Azure Scale Sets and Zerto

Zerto uses native Azure services to accelerate the move, failover and failover testing from on-premises to Azure. One of the ways Zerto achieves such short RTOs to public cloud is the use of Azure Scale Sets.

If you are not familiar with Azure Scale Sets, they are sets of VMs that power on automatically and perform a task and then deallocate automatically. Zerto uses them when a move, failover or failover test is performed.

In the following demo, you will see me initiate a failover from vSphere to Azure. Here’s what happens:

  • The scale set starts up 41 Linux worker VMs to process the replication data
  • I selected Reverse Replication in my Zerto failover. Once the VMs are running in Azure, the Scale Set works the delta sync from Azure to vSphere.
  • The Scale Set will process the Reverse Protection data until the Azure and vSphere sites are in sync.
  • Once the replication work is complete, the Scale Set will decommission all but one Scale Set VM that acts as the scheduler for the Scale Set.

Azure Managed Disk Incremental Snapshots and Zerto

At Ignite, Microsoft announced they added managed disk incremental snapshots. Zerto leverages the managed disks incremental snapshot feature for replication from Azure.

I’m part of the Global Alliances team at Zerto. We are responsible for the Microsoft relationship and get to collaborate with the Zerto Product teams and Azure Product teams to bring new features to the market.

The Zerto product teams have been working hard for several months with Microsoft to get the incremental snapshot feature developed.  The Azure storage team is great to work with as a partner. They actually listen to partner needs and develop APIs and functionality to meet those needs. At Ignite, I did a presentation of how Zerto uses the Incremental Snapshot feature in Raman Kumar’s THR3114 Migrate and protect your production applications running on Azure Disks.

This is an important feature to Zerto because Zerto doesn’t have agents in the virtual machines so Zerto needs Azure storage and their APIs to act more like a enterprise storage in order to track changes.

I also did a short demo in the session and I protected three servers with multiple disks from vSphere to Azure using Premium Managed disks then failed them over to Azure. I also set up reverse protection from Azure back to vSphere.

3 VMs protected to Azure with Premium Managed Disks then failed over to run in Azure

Below, we see the VMs and the multiple Premium SSD Managed disks as well as the Snapshots. The way that the incremental snapshots work is they are constantly updating and snapshotting only the incremental data to be more efficient. For example, in the image below of the Azure Portal during the protection from Azure to vSphere, the older snapshot’s data has been deleted due to a newer snapshot tracking that data. Eventually the oldest snapshot will be deleted as the Zerto protection continues.

Azure incremental snapshots being created and deleted automatically by Zerto for change tracking

To move back to vSphere from Azure, we use the Move command.

Moving VMs from Azure back to vSphere

I select my VPG that is replicating from Azure to vSphere.

Selecting the Virtual Protection Group to move from Azure to vSphere

I keep the Reverse Protection on so once the VMs are back in vSphere, they automatically replicate back to Azure.

Reverse Protection selected so the VMs will replicate back to Azure once running in vSphere

Click Move.

Move the VMs

Acknowledge the Commit Policy Warning.

The Commit Policy allows you to automatically commit or roll back the Move in a specified period of time

And watch the move progress.

The move progress

The VMs automatically deallocate from Azure.

VMs automatically deallocated from Azure once moved to vSphere

The VMs are moved and running in vSphere with protection automatically set up to Azure.

The VMs back in vSphere being protected to Azure

The new incremental snapshot feature helps Zerto complete the move in and move out of Azure scenarios.

Azure VMware Solutions by CloudSimple

CloudSimple

CloudSimple and Microsoft provides the ability to run a complete VMware environment inside of Azure. Source: https://docs.azure.cloudsimple.com/cloudsimple-vmware-solutions-overview/

Why would anyone want to run VMware in Azure?

Some of the use cases could be:

  • The need to evacuate a VMware-based datacenter in a short timeframe. Your organization has a public cloud strategy, but there isn’t time to design and deploy a full Azure native environment before you need to be out of the datacenter.
  • Your company is full of VMware experts that don’t have Azure knowledge yet.
  • Some of your applications aren’t good candidates for public cloud environments, but the majority of the applications are. You will need to maintain a small VMware footprint.

What are the sizes of the environments available?

Cost

CloudSimple currently has to instance sizes available. The smaller one is CS28 and it has 28 Cores, 256GB Ram and over 5TB of flash storage. Source: https://azure.microsoft.com/en-us/pricing/details/azure-vmware-cloudsimple/

What does it Cost?

It is important to note that a basic deployment is billed a minimum of a month due to the fact that you are getting physical servers inside an Azure datacenter, so when you deploy, it’s going to be about $18,000/month for the CS28 Instance Size. Here are more details on the CloudSimple pricing https://azure.microsoft.com/en-us/pricing/details/azure-vmware-cloudsimple/

How do I get started?

Very few products are named as accurately as CloudSimple. I went from zero to having a fully operational VMware datacenter in Azure in about 30 minutes. CloudSimple makes getting VMware inside of Azure really simple to do.

Portal1

To get your VMware datacenter installed, just search in the Azure Marketplace for CloudSimple. https://azuremarketplace.microsoft.com/en-us/marketplace/ 

Portal2

Once you have the CloudSimple Portal installed in Azure, then follow their intuitive steps. 

Note on the VPN

In order to connect to the Azure VPN in CloudSimple, you have to change the clamping to 1078.

How do I set up the VMware environment?

vmware setup

As a typical tech guy, I didn’t read any instructions and was able to get it installed just following their “Common Task” steps in the portal. You install the CloudSimple service, install the nodes and give it a few minutes and you have a VMware environment up and running in Azure. 

Operations

After the VMware environment running, it’s just like any other VMware datacenter. You use vCenter to manage it and provision VMs just like you normally do.

Adding Zerto

Of course the first thing we did was get a VM up and running in Azure and install Zerto. We created a VPN gateway in Azure and then connected our on-premises datacenter to it. The rest is normal Zerto on VMware operations. It really is that straightforward.

Preparing Azure for a Zerto Cloud Appliance Installation – Part 4: Storage Accounts

Storage Accounts

Creating a new Storage Account like we will do in this step isn’t required to do a ZCA installation because the ZCA installer will create it automatically. However, as part of the installation, you can also select existing storage accounts so this post shows you if you have storage accounts already existing, you can use them.

From the main menu, select Storage accounts and create a new storage Account.

In the create storage account, give it a name that makes it easy to locate. I’m using msignitesa, the Resource Manager deployment model, General purpose, Premium (you can use standard), LRS and Disabled for secure transfer required. Be sure to use the Resource Group you created.

Go to the Resource Group you created and you will see the network, network security group and the storage account in the Resource Group.

This is the final post in this series. You now have everything you need to start the ZCA installation.

Preparing Azure for a Zerto Cloud Appliance Installation – Part 3: Network Security Groups

In the previous post in this series, we created Resource Groups and Networks and Subnets. In this post we continue to create what we need in the Azure environment for our Zerto Cloud Appliance installation.

Network Security Groups

Using similar steps as the creation of Resource Group and Networks,   from the main menu, go to Network Security Groups (NSGs) so we can create the Network Security Groups for the subnets.  Click +Add and give the Network Security Group a name. I used ms-ignite-demo-subnet-nsg and use the ms-ignite-rg Resource Group.

Once it’s created, open the Network Security Group so you can add some firewall rules. I’m going to show you how to create the rules using RDP and these rules could actually be assigned at different levels like individual NICs, but for the purpose of showing how to put inbound and outbound firewall rules, we’ll apply them to the subnets. For more on the design and usage of NSGs, read this post.

Additionally, since you most likely have a commercial firewall on-premises, there are commercial offerings in the Azure marketplace that allows your network and security teams to use the platform that they are accustomed to using. For example, if you use Cisco ASA, there is an Azure marketplace appliance available to use.

In the Resource Group, go down to Inbound Rules.

We want to use the drop-down selector for the Service. Choose RDP to allow Remote Desktop connections.

Once you click OK, it shows the firewall rules in the main table.

In this menu, select Subnets to associate the firewall rules to the subnets. Click the +Associate and select the virtual network you created and associate the subnets.

Once you have associated all the subnets you need, then you can close the blade.

Navigate over to the Resource Group you created. You will see the network and subnets in the Resource Group.

At this point, you actually have what you need to install Zerto Virtual Replication. During the Zerto Cloud Appliance installation, it will create a storage account. However, in version 5.5U1 Zerto added the ability to use an existing storage account. In the next post, we’ll create a storage account.

Preparing Azure for a Zerto Cloud Appliance Installation – Part 2: Networks and Subnets

This is the second post in the “Preparing Azure for a Zerto Cloud Appliance” series.  In the first post in this series, we created a Resource Group.  In this post, we’ll add a network and some subnets.

Networks and Subnets

Back at the main menu on the left, go to Virtual networks. You will be creating a Virtual network much like the way you created the Resource Group.

Click +Add to add a new network. Give your network a name. I used ms-ignite-net and add the Address space. I changed the IP address to 10.2.0.0/16 from /24 because I want to create some subnets.

Be sure to select Use existing Resource group and add in the Resource Group you created. I’m using ms-ignite-rg. Use an Azure Region that is closest to your data center that will be connecting to Azure to improve performance.

In the Subnet, I changed it to 10.2.1.0/24 and named it Demo1 Subnet.

Click Create to create the network. When it is complete, click on Subnets to open up the Subnets configuration menu.  I’m going to add 4 Subnets.

To add the Subnets, you click the +Subnet button. I wanted to use a series of /24 subnets in this network.

You don’t have to associate Network Security Groups or Route Tables in this step; however, you have NSGs or routes created already, you can can do it now. You also can add them later.

Now we have the network and subnets we need. In the next post in this series, we create some Network Security Groups and associate them to the subnets.

 

Preparing Azure for a Zerto Cloud Appliance Installation – Part 1: Resource Groups

In this series of blog posts, we will create the elements needed to get the Zerto Cloud Appliance (ZCA) installed and ready to connect to an on-premises site.

The four components Zerto needs in order for you to use Azure are:

  1. Resource Groups
  2. Networks
  3. Firewalls
  4. Storage

You can see how Zerto consumes the Azure components in this quick tip post. We will start logged into the Azure portal. Then we will create the components needed to get the ZCA installed.

Before we start with the Resource Group creation, be sure the Azure account you use has Owner permissions for the Azure subscription you will be using. While the default owner permissions will allow the ZCA to be successfully installed, I have seen in some environments where the Azure Active Directory administrator removes adding Azure application permissions for infrastructure administrators. The Zerto Cloud Appliance registers as a Web/API application in Azure during the installation so the account you use should have these Azure AD permissions.

Resource Groups

The first thing we want to do is create a Resource Group.  Resource Groups are like virtual datacenters in Azure. You can create as many Resource Groups as you need and then place networks, subnets, storage and firewalls in the Resource Group. For more on what Resource Groups are, see this article.

From the Azure Portal navigation menu on the left, go to Resource Groups and create a Resource Group by clicking +Add.

I’m calling mine ms-ignite-rg since I’ll use this as a demo environment during Microsoft Ignite. For more than you want to know about naming conventions for Azure resources, see this article.

Once the Resource Group is created, you can find it on the Dashboard or you can go back to the Resource Group blade and search for it.

Click on the Resource Group to go into it. It will be empty and ready for you to add networks, subnets, network security groups (firewalls) and virtual machines.

Azure is really good at training you along the way. In the Resource Group menu, go down to Quickstart under Settings to learn more about Resource Groups and even watch a video. When you are done. Click the X to close the Resource Group blade.

In the next post in this series, we’ll create the Networks and Subnets.

 

Let’s go Wayback

I’ve had this site a long time. I was trying to remember when I started it the other day and I figured it was late 2007 or early 2008.

Fortunately, there is the Wayback Machine internet archive. The first time it scanned my site was January 9, 2008, and it had quite a few blog posts by then. So, it looks like late 2007 was when VirtualizationInformation came online. The WordPress template didn’t make it in the wayback machine though.

It’s also quite a bit of fun to spend some time in the Wayback Machine looking at the evolution of the internet and the companies that we work with frequently. I did a search for VMware.com and found this one from 1999.

How about this one from zerto.com in February 2011 (note the funky green color):

Then, by September 2011, this is the zerto.com site. Talk about going 0-60 in a hurry!

Time just flies right by doesn’t it?

Upgrading Zerto Virtual Replication on vSphere to ZVR 5.5 Update 1

Whenever an upgrade is necessary with key infrastructure components such as your disaster recovery solution, you want it to be as painless as possible.

One of the big benefits of having Zerto Virtual Replication (ZVR) is its an all software solution and it has no agents in VMs, so upgrading your enterprise sites can be much easier than if you have hardware dependencies and if you have agents deployed in virtual machines.

In this post, we’ll do a quick walk-through of the upgrade process. The first thing to do is go to http://zerto.com/myzerto.

  1. Log in and download the latest version of Zerto Virtual Replication for vSphere.

2. Once it downloads, launch the installer.

3. Proceed with the installation wizard.

A great feature ZVR has is it will not only upgrade the ZVM, but it will also upgrade all of the Virtual Replication Appliances (VRAs) as well. The installation wizard allows you to select whether you want to automatically upgrade the VRAs.

Unless you have compelling reasons, leave the checkbox checked to automatically upgrade the VRAs.

4. The wizard checks all the existing services to ensure the upgrade will succeed.

5. The installer proceeds with the upgrade.

6. Once the ZVM is upgraded, the installer tells you that it will now upgrade the VRAs and you can track the progress in the upgraded ZVM Dashboard.

7. When you get logged in, you can go over to the Setup tab to check progress. Once the VRAs are upgraded, you will see the VRA Version column showing as “Latest”.

In typical Zerto fashion, upgrading other platforms like Azure and AWS have very similar steps.

For example, I created a video of how to upgrade an Azure Zerto Cloud Appliance.