Azure Stack Pricing Model

Azure Stack is sold as an integrated system, with software pre-installed on validated hardware. Azure Stack comes with two operational modes—Connected and Disconnected. Connected Mode use Azure metering services with the Microsoft Azure Cloud. The Disconnected Mode does not use Azure metering services. The Disconnected Mode is based on capacity pricing model. The Connected Mode is a Pay-as-you-use software pricing model.

Azure Stack.png

Licensing Model

Payment Method Description License Type
PAYG No upfront cost EA or CSP
Capacity Model Fixed Fees per annum EA Only

Windows and SQL License

You have to use licenses from any channel (EA, SPLA, Open, and others), as long as you comply with all software licensing and product terms.

Linux Licenses

You have to use RedHat or other Linux licenses on the Azure Stack if you choose to use Linux Operating Systems. You have to pay to the software vendor for use of their software on the Azure Stack.

Connected Mode for Cloud Service Provider (CSP)

Azure Stack offers pay-as-you-use pricing, just like you get with Azure. Run infrastructure as a service (IaaS) and platform as a service (PaaS) on Azure Stack with no upfront fees, and use the same subscriptions, monetary commitments, and billing tools as Azure. The pay-as-you-use package is available through Enterprise Agreements (EA) and the Cloud Solution Provider program (CSP).

Service Type Description Hourly Rate Monthly Rate
Compute Base VM $0.011/vCPU $8 vCPU
  Windows VM $0.059/vCPU $43 vCPU
Storage Storage   $0.008/GB
  Table & Queue   $0.023/GB
  Unmanaged Disk   $0.015/GB
App Services Web Apps, API, Functions $0.072/vCPU

 

$53 vCPU

The Connected Mode is available through both Enterprise Agreement (EA) and Cloud Service Provider (CSP) partner channel. Azure MSDN, Free Trial, and Biz Spark subscription IDs cannot be used in conjunction with Azure Stack.

Your Azure Stack usage will be metered and integrated into one bill with your Azure usage.

Use cases:

The customer already has Azure Subscription. The customer wants to establish hybrid cloud in conjunction with Azure Cloud.

Disconnected Mode for Azure Stack On-premises

the App Service package, which includes App Service, base virtual machines, and Azure Storage ($400/core/year), and the IaaS package, which includes base virtual machines and Azure Storage ($144/ core/year.) With the capacity model, you use your existing on-premises licenses to deploy Windows Server and SQL Server virtual machines.

The capacity model is available via EA only. It is purchased as an Azure Plan SKU via normal volume licensing channels.

Use Cases

The customer wants to build their own private cloud platform and offer services to their departments and subsidiaries. The purpose of this exercise is to segregate billing of each department but maintain single ICT organisation.

Azure Stack Support

Azure Stack support is a consistent, integrated, hybrid support experience that covers the full system lifecycle. If you already have Premier, Azure, or Partner support with Microsoft, your Azure Stack software support is included. You need only make one call to the vendor of your choice (Microsoft or hardware partner) for any Azure Stack issue.

For up-to-date pricing visit Microsoft website.

Amazon EC2 and Azure Virtual Machine (Instance) Comparison

Both Amazon EC2 and Azure VM provide a wide selection of VM types optimised to fit different use cases. An instance or VM is combinations of virtual CPU, virtual memory, temporary storage, and networking capacity and give a customer the flexibility to choose the appropriate mix of resources for workloads. Both AWS EC2 and Azure offers instances at scale for the requirements of any target workload. Both EC2 and Azure provide the option to store VM in persistent storage called EBS in Amazon terminology or Blob Storage in Azure terminology.

EC2 vs Azure VM

Available Windows/Linux VM both Cloud Services Providers:

Type Description Azure VM

Windows & Linux

AWS EC2

Windows & Linux

General purpose Balanced CPU-to-memory ratio. B, Dsv3, Dv3, DSv2, Dv2, Av2 T2, M4, M5
Compute-optimised High CPU-to-memory ratio. Fsv2, Fs, F C4, C5
Memory-optimised High memory-to-CPU ratio. Great for database servers Esv3, Ev3, M, GS, G, DSv2, Dv2 X1e, X1, R5, R4, Z1d
Storage optimised High disk throughput and IO. Ls H1, i3, D2
GPU Specialized for heavy graphic rendering and video editing NV, NC, NCv2, NCv3, ND P3, P2, G3, F1
High performance compute fastest and most powerful CPU H C4, C5

Both AWS and Azure are utility pricing model analogous to your gas, water or power bills. Both Amazon and Azure provide standard instance as PAYG model, and also some instances are available in the reserved pricing model. In a reserved pricing model, you pay upfront at a cheaper rate for instance but commit for certain months or years. In a reserved instance, you pay additional for -storage consumption and network utilisation if it’s cross-geo connectivity. Both AWS and Azure have vast marketplace from where you can pick up and deploy any instance of your requirements at Scale.

Here is where Microsoft differentiate from AWS, you can save up to 72% over pay-as-you-go pricing with an upfront one- or three-year commitment in Azure Cloud. You can also exchange or cancel the RI at any time. Microsoft also offers Hybrid benefits, i.e. 40% off when you bring in Microsoft Windows/Linux workloads from On-prem to Azure. You can use your on-premises Windows Server or SQL Server licences with Software Assurance to make big savings when migrating a few workloads or entire data centres to the cloud.

You can get discounted rates on Azure for your ongoing development and testing, including no Microsoft software charges on Azure Virtual Machines and special dev/test pricing on other services.

Microsoft also offers US$5000 credit for the validated Not-for-Profit organisation for the use of Azure Cloud whilst signing

Relevant References:

Azure Pricing Calculator

Azure TCO Calculator

Offset IT Cost with Azure Cloud

Microsoft Azure credits now available to eligible not-for-profit organisations

Azure 54 regions in 140 countries

Azure AD B2B Collaboration With SharePoint Online

Azure AD B2B collaboration capabilities to invite guest users into your Azure AD tenant to allow them to access Azure AD service Azure AD B2B collaboration invited users can be picked from OneDrive/SharePoint Online sharing dialog boxes. OneDrive/SharePoint Online invited users also show up in Azure AD after they redeem their invitations and other resources such OneDrive for Business, SharePoint Online in your organization.

Azure B2B
Azure AD B2B Collaboration (Source Microsoft Corp)

Licensing Requirements for Paid Features:

The customer who owns the inviting tenant must be the one to determine how many B2B collaboration users need paid Azure AD capabilities. Depending on the paid Azure AD features you want for your guest users, you must have enough Azure AD paid licenses to cover B2B collaboration users in the same 5:1 ratio.

Extranet Collaboration.png
Contoso Corp B2B Collaboration with partners (Source Microsoft Corp)

The below guides articulate how to deploy Azure B2B functionality for SharePoint Online.

Turning on Azure AD Integrated App for Office 365

  1. Log on to Office 365 portal.office.com using your work or school account.
  2. Go to the Office 365 admin center, and from the left navigation bar, click Settings> Services & add-ins
  3. On the Integrated apps page, use the toggle to turn Integrated Apps on or off.

Add a B2B User

  1. Sign in to the Azure portal as an Azure AD administrator.
  2. In the navigation pane, select Azure Active Directory.
  3. Under Manage, select Users. Select New guest user.
  4. Under User name, enter the email address of the external user. Optionally, include a welcome message.
  5. Select Invite to automatically send the invitation to the guest user.
  6. To assign Group Permission, Under Manage, select Groups.
  7. Select a group (or click New group to create a new one). It’s a good idea to include in the group description that the group contains B2B guest users.
  8. Select Members. Add the Guest User.

Add Azure AD B2B Licenses

  1. Log on to Azure Portal.Azure.com, Navigate to Azure Active Directory
  2. To assign a license, under Azure Active Directory > Licenses > All Products, select one or more products, and then select Assign on the command bar.
  3. You can use the Users and groups blade to choose multiple users or groups or to disable service plans in the product. Use the search box on top to search for user and group names.
  4. When you assign licenses to a group, it can take some time before all users inherit the license depending on the size of the group. You can check the processing status on the Group blade, under the Licenses

Add guest users to a SharePoint Online App

  1. Sign in to the Azure portal as an Azure AD administrator. In the navigation pane, select Azure Active Directory.
  2. Under Manage, select Enterprise applications > All applications. Select the application to which you want to add guest users.
  3. On the application’s dashboard, select Total Users to open the Users and groups pane.
  4. Select Add user. Under Add Assignment, select User and groups.
  5. If the guest user already exists in the directory, search for the B2B user. Select the user, click Select, and then click Assign to add the user to the app.
  6. The guest user appears in the application’s Users and groups list with the assigned role of Default Access or Under Edit Assignment, click Select Role, and select the role you want to assign to the selected user. Click Select. Click Assign.

Turn on External Sharing for SharePoint Online

  1. Sign in to Office 365 as a global admin or SharePoint admin.
  2. Select the app launcher icon The app launcher icon in Office 365 in the upper-left and choose Admin to open the Office 365 admin center. (If you don’t see the Admin tile, you don’t have Office 365 administrator permissions in your organization.)
  3. In the left pane, choose Admin centers > SharePoint.
  4. In the left pane, click sharing.
  5. Select “Allow sharing only with the external users that already exist in your organization’s directory.”
  6. You can setup additional settings such as Limits external sharing using domains, prevent external users from sharing files, External User must accept sharing invitations.

Turn on External Sharing for Specific Site Collection

  1. Sign in to Office 365 as a global admin or SharePoint admin.
  2. Select the app launcher icon The app launcher icon in Office 365 in the upper-left and choose Admin to open the Office 365 admin center. (If you don’t see the Admin tile, you don’t have Office 365 administrator permissions in your organization.)
  3. In the left pane, choose Admin centers > SharePoint.
  4. Click Try the preview to open the new SharePoint admin center.
  5. In the left pane, click Site management.
  6. Locate the site that you want to update, and click the site name.
  7. In the right pane, under Sharing status, click Change.
  8. Select your option (see the following table) and click Save.

Redemption through the invitation email

If invited through a method that sends an invitation email, users can also redeem an invitation through the invitation email. An invited user can click the redemption URL in the email, and then review and accept the privacy terms.

  1. After being invited, the invitee receives an invitation through email that’s sent from Microsoft Invitations.
  2. The invitee selects Get Started in the email.
  3. If the invitee doesn’t have an Azure AD account or an MSA, they’re prompted to create an MSA.
  4. The invitee is redirected to the Review permissions screen, where they can review the inviting organization’s privacy statement and accept the terms.

Migrate Amazon Web Services (AWS) EC2 VM to Azure Cloud

In my previous blog, I have written how to migrate workloads from VMware to Azure Cloud.  In this tutorial, I am going to elaborate you how to migrate Amazon Web Services (AWS) EC2 virtual machines (VMs) to Azure VMs by using Azure Site Recovery.

AWStoAzure

Supported Workloads Which can be migrated:

  1. Windows Server 2016 or later version
  2. Red Hat Enterprise Linux 6.7

Prerequisites

  1. The Mobility service must be installed on each VM that you want to replicate. Site Recovery installs this service automatically when you enable replication for the VM.
  2. For non-domain joined Windows VMs, disable Remote User Access control on the local machine at the registry, under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System, add the DWORD entry LocalAccountTokenFilterPolicy and set the value to 1.
  3. A separate VM in AWS subscriptions to use as Site Recovery Configuration Server. This instance must be running Windows Server 2012 R2.

Credential Requirements

  1. A root on the source Linux server
  2. A Domain Admin Credentials for Windows VM.
  3. A Local Admin Account for non-domain joined VM.

Prepare Azure resources (Target)

Step1: Create a Storage Account

  1. In the Azure portal, in the left menu, select Create a resource > Storage > Storage account.
  2. Create a Storage Account in your region.

Step2: Create a Recovery Vault

  1. In the Azure portal, select All services. Search for and then select Recovery Services vaults.
  2. Add new Recovery Vault in your region.

Step3: Add a separate network for migrated VM

  1. In the Azure portal, select Create a resource > Networking > Virtual network.
  2. Add new Network and Address Space.

Step4: Prepare Recovery Goal

  1. On your vault page in the Azure portal, in the Getting Started section, select Site Recovery, and then select Prepare Infrastructure.
  2. Create a protection goal from On-prem to Azure.
  3. When you’re done, select OK to move to the next section.

Step5: Create a Replication Policy

  1. To create a new replication policy, click Site Recovery infrastructure > Replication Policies > +Replication Policy. In Create replication policy, specify a policy name.
  2. In RPO threshold, specify the recovery point objective (RPO) limit. This value specifies how often data recovery points are created. An alert is generated if continuous replication exceeds this limit.
  3. In Recovery point retention, specify how long (in hours) the retention window is for each recovery point. Replicated VMs can be recovered to any point in a window. Up to 24 hours retention is supported for machines replicated to premium storage, and 72 hours for standard storage.
  4. In App-consistent snapshot frequency, specify how often (in minutes) recovery points containing application-consistent snapshots will be created. Click OK to create the policy.

Prepare Source Environment (AWS)

Step6: Prepare Source ASR Configuration Server

  1. Log on to the EC2 instance where you would like to install Configuration Server
  1. Configure the proxy on the EC2 instance VM you’re using as the configuration server so that it can access the service URLs.
  2. Download Microsoft Azure Site Recovery Unified Setup. You can download it to your local machine and then copy it to the VM you’re using as the configuration server.
  3. Select the Download button to download the vault registration key. Copy the downloaded file to the VM you’re using as the configuration server.
  4. On the VM, right-click the installer you downloaded for Microsoft Azure Site Recovery Unified Setup, and then select Run as administrator.
  5. Under Before You Begin, select Install the configuration server and process server, and then select Next.
  6. In Third-Party Software License, select I accept the third-party license agreement, and then select Next.
  7. In Registration, select Browse, and then go to where you put the vault registration key file. Select Next.
  8. In Internet Settings, select Connect to Azure Site Recovery without a proxy server, and then select Next.
  9. The Prerequisites Check page runs checks for several items. When it’s finished, select Next.
  10. In MySQL Configuration, provide the required passwords, and then select Next.
  11. In Environment Details, select No. You don’t need to protect VMware machines. Then, select Next.
  12. In Install Location, select Next to accept the default.
  13. In Network Selection, select Next to accept the default.
  14. In Summary, select Install. Installation Progress shows you information about the installation process. When it’s finished, select Finish. A window displays a message about a reboot. Select OK. Next, a window displays a message about the configuration server connection passphrase. Copy the passphrase to your clipboard and save it somewhere safe.
  15. On the VM, run cspsconfigtool.exe to create one or more management accounts on the configuration server. Make sure that the management accounts have administrator permissions on the EC2 instances that you want to migrate.

Step7: Enable Replication for a AWS EC2 VM

  1. Click Replicate application > Source.
  2. In Source, select the configuration server.
  3. In Machine type, select Physical machines.
  4. Select the process server (the configuration server). Then click OK.
  5. In Target, select the subscription and the resource group in which you want to create the Azure VMs after failover. Choose the deployment model that you want to use in Azure (classic or resource management).
  6. Select the Azure storage account you want to use for replicating data.
  7. Select the Azure network and subnet to which Azure VMs will connect, when they’re created after failover.
  8. Select Configure now for selected machines, to apply the network setting to all machines you select for protection. Select Configure later to select the Azure network per machine.
  9. In Physical Machines, and click +Physical machine. Specify the name and IP address. Select the operating system of the machine you want to replicate. It takes a few minutes for the servers to be discovered and listed.
  10. In Properties > Configure properties, select the account that will be used by the process server to automatically install the Mobility service on the machine.
  11. In Replication settings > Configure replication settings, verify that the correct replication policy is selected.
  12. Click Enable Replication. You can track progress of the Enable Protection job in Settings > Jobs > Site Recovery Jobs. After the Finalize Protection job runs the machine is ready for failover.

Test failover at Azure Portal

Step8: Test a Failover

  1. On the page for your vault, go to Protected items > Replicated Items. Select the VM, and then select Test Failover.
  2. Select a recovery point to use for the failover:
    • Latest processed: Fails over the VM to the latest recovery point that was processed by Site Recovery. The time stamp is shown. With this option, no time is spent processing data, so it provides a low recovery time objective (RTO).
    • Latest app-consistent: This option fails over all VMs to the latest app-consistent recovery point. The time stamp is shown.
    • Custom: Select any recovery point.
  3. In Test Failover, select the target Azure network to which Azure VMs will be connected after failover occurs. This should be the network you created in Prepare Azure resources.
  4. Select OK to begin the failover. To track progress, select the VM to view its properties. Or you can select the Test Failover job on the page for your vault. To do this, select Monitoring and reports > Jobs > Site Recovery jobs.
  5. When the failover finishes, the replica Azure VM appears in the Azure portal. To view the VM, select Virtual Machines. Ensure that the VM is the appropriate size, that it’s connected to the right network, and that it’s running.
  6. You should now be able to connect to the replicated VM in Azure.
  7. To delete Azure VMs that were created during the test failover, select Cleanup test failover in the recovery plan. In Notes, record and save any observations associated with the test failover.

Migrate an AWS EC2 Instance to Azure Cloud

Step9: Trigger Azure Migration

  1. In Protected items > Replicated items, select the AWS instances, and then select Failover.
  2. In Failover, select a Recovery Point to failover to. Select the latest recovery point.
  3. Select Shut down machine before beginning failover if you want Site Recovery to attempt to do a shutdown of source virtual machines before triggering the failover. Failover continues even if shutdown fails. You can follow the failover progress on the Jobs
  4. Ensure that the VM appears in Replicated items.
  5. Right-click each VM, and then select Complete Migration. This finishes the migration process, stops replication for the AWS VM, and stops Site Recovery billing for the VM.

 

Backup VMware Server Workloads to Azure Backup Server

In my previous article, I explained how to install and configure Azure Backup Server. This article explains how to configure Azure Backup Server to help protect VMware  Server workloads. I am assuming that you already have Azure Backup Server installed. Azure Backup Server can back up, or help protect, VMware vCenter Server version 5.5 and later version.

 

 

 

 

 

 

Step1: Create a secure connection to the vCenter Server

By default, Azure Backup Server communicates with each vCenter Server via an HTTPS channel. To turn on the secure communication, we recommend that you install the VMware Certificate Authority (CA) certificate on Azure Backup Server.

To fix this issue, and create a secure connection, download the trusted root CA certificates.

  1. In the browser on Azure Backup Server, enter the URL to the vSphere Web Client. The vSphere Web Client login page appears. Example, https://vcenter.domain.com

At the bottom of the information for administrators and developers, locate the Download trusted root CA certificates link.

  1. Click Download trusted root CA certificates.

The vCenter Server downloads a file to your local computer. The file’s name is named download. Depending on your browser, you receive a message that asks whether to open or save the file.

  1. Save the file to a location on Azure Backup Server. When you save the file, add the .zip file name extension. The file is a .zip file that contains the information about the certificates. With the .zip extension, you can use the extraction tools.
  2. Right-click zip, and then select Extract Allto extract the contents. The CRL file has an extension that begins with a sequence like .r0 or .r1. The CRL file is associated with a certificate.
  3. In the certsfolder, right-click the root certificate file, and then click Rename. Change the root certificate’s extension to .crt. When you’re asked if you’re sure you want to change the extension, click Yes or OK.  Right-click the root certificate and from the pop-up menu, select Install Certificate. The Certificate Import Wizard dialog box appears.
  4. In the Certificate Import Wizarddialog box, select Local Machine as the destination for the certificate, and then click Next to continue.

If you’re asked if you want to allow changes to the computer, click Yes or OK, to all the changes.

  1. On the Certificate Storepage, select Place all certificates in the following store, and then click Browse to choose the certificate store.

The Select Certificate Store dialog box appears.

  1. Select Trusted Root Certification Authoritiesas the destination folder for the certificates, and then click OK. The Trusted Root Certification Authorities folder is confirmed as the certificate store. Click Next.
  2. On the Completing the Certificate Import Wizardpage, verify that the certificate is in the desired folder, and then click Finish.
  3. Sign in to the vCenter Server to confirm that your connection is secure.

If you have secure boundaries within your organization, and don’t want to turn on the HTTPS protocol, use the following procedure to disable the secure communications.

Step2: Disable secure communication protocol

If your organization doesn’t require the HTTPS protocol, use the following steps to disable HTTPS. To disable the default behavior, create a registry key that ignores the default behavior.

  1. Copy and paste the following text into a .txt file.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Data Protection Manager\VMWare]

“IgnoreCertificateValidation”=dword:00000001

  1. Save the file to your Azure Backup Server computer. For the file name, use DisableSecureAuthentication.reg.
  2. Double-click the file to activate the registry entry.

Step3: Create a role and user account on the vCenter Server

To establish the necessary user credentials to back up the vCenter Server workloads, create a role with specific privileges, and then associate the user account with the role.

Azure Backup Server uses a username and password to authenticate with the vCenter Server. Azure Backup Server uses these credentials as authentication for all backup operations.

To add a vCenter Server role and its privileges for a backup administrator:

  1. Sign in to the vCenter Server, and then in the vCenter Server Navigatorpanel, click Administration.
  2. In Administrationselect Roles, and then in the Roles panel click the add role icon (the + symbol). The Create Role dialog box appears.
  3. In the Create Roledialog box, in the Role name box, enter BackupAdminRole. The role name can be whatever you like, but it should be recognizable for the role’s purpose.
  4. Select the privileges for the appropriate version of vCenter, and then click OK. The following table identifies the required privileges for vCenter 6.0 and vCenter 5.5.

When you select the privileges, click the icon next to the parent label to expand the parent and view the child privileges. To select the VirtualMachine privileges, you need to go several levels into the parent child hierarchy. You don’t need to select all child privileges within a parent privilege. After you click OK, the new role appears in the list on the Roles panel.

Privileges for vCenter 6.0 Privileges for vCenter 5.5
Datastore.AllocateSpace Datastore.AllocateSpace
Global.ManageCustomFields Global.ManageCustomerFields
Global.SetCustomFields
Host.Local.CreateVM Network.Assign
Network.Assign
Resource.AssignVMToPool
VirtualMachine.Config.AddNewDisk VirtualMachine.Config.AddNewDisk
VirtualMachine.Config.AdvanceConfig VirtualMachine.Config.AdvancedConfig
VirtualMachine.Config.ChangeTracking VirtualMachine.Config.ChangeTracking
VirtualMachine.Config.HostUSBDevice
VirtualMachine.Config.QueryUnownedFiles
VirtualMachine.Config.SwapPlacement VirtualMachine.Config.SwapPlacement
VirtualMachine.Interact.PowerOff VirtualMachine.Interact.PowerOff
VirtualMachine.Inventory.Create VirtualMachine.Inventory.Create
VirtualMachine.Provisioning.DiskRandomAccess
VirtualMachine.Provisioning.DiskRandomRead VirtualMachine.Provisioning.DiskRandomRead
VirtualMachine.State.CreateSnapshot VirtualMachine.State.CreateSnapshot
VirtualMachine.State.RemoveSnapshot VirtualMachine.State.RemoveSnapshot

Step4: Create a vCenter Server user account and permissions

After the role with privileges is set up, create a user account. The user account has a name and password, which provides the credentials that are used for authentication.

  1. To create a user account, in the vCenter Server Navigatorpanel, click Users and Groups. The vCenter Users and Groups panel appears.
  2. In the vCenter Users and Groupspanel, select the Users tab, and then click the add users icon (the + symbol). The New User dialog box appears.
  3. In the New Userdialog box, add the user’s information and then click OK. In this procedure, the username is BackupAdmin. The new user account appears in the list.
  4. To associate the user account with the role, in the Navigatorpanel, click Global Permissions. In the Global Permissions panel, select the Manage tab, and then click the add icon (the + symbol). The Global Permissions Root – Add Permission dialog box appears.
  5. In the Global Permission Root – Add Permissiondialog box, click Add to choose the user or group.  The Select Users/Groups dialog box appears.
  6. In the Select Users/Groupsdialog box, choose BackupAdmin and then click Add. In Users, the domain\username format is used for the user account. If you want to use a different domain, choose it from the Domain Click OK to add the selected users to the Add Permission dialog box.
  7. Now that you’ve identified the user, assign the user to the role. In Assigned Role, from the drop-down list, select BackupAdminRole, and then click OK. On the Managetab in the Global Permissions panel, the new user account and the associated role appear in the list.

Step6: Establish vCenter Server credentials on Azure Backup Server

  1. To open Azure Backup Server, double-click the icon on the Azure Backup Server desktop.
  2. In the Azure Backup Server console, click Management, click Production Servers, and then on the tool ribbon, click Manage VMware. The Manage Credentialsdialog box appears.
  3. In the Manage Credentialsdialog box, click Add to open the Add Credential dialog box.
  4. In the Add Credentialdialog box, enter a name and a description for the new credential. Then specify the username and password. The name, Contoso Vcenter credential is used to identify the credential in the next procedure. Use the same username and password that is used for the vCenter Server. If the vCenter Server and Azure Backup Server are not in the same domain, in User name, specify the domain.

Click Add to add the new credential to Azure Backup Server. The new credential appears in the list in the Manage Credentials dialog box.

  1. To close the Manage Credentialsdialog box, click the X in the upper-right corner.

Step7: Add the vCenter Server to Azure Backup Server

Production Server Addition Wizard is used to add the vCenter Server to Azure Backup Server. To open Production Server Addition Wizard, complete the following procedure:

  1. In the Azure Backup Server console, click Management, click Production Servers, and then click Add. The Production Server Addition Wizarddialog box appears.
  2. On the Select Production Server typepage, select VMware Servers, and then click Next.
  3. In Server Name/IP Address, specify the fully qualified domain name (FQDN) or IP address of the VMware server. If all the ESXi servers are managed by the same vCenter, you can use the vCenter name.
  4. In SSL Port, enter the port that is used to communicate with the VMware server. Use port 443, which is the default port, unless you know that a different port is required.
  5. In Specify Credential, select the credential that you created earlier.
  6. Click Addto add the VMware server to the list of Added VMware Servers, and then click Next to move to the next page in the wizard.
  7. In the Summarypage, click Add to add the specified VMware server to Azure Backup Server. The VMware server backup is an agentless backup, and the new server is added immediately. The Finishpage shows you the results.

After you add the vCenter Server to Azure Backup Server, the next step is to create a protection group. The protection group specifies the various details for short or long-term retention, and it is where you define and apply the backup policy. The backup policy is the schedule for when backups occur, and what is backed up.

Step8: Configure a protection group

After you check that you have proper storage, use the Create New Protection Group wizard to add VMware virtual machines.

  1. In the Azure Backup Server console, click Protection, and in the tool ribbon, click Newto open the Create New Protection Group wizard.

The Create New Protection Group wizard dialog box appears. Click Next to advance to the Select protection group type page.

  1. On the Select Protection group typepage, select Servers and then click Next. The Select group memberspage appears.
  2. On the Select group memberspage, the available members and the selected members appear. Select the members that you want to protect, and then click Next.

When you select a member, if you select a folder that contains other folders or VMs, those folders and VMs are also selected. The inclusion of the folders and VMs in the parent folder is called folder-level protection. To remove a folder or VM, clear the check box.

  1. On the Select Data Protection Methodpage, enter a name for the protection group. Short-term protection (to disk) and online protection are selected. If you want to use online protection (to Azure), you must use short-term protection to disk. Click Next to proceed to the short-term protection range.
  2. On the Specify Short-Term Goalspage, for Retention Range, specify the number of days that you want to retain recovery points that are stored to disk. If you want to change the time and days when recovery points are taken, click Modify. The short-term recovery points are full backups. They are not incremental backups. When you are satisfied with the short-term goals, click Next.
  3. On the Review Disk Allocationpage, review and if necessary, modify the disk space for the VMs. The recommended disk allocations are based on the retention range that is specified in the Specify Short-Term Goals page, the type of workload, and the size of the protected data (identified in step 3).
    • Data size:Size of the data in the protection group.
    • Disk space:The recommended amount of disk space for the protection group. If you want to modify this setting, you should allocate total space that is slightly larger than the amount that you estimate each data source grows.
    • Colocate data:If you turn on colocation, multiple data sources in the protection can map to a single replica and recovery point volume. Colocation isn’t supported for all workloads.
    • Automatically grow:If you turn on this setting, if data in the protected group outgrows the initial allocation, System Center Data Protection Manager tries to increase the disk size by 25 percent.
    • Storage pool details:Shows the status of the storage pool, including total and remaining disk size.

When you are satisfied with the space allocation, click Next.

  1. On the Choose Replica Creation Methodpage, specify how you want to generate the initial copy, or replica, of the protected data on Azure Backup Server.

The default is Automatically over the network and Now. If you use the default, we recommend that you specify an off-peak time. Choose Later and specify a day and time.  For large amounts of data or less-than-optimal network conditions, consider replicating the data offline by using removable media. After you have made your choices, click Next.

  1. On the Consistency Check Optionspage, select how and when to automate the consistency checks. You can run consistency checks when replica data becomes inconsistent, or on a set schedule. If you don’t want to configure automatic consistency checks, you can run a manual check. In the protection area of the Azure Backup Server console, right-click the protection group and then select Perform Consistency Check. Click Next to move to the next page.
  2. On the Specify Online Protection Datapage, select one or more data sources that you want to protect. You can select the members individually, or click Select All to choose all members. After you choose the members, click Next.
  3. On the Specify Online Backup Schedulepage, specify the schedule to generate recovery points from the disk backup. After the recovery point is generated, it is transferred to the Recovery Services vault in Azure. When you are satisfied with the online backup schedule, click Next.
  4. On the Specify Online Retention Policypage, indicate how long you want to retain the backup data in Azure. After the policy is defined, click Next.
  5. On the Summarypage, review the details for your protection group members and settings, and then click Create Group.

Now you are ready to backup VMware VM using Backup Server v2.

Azure Backup Server v2

Azure Backup is used for backups and DR, and it works with managed disks as well as unmanaged disks. You can create a backup job with time-based backups, easy VM restoration, and backup retention policies.

Azure Backup for VMware

The following table is a summary of the solutions available for DR.

Scenario Automatic replication DR solution
Premium SSD disks

Managed disks

Local (locally redundant storage)

Cross region (read-access geo-redundant storage)

Azure Backup

Azure Backup Server

Unmanaged LRS and GRS Local (locally redundant storage)

Cross region (geo-redundant storage)

Azure Backup

Azure Backup Server

This article illustrates on how to use Azure Backup Server v2 to backup on-premises and Azure Workloads. Though Azure Backup Server shares much of the same functionality as DPM. Azure Backup Server does not back up to tape, nor does it integrate with System Center. Azure Backup Server is a dedicated role. Do not run any other application or role with the Azure Backup Server.

 

 

You can deploy Azure Backup Server from the Azure marketplace or on a On-premises server. The requirement to deploy Azure Backup server on a on-prem infrastructure is to have the below OS.

Operating System Platform SKU
Windows Server 2016 and latest SPs 64 bit Standard, Datacenter
Windows Server 2012/R2 and latest SPs 64 bit Standard, Datacenter,

Microsoft recommends you start with a gallery image of Windows Server 2012 R2 Datacenter or Windows Server 2016 Datacenter to create a Azure Backup Server. Here are the steps, you need to go through to deploy Azure Backup server.

Step1: Install Windows Virtual Machine from the Marketplace

  1. Sign in to the Azure portal at https://portal.azure.com.
  2. Choose Create a resource in the upper left-hand corner of the Azure portal.
  3. In the search box above the list of Azure Marketplace resources, search for and select Windows Server 2016 Datacenter, then choose Create.
  4. Provide a VM name, such as myVM, leave the disk type as SSD, then provide a username, such as azureuser. The password must be at least 12 characters long and meet the defined complexity requirements.
  5. Choose to Create newresource group, then provide a name, such as myResourceGroup. Choose your Location, then select OK.
  6. Select a size for the VM. You can filter by Compute typeor Disk type, for example. A suggested VM size is D2s_v3. Click Select after you have chosen a size.
  7. On the Settingspage, in Network > Network Security Group > Select public inbound ports, select HTTPand RDP (3389) from the drop-down. Leave the rest of the defaults and select OK.
  8. On the summary page, select Createto start the VM deployment.
  9. The VM is pinned to the Azure portal dashboard. Once the deployment has completed, the VM summary automatically opens.

Step2: Create Recovery Vault

  1. Sign in to your subscription in the Azure portal.
  2. In the left-hand menu, select All Services.
  3. In the All services dialog, type Recovery Services. As you begin typing, your input filters the list of resources. Once you see it, select Recovery Services vaults.
  4. On the Recovery Services vaultsmenu, select Add. The Recovery Services vaults menu opens. It prompts you to provide information for NameSubscriptionResource group, and Location.
  5. When you are ready to create the Recovery Services vault, click Create.

Step3: Select Appropriate Storage Type

  1. Select your vault to open the vault dashboard and the Settings menu. If the Settingsmenu doesn’t open, click All settings in the vault dashboard.
  2. On the Settingsmenu, click Backup Infrastructure > Backup Configuration to open the Backup Configuration On the Backup Configuration menu, choose the storage replication option for your vault.
  3. Select LRS or GRS type storage.

Step4: Download Backup Software

  1. Sign in to the Azure portal.
  2. click Browse.In the list of resources, type Recovery Services.
  3. As you begin typing, the list will filter based on your input. When you see Recovery Services vaults,
  4. From the list of Recovery Services vaults, select a vault.
  5. The Settingsblade opens up by default. If it is closed, click on Settings to open the settings blade.
  6. Click Backupto open the Getting Started wizard. In the Getting Started with backup blade that opens, Backup Goals will be auto-selected.
  7. In the Backup Goalblade, from the Where is your workload running menu, select On-premises.
  8. From the What do you want to backup?drop-down menu, select the workloads you want to protect using Azure Backup Server, and then click OK.
  9. In the Prepare infrastructureblade that opens, click the Download links for Install Azure Backup Server and Download vault credentials. You use the vault credentials during registration of Azure Backup Server to the recovery services vault. The links take you to the Download Center where the software package can be downloaded.
  10. Select all the files and click Next. Download all the files coming in from the Microsoft Azure Backup download page, and place all the files in the same folder.

Step5: Extract Software Package

After you’ve downloaded all the files, click MicrosoftAzureBackupInstaller.exe. This will start the Microsoft Azure Backup Setup Wizard to extract the setup files to a location specified by you. Continue through the wizard and click on the Extract button to begin the extraction process.

Step 6: Install Software Package

  1. Click Microsoft Azure Backupto launch the setup wizard.
  2. On the Welcome screen click the Next This takes you to the Prerequisite Checkssection. On this screen, click Check to determine if the hardware and software prerequisites for Azure Backup Server have been met. If all prerequisites are met successfully, you will see a message indicating that the machine meets the requirements. Click on the Next button.
  3. Microsoft Azure Backup Server requires SQL Server Standard. Further,the Azure Backup Server installation package comes bundled with the appropriate SQL Server binaries needed if you do not wish to use your own SQL. When starting with a new Azure Backup Server installation, you should pick the option Install new Instance of SQL Server with this Setupand click the Check and Install Once the prerequisites are successfully installed, click Next.
  4. Provide a location for the installation of Microsoft Azure Backup server files and click Next.
  5. Provide a strong password for restricted local user accounts and click Next.
  6. Select whether you want to use Microsoft Updateto check for updates and click Next.
  7. Review the Summary of Settingsand click Install.
  8. The installation happens in phases. In the first phase the Microsoft Azure Recovery Services Agent is installed on the server. The wizard also checks for Internet connectivity. If Internet connectivity is available you can proceed with installation, if not, you need to provide proxy details to connect to the Internet.
  9. Once registration of the Microsoft Azure Backup server successfully completes, the overall setup wizard proceeds to the installation and configuration of SQL Server and the Azure Backup Server components. Once the SQL Server component installation completes, the Azure Backup Server components are installed.
  10. When the installation step has completed, the product’s desktop icons will have been created as well. Just double-click the icon to launch the product.

Step7: Add a Data Disk to Azure Backup Server

  1. Log on to Azure Portal. In the menu on the left, click Virtual Machines.
  2. Select the virtual machine from the list.
  3. On the virtual machine page, click Disks.
  4. On the Diskspage, click + Add data disk.
  5. In the drop-down for the new disk, select Create disk.
  6. In the Create managed diskpage, type in a name for the disk and adjust the other settings as necessary. When you are done, click Create.
  7. In the Diskspage, click Save to save the new disk configuration for the VM.
  8. After Azure creates the disk and attaches it to the virtual machine, the new disk is listed in the virtual machine’s disk settings under Data disks.

Step8: Initialise the Disk of the Azure Backup Server

  1. Connect to the VM.
  2. Click the start menu inside the VM and type mscand hit Enter. Disk Management snap-in opens.
  3. Disk Management recognizes that you have a new, un-initialized disk and the Initialize Diskwindow pops up.
  4. Make sure the new disk is selected and click OKto initialize it.

Step9: Create a Storage Pool for Azure Backup Server

  1. Navigating to the Storage Pools page in Server Manager
  2. Launch Server Manager and navigate to the “File and Storage Services” page.
  3. Navigate to the Storage Pools page. Refresh the UI by clicking on the Refresh button.
  4. Logon as a user with admin privileges to your server, launch Server Manager, and then navigate to the “Storage Pools” page within the File and Storage Services Role.
  5. Right-click the “Available Disks” pool for the Storage Spaces subsystem and launch the New Storage Pool Wizard.
  6. Launch the New Storage Pool Wizard from the TASKS list.
  7. In the New Storage Pool Wizard, enter desired pool name and optional description. Make sure that you have selected the Primordial pool for the Storage Spaces subsystem.
  8. Select the number of disks needed for pool creation. If you want to designate a physical disk as a hot spare, then select the “Hot Spare” allocation type.
  9. Confirm the selected settings and initiate pool creation by selecting “Create” on the “Confirm selections” page.

Step10: Create a Virtual Disk

  1. Right-click the concrete pool that you just created (the pool where type value is Storage Pool), and then launch the New Virtual Disk Wizard.
  2. In the New Virtual Disk Wizard, make sure that you have selected the appropriate pool. Enter the desired virtual disk name and optional description.
  3. Select the desired storage layout and provisioning scheme as per your storage requirements.
  4. On the “Specify the size of the virtual disk” page, enter the desired size for the new virtual disk or pick the “Maximum size” option.
  • If you pick the “Maximum size” option, the system will try to create the largest size possible for the virtual disk.
  • If you select the check box for “Create the largest virtual disk possible, up to the specified size” while specifying the size then the system will try to create the largest size possible for the virtual disk up to the requested size.
  • It is also important to note that the value showing up as the storage pool free space (in our example 43.8GB) shows the actual free allocation the pool has overall. For cases with a fixed provisioning of a non-simple storage layout such as Mirror or Parity, when defining the size of the virtual disk, you have to take into account the overhead of storage needed to create the extra copies of the virtual disks extents for resiliency. As a basic example, with the 43.8GB free space in the pool, creating a 30GB mirrored virtual disk is not possible since it will take at least 60GB of free space in the pool to create a mirrored virtual disk to hold the two copies of the mirrored data.
  1. Confirm the settings and initiate virtual disk creation by selecting “Create” on the “Confirm selections” page.

Step11: Add Disk to Azure Backup Server

  1. Launch  Azure Backup Server and locate Disk Storage and Add – Select the disk, you want to add
  2. Once Added, this disk will be formatted with REFS file system and the storage will be available for Azure Backup Server.

Now you are ready to use Azure Backup Server. On my next blog, I will explain how to backup VMware VM using Azure Backup Server.

Migrate a SQL Server database to Azure SQL Database

Azure Database Migration Service partners with DMA to migrate existing on-premises SQL Server, Oracle, and MySQL databases to Azure SQL Database, Azure SQL Database Managed Instance or SQL Server on Azure virtual machines.

 

SQL Migration.png
Azure SQL Migration (Source Microsoft Corp)

 

Moving a SQL Server database to Microsoft Azure SQL Database with Data Migration Assistant is a three-part process:

  1. Prepare a database in a SQL Server for migration to Azure SQL Database using the Data Migration Assistant (DMA).
  2. Export the database to a BACPAC file.
  3. Import the BACPAC file into an Azure SQL Database.

Using Microsoft Data Migration Assistant

Step 1: Prepare for migration

Complete these prerequisites:

  • Install the newest version of Microsoft SQL Server Management Studio (SSMS). Installing SSMS also installs the newest version of SQLPackage, a command-line utility that can be used to automate a range of database development tasks.
  • Download and Install the Microsoft Data Migration Assistant (DMA).
  • Identify and have access to a database to migrate.

Follow these steps to use Data Migration Assistant to assess the readiness of your database for migration to Azure SQL Database:

  1. Open the Microsoft Data Migration Assistant. You can run DMA on any computer with connectivity to the SQL Server instance containing the database that you plan to migrate; you do not need to install it on the computer hosting the SQL Server instance.
  2. In the left-hand menu, click New to create an Assessment project. Fill in the form with a Project name (all other values should be left at their default values), and then click Create.
  3. On the Options page, click Next.
  4. On the Select sources page, enter the name of SQL Server instance containing the server you plan to migrate. Change the other values on this page if necessary, and then click Connect.
  5. In the Add sources portion of the Select sources page, select the checkboxes for the databases to be tested for compatibility, and then click Add.
  6. Click Start Assessment.
  7. When the assessment completes, look for the checkmark in the green circle to see if the database is sufficiently compatible to migrate.
  8. Review the results the SQL Server feature parity results. Specifically review the information about unsupported and partially supported features, and the recommended actions.
  9. Review the Compatibility issues by clicking that option in the upper left. Specifically review the information about migration blockers, behavior changes, and deprecated features for each compatibility level. For the AdventureWorks2008R2 database, review the changes to Full-Text Search since SQL Server 2008, and the changes to SERVERPROPERTY(‘LCID’) since SQL Server 2000. For details about these changes, links for more information are provided. Many search options and settings for Full-Text Search have changed.
  10. Optionally, click Export report to save the report as a JSON file.
  11. Close the Data Migration Assistant.

Step 2: Export to BACPAC file

Follow these steps to use the SQLPackage command-line utility to export the AdventureWorks2008R2 database to local storage.

  1. Open a Windows command prompt and change your directory to a folder in which you have the 130 version of SQLPackage, such as C:\Program Files (x86)\Microsoft SQL Server\130\DAC\bin.
  2. Execute the following SQLPackage command at the command prompt to export the AdventureWorks2008R2 database from localhost to AdventureWorks2008R2.bacpac. Change any of these values as appropriate to your environment.

SQLPackageCopy

sqlpackage.exe /Action:Export /ssn:localhost /sdn:AdventureWorks2008R2 /tf:AdventureWorks2008R2.bacpac

Once the execution is complete the generated BACPAC file is stored in the directory where the sqlpackage executable is located. In this example, C:\Program Files (x86)\Microsoft SQL Server\130\DAC\bin.

  1. Log in to the Azure portal.
  2. Create a SQL Server logical server

A SQL Server logical server acts as a central administrative point for multiple databases. Follow these steps to create a SQL server logical server to contain the migrated Adventure Works OLTP SQL Server database.

  1. Click the New button found on the upper left-hand corner of the Azure portal.
  2. Type sql server in the search window on the New page, and select SQL server (logical server) from the filtered list.
  3. Click Create, and enter the properties for the new SQL Server (logical server).
  4. Complete the SQL server (logical server) form with the values from the red box in this image.
  5. Click Create to provision the logical server. Provisioning takes a few minutes.

Step 3: Create a server-level firewall rule

  1. Click All resources from the left-hand menu, and click the new server on the All resources page. The overview page for the server opens and provides options for further configuration.
  2. Click Firewall in the left-hand menu under Settings on the overview page.
  3. Click Add client IP on the toolbar to add the IP address of the computer you are currently using, and then click Save. This creates a server-level firewall rule for this IP address.
  4. Click OK.

Step 3: Import a BACPAC file to Azure SQL Database

The SQLPackage command-line utility is the preferred method to import your BACPAC database to Azure SQL Database for most production environments.

SqlPackage.exe /a:import /tcs:”Data Source=<your_server_name>.database.windows.net;Initial Catalog=<your_new_database_name>;User Id=<change_to_your_admin_user_account>;Password=<change_to_your_password>” /sf:AdventureWorks2008R2.bacpac /p:DatabaseEdition=Premium /p:DatabaseServiceObjective=P6

Connect using SQL Server Management Studio (SSMS)

  1. Open SQL Server Management Studio.
  2. In the Connect to Server dialog box, enter this information.
  • Server type: Specify Database engine
  • Server name: Enter your fully qualified server name, such as mynewserver20170403.database.windows.net
  • Authentication: Specify SQL Server Authentication
  • Login: Enter your server admin account
  • Password: Enter the password for your server admin account
  1. Click Connect.
  2. In Object Explorer, expand Databases, and then expand myMigratedDatabase to view the objects in the sample database.

Using Azure Database Migration Service

Azure Database Migration Service (ADMS), now in limited preview, can help you migrate existing on-premises SQL Server, Oracle, and MySQL databases to Azure SQL Database, Azure SQL Database Managed Instance, or SQL Server on an Azure Virtual Machine.

ADMS is designed to simplify the complex workflows you can encounter when migrating various database types to databases in Azure.

  1. In the Azure portal, select Data Migration Service, and then click New Migration Project.
  2. In New Migration Project, enter a unique project name, server source type and a target server type.
  3. Click Start.
  4. Provide all options under Migration target details, and then click Save.
  5. Provide all options under Migration source detail, and then click Save.
  6. In the Select source databases list, select each source database you want to migrate, and then click Save.
  7. Review the details summary, and then click Run Migration to start the migration. The amount of time the migration will run depends on a variety of factors including size and complexity of the database, source disk speed, and network speed.
  8. Once the migration is finished, a Completed status will be displayed in the SQL Migration dashboard.