start the migration. The amount of time the migration will run depends on a variety of factors including size and complexity of the database, source disk speed, and network speed.
  8. Once the migration is finished, a Completed status will be displayed in the SQL Migration dashboard.

Migrating VMware Virtual Workloads to Microsoft Azure Cloud

Overview

Migrating to the cloud doesn’t have to be difficult, but many organizations struggle to get started. Before they can showcase the cost benefits of moving to the cloud or determine if their workloads will lift and shift without effort, they need deep visibility into their own environment and the tight interdependencies between applications, workloads, and data. Azure Migrate, Azure Database Migration Service, and Azure Cost Management provides a frictionless approach to moving VMware VMs to Azure.

VMware to Azure.PNG

Microsoft – Cloud Security Certification

Microsoft Azure has been certified by Australian Signals Dicrectorate (ASD), Department of Defence. Check your region to verify Azure certification by the regulator if you have regulatory compliance requirements.

  • Microsoft has undergone an Information Security Registered Assessors Program (IRAP) assessment of Australian Signals Directorate (ASD) and been certified on the Certified Cloud Services List (CCSL) by ASD for Azure, Dynamics 365, and Office 365
  • Microsoft Azure has been awarded PROTECTED classification level by the Australian Signals Directorate (ASD). Microsoft Azure is the first global cloud provider which has been awarded PROTECTED
  • Azure, Cloud App Security, Intune, Office 365, Dynamics 365 and Power BI are awarded certification after rigorous independent assessments of cloud providers by the Cloud Security Alliance (CSA)
  • Azure, Cloud App Security, Intune, Office 365, Dynamics 365 and Power BI are awarded ISO/IEC 27001 certification meeting criteria specified in the ISO certification

Licensing Cost & Azure Hybrid Benefit

  • customers with Software Assurance to run Windows Server VMs on Azure at a lower rate.
  • save up to 40 percent on Windows Server VMs
  • Use existing SQL Server licenses toward SQL Database managed instances
  • Azure Reserved Virtual Machine Instances to further reduce costs—up to 72% on PAYG prices per year or per three years terms on both Windows and Linux virtual machines.
  • pay only for the underlying compute and storage for SQL VM
  • 82% savings over PAYG rates on Azure and up to 67% compared to AWS RIs for Windows VMs.
  • 49% cost savings estimated using the Azure TCO calculator comparing on-premsies VMware VMs. Actual savings may vary based on region, instance type and usage. Reference Nucleus Research
  • You can specify whether you’re enrolled in Software Assurance and can use the Azure Hybrid Use Benefit.

Hybrid Cloud1

Migration Path

Microsoft offers an end-to-end solution to provide you with a proven framework and tools to migrate your first workload and give you a complete roadmap for discovery, migration, and continual optimization, including better insights and strategies for running your entire datacenter portfolio on Azure. Migrating to Azure is simple three-stage process and focuses on how to identify virtual machines, applications, and data that can easily be moved to the cloud.

Hybrid Cloud.PNG

Supported Platform

  • VMware vCenter Server 5.5, 0 and later version managed virtual machines
  • Any On-premises Storage (vSAN, FC SAN, NFS or iSCSI)
  • Appliance-based, agentless, and non-intrusive discovery of on-premises virtual machines.
  • Currently Azure Migrate supports only Locally redundant storage (LRS). However, once you migrated to Azure, you can use Geo-redundant storage.
  • Lift & Shift migration to Azure IaaS Cloud
  • Azure migrate will recommend the use of Azure Database Migration Service
  • Use Azure Site Recovery Manager to migrate business critical and large VMs to Azure Cloud

Stage 1 – Assess Your VMware vSphere Environment

Use these four steps to discover and assess your on-premises workloads for migration to Azure.

  1. Prepare your environment.
  2. Discover virtual machines.
  3. Group virtual machines.
  4. Assess the groups of virtual machines.

Step 1: Prepare your environment

  1. To get started with Azure Migrate, you need a Microsoft Azure account or the free trial.
  2. Assess VMware Virtual machines located on vSphere ESXi hosts that are managed with a vCenter server running version 5.5 or 6.0.
  3. The ESXi host or cluster on which the Collector VM (version 8.0) runs must be running version 5.0 or later.
  4. To discover virtual machines, Azure Migrate needs an account with read-only administrator credentials for the vCenter server.
  5. Create a vCenter virtual machine in .ova format. Download an appliance and import it to the vCenter server to create the virtual machine. The virtual machine must be able to connect to the internet to send metadata to Azure.
  6. Set statistics settings for the vCenter server to statistics level 2. The default Level 1 will work, but Azure Migrate won’t be able to collect data for performance-based sizing for storage.

Tag your virtual machines in vCenter (optional)

Use these steps to tag your virtual machines in vCenter server.

  1. In the VMware vSphere Web Client, navigate to the vCenter server instance.
  2. To review current tags, click Tags.
  3. To tag a virtual machine, click Related Objects > Virtual Machines, and select the virtual machine.
  4. In Summary > Tags, click Assign.
  5. Click New Tag, and specify a tag name and description.
  6. To create a category for the tag, select New Category in the drop-down list.
  7. Specify a category name and description and the cardinality, and click OK.

Step 2: Discover virtual machines

Using Azure Migrate to discover on-premises workloads involves these steps.

  1. Create a Project.
  2. Download the Collector appliance.
  3. Create the Collector virtual machine.
  4. Run the Collector to discover virtual machines.
  5. Verify discovered virtual machines in the portal.

Create a Project

Azure Migrate projects hold the metadata of your on-premises machines and enables you to assess migration suitability.  Use these steps to create a project.

  1. Log on to the Azure portal and click New.
  2. Search for Azure Migrate in the search box, and select the service Azure Migrate (preview) in the search results, and then click Create.
  3. Select the Azure Migrate service from the search results.
  4. Click Create.
  5. Specify a name for the new project.
  6. Select the subscription you want the project to get associated to.
  7. Create a new resource group, or select an existing one.
  8. Specify an Azure location.
  9. To quickly access the project from the Dashboard, select Pin to dashboard.
  10. Click Create. The new project appears on the Dashboard, under All resources, and in the Projects blade.

Download the Collector appliance

  1. Select the project, and click Discover & Assess on the Overview blade.
  2. Click Discover Machines, and then click Download.
  3. Copy the Project ID and project key values to use when you configure the Collector.

Deploy the Collector virtual machine

In the vCenter Server, import the Collector appliance as a virtual machine using the Deploy OVF Template wizard.

  1. In vSphere Client console, click File > Deploy OVF Template.
  2. In the Deploy OVF Template Wizard > Source, specify the location for the .ovf file.
  3. In Name and Location, specify a friendly name for the Collector virtual machine, the inventory object in which the virtual machine will be hosted.
  4. In Host/Cluster, specify the host or cluster on which the Collector virtual machine will run.
  5. In Storage, specify the storage destination for the Collector virtual machine.
  6. In Disk Format, specify the disk type and size.
  7. In Network Mapping, specify the network to which the Collector virtual machine will connect. The network must be connected to the internet to send metadata to Azure.
  8. Review and confirm the settings, and then click Finish.

Run the Collector to discover virtual machines

  1. In the vSphere Client console, right-click the virtual machine > Open Console.
  2. Provide the language, time zone, and password preferences for the appliance.
  3. In the Azure Migrate Collector, open Set Up Prerequisites, and then

o Accept the license terms, and read the third-party information.

o The Collector checks that the virtual machine has internet access. If the virtual machine accesses the internet via a proxy, click Proxy settings, and specify the proxy address and listening port. Specify credentials if proxy access needs authentication.

o The Collector checks that the Windows profiler service is running. The service is installed by default on the Collector virtual machine.

o Select to download and install the VMware PowerCLI.

  1. In Discover Machines, do the following:

o Specify the name (FQDN) or IP address of the vCenter server and the read-only account the Collector will use to discover virtual machines on the vCenter server.

o Select a scope for virtual machine discovery. The Collector can only discover virtual machines within the specified scope. Scope can be set to a specific folder, datacenter, or cluster, but it shouldn’t contain more than 1000 virtual machines.

o If you’re using tagging on the vCenter server, select tag categories for virtual machine grouping. Azure Migrate automatically groups virtual machines based on tag values in the category. If you’re not using tagging, you can group virtual machines in the Azure portal.

  1. In Select Project, specify the Azure Migrate project ID and key you copied from the Azure portal. If didn’t copy them, open Azure in a browser from the Collector virtual machine. In the project Overview page, click Discover Machines, and copy the values.
  2. In Complete Discovery, you can monitor the discovery status, and check that metadata is collected from the virtual machines in scope. The Collector provides an approximate discovery time.

Verify discovered virtual machines in the portal

  1. In the migration project, click Manage > Machines.
  2. Check that the virtual machines you want to discover appear in the portal.

Step 3: Group virtual machines

Enterprises typically migrate virtual machines with dependencies together at the same time to ensure their functionality after migration to Azure. Azure Migrate allows you to categorize the virtual machines by group so you can assess all the virtual machines in a group.

  • If you provided a tag category—which was an optional step while configuring the Collector—groups will be automatically created for the workloads based on the tag values.
  • If a tag category is not provided while configuring the Collector, you can create groups of virtual machines in the Azure Migrate portal.

Optional: Assess machine dependencies before adding them to a group

  1. In Manage > Machines, search the Machine for which you want to view the dependencies.
  2. In the Dependencies column for the machine, click Install agent.
  3. To calculate dependencies, download and install these agents on the machine: o Microsoft Monitoring agent

o Dependency agent

  1. Copy the workspace ID and key to use later when you install the Microsoft Monitoring agent on a machine.
  2. After you install the agents on the machine, return to the portal and click Machines. This time the Dependencies column for the machine should contain the text View dependencies. Click View dependencies.
  3. By default, the dependency time range is an hour. Click the time range to shorten it, specify start and end dates, or change the duration. Press Ctrl + Click to select multiple machines on the map, and then click Group machines.
  4. In Group machines, specify a group name. Verify the machines you added have the dependency agents installed and have been discovered by Azure Migrate. Machines must be discovered to assess them. We recommend that you install the dependency agents to complete dependency mapping.
  5. Click OK to save the group settings. Alternatively, you can add machines to an existing group.

Create a Group

You can create groups of virtual machines from the Machines blade or from the Groups blade, using a similar process.

Create a group from the Machines blade

  1. Navigate to the Dashboard of a project and click the Machines tile.
  2. Click Group Machines.
  3. Specify a name for the group in the Name box, and then select the machines that you want to add to the group.
  4. Click Create.

Add/Remove machines to/from an existing group if you require

  1. Navigate to the dashboard of a project and click the Groups tile.
  2. Select the Group you want to add/remove machines to/from.
  3. Click Add Machines or Remove Machines.
  4. Select the machines that you want to add/remove to/from the group.
  5. Click Add or Remove.

Step 4: Assess groups of virtual machines

Create an assessment

Follow these steps to generate an assessment for the group.

  1. Select the project you want under Project.
  2. On the project dashboard, click Groups.
  3. Create a new group or select an existing group to assess under Group.
  4. Click Create Assessment to create a new assessment for the group.

The assessment includes these details.

  • Summary of the number of machines suitable for Azure which is referred to as Azure Readiness.
  • Monthly estimate of the cost for running the machines in Azure after migration.
  • Storage monthly cost estimate.

Assessment calculation

Azure Migrate performs three checks on virtual machines in this order:

  1. Azure Suitability Analysis
  2. Performance-based sizing
  3. Monthly cost estimate

Stage 2: Migrate virtual machines using Azure Site Recovery

Before you start deployment, review the architecture and make sure you understand all the components you need to deploy.

Next, make sure you understand the prerequisites and limitations for a Microsoft Azure account, Azure networks, and storage accounts. You also need:

  • On-premises Site Recovery components
  • On-premises VMware prerequisites
  • Mobility service component installed on the virtual machine you want to replicate.

These are the general steps to migrate:

  1. Set up Azure services such as Virtual Networks, Availability Group, Network Load Balancer, Address Space, Subnets, Resource Group, Storage Accounts, Public IPs.
  2. Connect to VMware servers.
  3. Set up the target environment.
  4. Complete migration.

I assume, you have completed the step1. So I am moving on to step 2.

Create a Recovery Services vault

  1. Sign in to the Azure portal > Recovery Services.
  2. Click New > Monitoring & Management > Backup and Site Recovery.
  3. In Name, specify a friendly name to identify the vault. If you have more than one subscription, select one of them.
  4. Create a resource group, or select an existing one. Specify an Azure region. To check supported regions, see geographic availability in Azure Site Recovery Pricing Details.
  5. If you want to quickly access the vault from the dashboard, click Pin to dashboard, and then click Create.
  6. The new vault will appear on Dashboard > All resources and on the main Recovery Services vaults blade.

Select a protection goal

In this task, select what you want to replicate, and where you want to replicate to.

  1. Click Recovery Services vaults > vault.
  2. In the Resource Menu, click Site Recovery > Prepare Infrastructure > Protection goal.
  3. In Protection goal, select To Azure > Yes, with VMware vSphere Hypervisor.

Set up the source environment

In this task, set up the configuration server, register it in the vault, and discover virtual machines.

  1. Click Site Recovery > Step 1: Prepare Infrastructure > Source.
  2. If you don’t have a configuration server, click Configuration server.
  3. In Add Server, check that Configuration Server appears in Server type.
  4. Download the Site Recovery Unified Setup installation file.
  5. Download the vault registration key. You need this when you run Unified Setup. The key is valid for five days after you generate it.

Register the configuration server in the vault

The next task requires you to run Unified Setup to install the configuration server, the process server, and the master target server. First however, do these three steps.

  1. On the configuration server virtual machine, make sure that the system clock is synchronized with a Time Server. It should match. If it’s 15 minutes in front or behind, setup might fail.
  2. Run setup as a Local Administrator on the configuration server virtual machine.
  3. Make sure TLS 1.0 is enabled on the virtual machine.

Now you are ready to run Setup.

  1. Run the Unified Setup installation file.
  2. In Before You Begin, select Install the configuration server and process server.
  3. From the Third-Party Software License screen, click I Accept to download and install MySQL.
  4. From the Registration screen, select the registration key you downloaded from the vault, and then click Next.
  5. From the Internet Settings screen, specify how the Provider running on the configuration server connects to Azure Site Recovery over the Internet.
  6. If you want to connect with the proxy that’s currently set up on the machine, select Connect to Azure Site Recovery using a proxy server.
  7. If you want the Provider to connect directly, select Connect directly to Azure Site Recovery without a proxy server.
  8. If the existing proxy requires authentication, or if you want to use a custom proxy for the Provider connection, select Connect with custom proxy settings. o If you use a custom proxy, you need to specify the address, port, and credentials.
  9. From the Prerequisites Check screen, run a check to make sure that installation can run. If a warning appears about the Global time sync check, verify that the time on the system clock (Date and Time settings) is the same as the time zone.
  10. In the MySQL Configuration screen, create credentials for logging on to the MySQL server instance that is installed.
  11. From the Environment Details screen, select whether to replicate VMware virtual machines. If you will, Setup checks that PowerCLI 6.0 is installed.
  12. From the Install Location screen, select where you want to install the binaries and store the cache. The drive you select must have at least 5 GB of disk space available, but we recommend a cache drive with at least 600 GB of available space.
  13. From the Network Selection screen, specify the listener (network adapter and SSL port) on which the configuration server sends and receives replication data. Port 9443 is the default port used for sending and receiving replication traffic, but you can modify this port number to suit your environment’s requirements. In addition to the port 9443, we also open port 443, which is used by a web server to orchestrate replication operations. Do not use port 443 for sending or receiving replication traffic.
  14. In the Summary screen, review the information and click Install. When installation finishes, a passphrase is generated. You will need this when you enable replication, so copy it and keep it in a secure location. After registration finishes, the server is displayed on the Settings > Servers in the vault.

Step 2: Connect to VMware servers

To allow Azure Site Recovery to discover virtual machines running in your on-premises environment, you need to connect your VMware vCenter Server or vSphere ESXi hosts with Site Recovery. Note the following before you start:

  • If you add the vCenter server or vSphere hosts to Site Recovery with an account without administrator privileges on the server, the account needs these privileges enabled:

o Datacenter, Datastore, Folder, Host, Network, Resource, Virtual machine, vSphere Distributed Switch.

o The vCenter server needs Storage views permissions.

  • When you add VMware servers to Site Recovery, it can take 15 minutes or longer for them to appear in the portal.

Step 3: Set up the target environment

Before you set up the target environment, make sure you have an Azure storage account and a virtual network set up.

  1. Click Prepare infrastructure > Target, and select the Azure subscription you want to use.
  2. Specify whether your target deployment model is Resource Manager-based, or classic.
  3. Site Recovery verifies that you have one or more compatible Azure storage accounts and networks.

Create replication policy

You need a replication policy to automate the replication to Azure.

  1. To create a new replication policy, click Site Recovery infrastructure > Replication Policies > Replication Policy.
  2. Under RPO threshold, specify the RPO limit. This value specifies how often data recovery points are created. An alert is generated if continuous replication exceeds this limit.
  3. Under Recovery point retention, specify (in hours) how long the retention window is for each recovery point. Replicated virtual machines can be recovered to any point in a window. Up to 24 hours retention is supported for machines replicated to premium storage, and 72 hours for standard storage.
  4. Under App-consistent snapshot frequency, specify how often (in minutes) recovery points containing application-consistent snapshots will be created.
  5. Click OK to create the policy.
  6. When you create a new policy it’s automatically associated with the configuration server. By default, a matching policy is automatically created for failback. For example, if the replication policy is rep-policy then the failback policy will be rep-policy-failback. The failback policy isn’t used until you initiate a failback from Azure.

Prepare for push installation of the Mobility service

The Mobility service must be installed on all virtual machines you want to replicate. There are several ways to install the service, including manual installation, push installation from the Site Recovery process server, and installation using methods such as System Center Configuration Manager. Here you can review prerequisites and installation methods for the Mobility Service.

If you want to use push installation from the Azure Site Recovery process server, you need to prepare an account that Azure Site Recovery can use to access the virtual machine.

The following describes the options:

  • You can use a domain or local account

For Windows, if you’re not using a domain account, you need to disable Remote User Access control on the local machine. To do this, in the registry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System, add the DWORD entry LocalAccountTokenFilterPolicy, with a value of 1.

  • If you want to add the registry entry for Windows from a CLI, type: REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1.
  • For Linux, the account should be root on the source Linux server.

Install Mobility Service manually by using the GUI

  1. Copy the installer executable to the virtual machine that is being migrated to Azure, and then open the installer.
  2. On the Installation Option pane, select Install Mobility Service.
  3. Select the install location and click Install to being the installation procedure.
  4. You can use Installation Progress page to monitor the installer’s progress.
  5. Once installation is complete, click the Proceed to Configuration button to register the Mobility Service with your Configuration server.
  6. Click on the Register button to complete the registration.

Configure replication

After you have installed and configured both the Process Server and the Mobility Service agents, continue configuring replication in Azure.

  1. In the Azure portal, navigate to Site Recovery > Step1: Replicate Application > Enable Replication, and then click Step 1: Source Configure > Source.
  2. In Source, select On-Premises.
  3. In Source location, select your Configuration Server.
  4. In Machine type, select Virtual Machines.
  5. In vCenter/vSphere Hypervisor, select the vCenter server that manages the vSphere host, or select the host.
  6. Select the process server or the configuration server if you haven’t created any additional process servers, and then click OK.
  7. In Target, select the subscription and the resource group in which you want to create the migrated virtual machines. Choose the deployment model for the migrated virtual machines that you want to use in Azure (classic or resource manager).
  8. Select the Azure storage account you want to use for replicating data. If you don’t want to use an account you’ve already set up, you can create a new one.
  9. Select the Azure network and subnet to which Azure Virtual Machines will connect when they’re created after migration. Select Configure now for selected machines to apply the network setting to all machines you select for protection, or select Configure later to select the Azure network per virtual machine.
  10. Point to Virtual Machines > Select, select each enabled machine you want to replicate, and then click OK.
  11. In Properties > Configure properties, select the process server account that will automatically install the Mobility service on the machine.
  12. By default, all disks are replicated. Click All Disks and clear any disks you don’t want to replicate, and then click OK. You can set additional virtual machine disk properties later if needed.
  13. In Replication settings > Configure replication settings, verify that the correct replication policy is selected. If you modify a policy, changes will be applied to the replicating machine and to new machines.
  14. Enable Multi-VM consistency if you want to gather machines into a replication group, specify a name for the group, and then click OK.
  15. Click Enable Replication. You can track progress of the Enable Protection job in Settings > Jobs > Site Recovery Jobs. After the Finalize Protection job runs the machine is ready for failover.

Step 4: Complete migration

Because migration is different than failover, it is important to configure Site Recovery for a migration.

For migration, you don’t need to commit a failover or delete machines. Instead, select the Complete Migration option for each machine you want to migrate.

  1. In Replicated Items, right-click the virtual machine, and then click Complete Migration.
  2. Click OK to complete the migration.

You can track progress in the virtual machine properties by monitoring the Complete Migration job in Site Recovery jobs. The Complete Migration action completes the migration process, removes replication for the machine, and stops Site Recovery billing for the machine.

At this point, your virtual machine has been migrated to Azure and you can begin using the IP addresses you set up in Networking. If you must migrate a database, the next section outlines migrating SQL Server databases using Migration Data Assistant and Azure Database Migration Service. Otherwise, the migration process continues with

Stage 3: Optimize migrated workloads

Cloudyn helps ensure migrated virtual machines continue to deliver targeted resource utilization and best cost by recommending changes. Track costs against budget using spending reports that help identify which virtual machine types are consuming budget and support decisions on how to modify the Azure environment to maximize ROI. Cloudyn benefits include:

  • Visibility into resource costs
  • Visibility into application and departmental costs
  • Budgeting
  • Cost optimization with right-sizing guidance

As organizations move on-premises virtual machines to Azure, a best practice is to move workloads through three stages: discover, migrate, and optimize. Microsoft and its partners offer tools to help increase the efficiency and reduce the complexity of those stages.

Nimble Hybrid Storage for Azure VM

Microsoft Azure can be integrated with Nimble Cloud-Connected Storage based on the Nimble Storage Predictive Flash platform via Microsoft Azure ExpressRoute or Equinix Cloud Exchange connectivity solutions.

The Nimble storage is located in Equinix colocation facilities at proximity to Azure data centres to deliver fast, low-latency performance.

Key Features:

  • 9997% uptime and reliability over thousands of systems deployed in production.
  • Triple-parity RAID protection, data durability is improved by over 1,000x compared to traditional RAID6 protection.
  • Accelerates performance and optimises capacity via ExpressRoute and Equinix Cloud Exchange
  • On-Demand pay-for-what-you-use pricing model. Cloud Volumes pricing will start at $0.10/GB/month
  • Data mobility between Azure Cloud and Nimble Storage
  • Nimble’s Cloud Volumes (NCV) store block data for use by Azure compute instances
  • Data protection using Veeam Availability Suite or Veritas NetBackup

Direct Connectivity to Azure

Azure virtual machines connect directly to block storage volumes running on Nimble arrays. This provides access to secure, feature-rich and high-performance storage over a fast and low-latency connection.

Equinix Cloud Exchange provides further flexibility with Azure and Nimble storage connectivity by providing self-service on-demand provisioning and switchable virtual connections in the colocation facility. You can achieve this functionality using Nimble native tooling.

Hybrid Cloud Model

For hybrid clouds where you do need to move data from your on-premise storage to your cloud-connected storage Nimble’s efficient data replication ensures all data is compressed and only changed data is sent to minimise bandwidth requirements.

Nimble’s efficient data replication allows you to gain efficiency, reduce data transfer times, moreover, reduce network costs by avoiding massive data migrations to and from your on-premise storage or private cloud to the public cloud.

Regulatory Compliance

Breakdown one of the top barriers to cloud adoption. You always own and control your data when you use Nimble Cloud-Connected Storage allowing you to address data security as well as corporate compliance or governance requirements.

Low-Cost Disaster Recovery Solution

Pay for disaster recovery only when you need it instead of keeping fully operational secondary servers up at all times. Leverage the ability to quickly turn on Azure virtual machines to enable your DR site for drills and actual failures and turn them off when you are done. All the while Nimble’s efficient data replication ensures your DR data is up-to-date and secure.

Dev/Test Environments

If your production environment is on-premise, it is difficult to leverage the cloud for Dev/test since you need to move data back and forth between the cloud. With Nimble Cloud-Connected Storage, instant snapshots are made of your production environment and zero-copy clones of that data are immediately available for Azure virtual machines that can be spun up quickly for dev/test.

Secure Private Storage for the Public Cloud Apps

Stop debating which applications can move to the cloud due to concerns about Security, privacy performance, and reliability. With Nimble Cloud-Connected Storage, you will always control your data while taking advantage of Azure virtual machines for cloud compute.

Other use cases such as big data analytics and application cloud bursting can leverage Nimble Cloud-Connected Storage to gain agility, improve performance, while maintaining sovereignty and ownership of your data.

 

 

 

EMC Unity Hybrid Storage for Azure Cloud Integration

The customers who have placed their workload in both on-premises and cloud forming a “Hybrid Cloud” model for your Organisation, you probably need on-premises storage which meets the requirement of hybrid workloads. EMC’s Unity hybrid flash storage series may be the answer to your business critical problem. This unified storage array is designed for organisations from midmarket to the enterprise. Cover the broadest range of workloads – SAN and NAS both. The EMC unity has been designed for workloads rather than a tin seating on your data centre consuming power and cooling bills, and you are calling it a SAN. After all, that was a traditional tin-based SAN solution.

Previously I wrote an article about Dell Compellent. I received an overwhelming response from the Compellent user. I have been asked many occasion what other option do we have if not the Compellent storage.

To answer the question, I would choose from either EMC Unity Hybrid Storage, Nimble and NetApp Storage subject to the in-depth analysis of workloads, casestudy and business requirements. But again, this is a “Subject to x,y,z” question. The tin-based storage does not fulfil the modern business requirement. I would personally like to use Azure or AWS than procure any tin and pay for power, cooling and racks.

EMC Unity

The Unity midrange storage for flash and rich data services based on dense SSD technology helps provide outstanding TCO. The Unity provides intelligent insight into SAN health with CloudIQ, which provides cloud-based proactive monitoring and predictive analytics. Additionally, the ongoing operation is simple with proactive assistance and automated remote support.

What I like about Unity is that the Unity Software, most notably CloudIQ, Appsync and Cloud Tiering Appliance. The Unity has the capabilities include point-in-time snapshots, local and remote data replication, built-in encryption, and deep integration with VMware, Microsoft Apps, Hyper-v, Azure Blob, AWS S3 and OpenStack ecosystems. The Unity provides an automated tiering and flash-caching, the most active data is served from flash.

Management

The Unity provides the most user-friendly GUI management interface. After installing and powering on the purpose-built Dell EMC Unity system for the first time, the operating environment will boot. The interfaces are well-defined and highlighted for areas of interest – drive faults, network link failures, etc. Within Unisphere are some options for support, including Unisphere Online Help and the Support page where FAQs, videos, white papers, chat sessions, and more

Provisioning Storage

The EMC Unity offers both block and file provisioning in the same enclosure. The Disk Drives are provisioned into Pools that can be used to host both block and file data. Connectivity is offered for both block and file protocols using iSCSI and Fibre Channel. You can access LUNs, Consistency Groups, Thin Clones, VMware Datastores (VMFS), and VMware Virtual Volumes.

Fast VP

The FAST VP (Fully Automated Storage Tiering for Virtual Pools) is a very smart solution for dynamically matching storage requirements with changes in the frequency of data access. Fast VP segregate disk drives in three tiers

  • Extreme Performance Tier – SSD
  • Performance tier – SAS
  • Capacity Tier – NL-SAS

Fast VP Policies – FAST VP is an automated feature but provide controls to setup user-defined tiering policies to ensure the best performance for various environments. FAST VP uses an algorithm to make data relocation decisions based on the activity level of each slice.

  • Highest Available Tier
  • Auto-Tier
  • Start High then Auto-Tier
  • Lowest Available Tier
  • No Data Movement

Cloud Tiering Appliance (CTA)

If you are an organisation with hybrid cloud and you would like to move data from on-premises to Azure Cloud or AWS S3, then Cloud Tiering Appliance (CTA) is the best solutions for you to move data to a cloud-based on user-configured policies. The other way is also true which means you can return your data to on-premises using this appliance.

Why do you need this appliance? If you run of storage or free-up space, you can do it on the fly without capital expenditure. This ability optimises primary storage usage, dramatically improves storage efficiency, shortens the time required to back up data, and reduces overall TCO for primary storage. This functionality also reduces your own data centre footprint. You can move both file and block data to Azure Cloud or AWS S3 using CTA.

EMC CloudIQ

Another cool feature is CloudIQ. CloudIQ provides the operational insights and overall health scores EMC midrange storage. CloudIQ provides Central monitoring, predictive analytics and health monitoring.

CloudIQ is a no-cost SaaS application that non-disruptively provides overall health scores for Unity systems through cloud-based proactive monitoring and intelligent, predictive analytics.

AppSync Data Protection

Your priority is workload. You must protect workloads and simplify management of workloads. AppSync empowers you to satisfy copy demand for data repurposing, operational recovery, and disaster recovery with AppSync.

AppSync simplifies, orchestrates, and automates the process of generating and consuming copies of production data. You can integrate AppSync with Oracle, Microsoft SQL Server, and Microsoft Exchange for application-consistent copy management. AppSync is the single user interface and provides VM-consistent copies of data stores and individual VM recovery for VMware environments

RecoveryPoint

EMC RecoverPoint provides continuous data protection with multiple recovery points to restore applications instantly to a specific point in time. EMC RecoveryPoint protects applications with bidirectional synchronous and asynchronous replication for recovery of physical, virtual, and cloud infrastructures. Minimize network utilisation with unique bandwidth compression and deduplication, significantly reducing replicated data over the network.

RecoveryPoint is software-only solutions to manage the disaster recovery provisioning and control their replication policies and recovery, ensuring that VM service levels are met.

EMC Storage Analytics

The Storage Analytics software lets you extend VMware vRealize Operations analytics to supported EMC storage platforms. Optimize performance and diagnose issues across physical storage and virtual machines with EMC Storage Analytics (ESA).

The Storage Analytics is dashboards based visual tools provide deep visibility into EMC infrastructure. Actionable capacity and performance analysis help you troubleshoot, identify, and act on issues fast.

Encryption

EMC Unity lets you encrypt user data as it is written to the backend drives, and decrypted during departure. Because encryption and decryption are handled via a dedicated hardware piece on the SAS interface, there is minimal impact on Unity Storage. The system also supports external key management through the use of the Key Management Interoperability Protocol (KMIP).

Conclusion

The Unity Hybrid Storage reduce cost, datacentre footprint, complexity and management overhead of your SAN systems while maintaining workload performance, protection and path to migrate data to Azure Cloud or AWS.

Geo-mapping using Azure Traffic Manager

Microsoft Azure Traffic Manager allows you to control the distribution of user traffic for service endpoints in different datacenters and region. Traffic Manager support distribution of traffic for Azure VMs, Web Apps, cloud services and non-Azure endpoints.

Traffic Manager uses the Azure DNS to direct client requests to the most appropriate endpoint based on a traffic-routing method and the health of the endpoints.

Traffic Manager uses vanity domain name to direct traffic to desired endpoints based on geographic location of the user and nearest Azure Datacentre where endpoint is located.

Domain Name Vanity Domain Name Record Type
http://www.domain.com Domain.trafficmanager.net CNAME
Domain.trafficmanager.net Domain-us.cloudapp.net

Domain-au.cloudapp.net

CNAME
Domain-us.cloudapp.net Public IP Address of endpoint Host A
Domain-au.cloudapp.net Public IP Address of endpoint Host A

Traffic Manager act like a DNS routing system to direct clients to specific service endpoints based on the rules of the traffic-routing method. Clients connect to the selected endpoint directly. Traffic Manager is not a proxy or a gateway. Traffic Manager does not see the traffic passing between the client and the service.

To Create Traffic Manager Profile,

  1. From a browser, sign in to the Azure portal.
  2. Click Create a resource > Networking > Traffic Manager profile > Create
  3. In the Create Traffic Manager profile, Select Geographic Routing Method, Resource Group Location and create profile.
  4. Select the Profile, Navigate to Settings -> Endpoints in Traffic Manager.
  5. Click Add to show the Add Endpoint.
  6. Click Add and in the Add endpoint, Type the Name and Source Type then Add geo-mapping to the endpoint.
  7. To test the Geo-mapping and Traffic routing, you can use any free VPN service or subscribe a VPN service and connect to region using the VPN service and access your endpoint. You will be directed to the nearest endpoint you have configured in step 5 & 6.