Preparing Azure for a Zerto Cloud Appliance Installation – Part 3: Network Security Groups

In the previous post in this series, we created Resource Groups and Networks and Subnets. In this post we continue to create what we need in the Azure environment for our Zerto Cloud Appliance installation.

Network Security Groups

Using similar steps as the creation of Resource Group and Networks,   from the main menu, go to Network Security Groups (NSGs) so we can create the Network Security Groups for the subnets.  Click +Add and give the Network Security Group a name. I used ms-ignite-demo-subnet-nsg and use the ms-ignite-rg Resource Group.

Once it’s created, open the Network Security Group so you can add some firewall rules. I’m going to show you how to create the rules using RDP and these rules could actually be assigned at different levels like individual NICs, but for the purpose of showing how to put inbound and outbound firewall rules, we’ll apply them to the subnets. For more on the design and usage of NSGs, read this post.

Additionally, since you most likely have a commercial firewall on-premises, there are commercial offerings in the Azure marketplace that allows your network and security teams to use the platform that they are accustomed to using. For example, if you use Cisco ASA, there is an Azure marketplace appliance available to use.

In the Resource Group, go down to Inbound Rules.

We want to use the drop-down selector for the Service. Choose RDP to allow Remote Desktop connections.

Once you click OK, it shows the firewall rules in the main table.

In this menu, select Subnets to associate the firewall rules to the subnets. Click the +Associate and select the virtual network you created and associate the subnets.

Once you have associated all the subnets you need, then you can close the blade.

Navigate over to the Resource Group you created. You will see the network and subnets in the Resource Group.

At this point, you actually have what you need to install Zerto Virtual Replication. During the Zerto Cloud Appliance installation, it will create a storage account. However, in version 5.5U1 Zerto added the ability to use an existing storage account. In the next post, we’ll create a storage account.

Preparing Azure for a Zerto Cloud Appliance Installation – Part 2: Networks and Subnets

This is the second post in the “Preparing Azure for a Zerto Cloud Appliance” series.  In the first post in this series, we created a Resource Group.  In this post, we’ll add a network and some subnets.

Networks and Subnets

Back at the main menu on the left, go to Virtual networks. You will be creating a Virtual network much like the way you created the Resource Group.

Click +Add to add a new network. Give your network a name. I used ms-ignite-net and add the Address space. I changed the IP address to 10.2.0.0/16 from /24 because I want to create some subnets.

Be sure to select Use existing Resource group and add in the Resource Group you created. I’m using ms-ignite-rg. Use an Azure Region that is closest to your data center that will be connecting to Azure to improve performance.

In the Subnet, I changed it to 10.2.1.0/24 and named it Demo1 Subnet.

Click Create to create the network. When it is complete, click on Subnets to open up the Subnets configuration menu.  I’m going to add 4 Subnets.

To add the Subnets, you click the +Subnet button. I wanted to use a series of /24 subnets in this network.

You don’t have to associate Network Security Groups or Route Tables in this step; however, you have NSGs or routes created already, you can can do it now. You also can add them later.

Now we have the network and subnets we need. In the next post in this series, we create some Network Security Groups and associate them to the subnets.

 

Preparing Azure for a Zerto Cloud Appliance Installation – Part 1: Resource Groups

In this series of blog posts, we will create the elements needed to get the Zerto Cloud Appliance (ZCA) installed and ready to connect to an on-premises site.

The four components Zerto needs in order for you to use Azure are:

  1. Resource Groups
  2. Networks
  3. Firewalls
  4. Storage

You can see how Zerto consumes the Azure components in this quick tip post. We will start logged into the Azure portal. Then we will create the components needed to get the ZCA installed.

Before we start with the Resource Group creation, be sure the Azure account you use has Owner permissions for the Azure subscription you will be using. While the default owner permissions will allow the ZCA to be successfully installed, I have seen in some environments where the Azure Active Directory administrator removes adding Azure application permissions for infrastructure administrators. The Zerto Cloud Appliance registers as a Web/API application in Azure during the installation so the account you use should have these Azure AD permissions.

Resource Groups

The first thing we want to do is create a Resource Group.  Resource Groups are like virtual datacenters in Azure. You can create as many Resource Groups as you need and then place networks, subnets, storage and firewalls in the Resource Group. For more on what Resource Groups are, see this article.

From the Azure Portal navigation menu on the left, go to Resource Groups and create a Resource Group by clicking +Add.

I’m calling mine ms-ignite-rg since I’ll use this as a demo environment during Microsoft Ignite. For more than you want to know about naming conventions for Azure resources, see this article.

Once the Resource Group is created, you can find it on the Dashboard or you can go back to the Resource Group blade and search for it.

Click on the Resource Group to go into it. It will be empty and ready for you to add networks, subnets, network security groups (firewalls) and virtual machines.

Azure is really good at training you along the way. In the Resource Group menu, go down to Quickstart under Settings to learn more about Resource Groups and even watch a video. When you are done. Click the X to close the Resource Group blade.

In the next post in this series, we’ll create the Networks and Subnets.

 

Azure Quick Tip: Log into Azure from Powershell

If you don’t have Azure Powershell installed, here is how to do it:

From Powershell, enter Login-AzureRMAccount and hit Enter.

A Microsoft Azure login screen will pop up.

Log in with your Azure credentials. Now you’re ready to start working with Azure from the Powershell.

 

Let’s go Wayback

I’ve had this site a long time. I was trying to remember when I started it the other day and I figured it was late 2007 or early 2008.

Fortunately, there is the Wayback Machine internet archive. The first time it scanned my site was January 9, 2008, and it had quite a few blog posts by then. So, it looks like late 2007 was when VirtualizationInformation came online. The WordPress template didn’t make it in the wayback machine though.

It’s also quite a bit of fun to spend some time in the Wayback Machine looking at the evolution of the internet and the companies that we work with frequently. I did a search for VMware.com and found this one from 1999.

How about this one from zerto.com in February 2011 (note the funky green color):

Then, by September 2011, this is the zerto.com site. Talk about going 0-60 in a hurry!

Time just flies right by doesn’t it?

Upgrading Zerto Virtual Replication on vSphere to ZVR 5.5 Update 1

Whenever an upgrade is necessary with key infrastructure components such as your disaster recovery solution, you want it to be as painless as possible.

One of the big benefits of having Zerto Virtual Replication (ZVR) is its an all software solution and it has no agents in VMs, so upgrading your enterprise sites can be much easier than if you have hardware dependencies and if you have agents deployed in virtual machines.

In this post, we’ll do a quick walk-through of the upgrade process. The first thing to do is go to http://zerto.com/myzerto.

  1. Log in and download the latest version of Zerto Virtual Replication for vSphere.

2. Once it downloads, launch the installer.

3. Proceed with the installation wizard.

A great feature ZVR has is it will not only upgrade the ZVM, but it will also upgrade all of the Virtual Replication Appliances (VRAs) as well. The installation wizard allows you to select whether you want to automatically upgrade the VRAs.

Unless you have compelling reasons, leave the checkbox checked to automatically upgrade the VRAs.

4. The wizard checks all the existing services to ensure the upgrade will succeed.

5. The installer proceeds with the upgrade.

6. Once the ZVM is upgraded, the installer tells you that it will now upgrade the VRAs and you can track the progress in the upgraded ZVM Dashboard.

7. When you get logged in, you can go over to the Setup tab to check progress. Once the VRAs are upgraded, you will see the VRA Version column showing as “Latest”.

In typical Zerto fashion, upgrading other platforms like Azure and AWS have very similar steps.

For example, I created a video of how to upgrade an Azure Zerto Cloud Appliance.

Time for Microsoft Ignite

Next week is Microsoft Ignite. I’ll be there and if you are there, come by my theater session Monday at 4:35pm at OCCC South – Expo Theater #3.

I’ll also be in the Zerto booth. We’re booth number 833. We have live demo labs and we can show you failover and failback between vSphere and Azure and Hyper-V and Azure.

Running WordPress on AWS Lightsail: Part 3 – Cloudflare Setup.

This is the 3rd and final post in the Running WordPress on AWS Lightsail series. In this post, we’ll set up Cloudflare DNS, Web Application Firewall (WAF) and Content Delivery Network (CDN).

The first step of course, is to get a Cloudflare account. Once you sign in, go to the +Add Site menu selection in the upper right-hand side of the screen.

Next, you’ll add the website the “Add Websites” and let Cloudflare scan it.

It will scan the site and it will display the scanning process.

When completed, it shows “Scan Complete” status and then you click “Continue Setup”.

It shows the DNS configuration settings. Verify everything looks correct. You can make changes on this page.

At the bottom of the DNS settings list, click Continue. Select the Cloudflare Plan.

Hit Continue to the DNS Name Servers screen. These are the servers you updated your DNS settings to in AWS Route 53.

Hit Continue.

It shows the status of Cloudflare. Until the Name Server are updated and replicated out to the other DNS servers, it will show a status of “Not Active”. Once it updated, the status turns green and you can configure the firewall and caching.

Running WordPress on AWS Lightsail: Part 2- The Installation.

This post is the second in the Running WordPress on AWS Lightsail series.

I already had an AWS account for lab testing and demos with my work at Zerto. So if you don’t have one, you’ll need one. I logged in and went to Lightsail.

The rest was really easy. Push the “Create Instance” button, choose the type of instance you want and it spins up in a couple minutes. I picked WordPress.

The AWS Lightsail WordPress instance gets up and running very quickly.

AWS also provides DNS hosting as well. Just click “Create DNS Zone and associate it to IP address shown on the WordPress instance. I didn’t use this because I’m using Cloudflare firewall and CDN.

Instead, I went to AWS’s Route 53 to change to the Cloudflare Name Servers in it. To do that, click on the AWS menu selection on the upper right next to the Billing menu choice.

 

The AWS button takes you to the AWS console.

Scroll down to the Networking & Content Delivery section.

Click on Route 53. It takes you to the AWS DNS Management console.

Click on the Hosted zones.

Here is where you change the Name Servers to the Cloudflare Name Servers.

In the next post in this series, we’ll set up Cloudflare.

Zerto Quick Tip: Upgrading Azure or AWS ZCA to ZVR 5.5 Update 1

Zerto has many customers already protecting virtual machines from vSphere and Hyper-V to AWS and Azure.

With the recent release, Zerto added several new features and fixes that make it worthwhile to upgrade the AWS or Azure Zerto Cloud Appliance (ZCA). See the release notes here.

The upgrade is really straightforward. Log into your ZCA, download the upgrade from MyZerto and then do the install. To demonstrate how easy it is, I created this video.