Disaster Recovery for Hyper-V

Exclusive offer: get 50% off this eBook here
Windows Server 2012 Hyper-V Cookbook

Windows Server 2012 Hyper-V Cookbook — Save 50%

Over 50 simple but incredibly effective recipes for mastering the administration of Windows Server Hyper-V with this book and ebook.

$29.99    $15.00
by Leandro Carvalho | January 2013 | Cookbooks Enterprise Articles Microsoft

The new Windows Server 2012 Hyper-V release from Microsoft comes with a myriad of improvements in areas such as mobility, high availability and elasticity, bringing everything you need to create, manage and build the core components of a Microsoft Private Cloud for virtualized workloads.

In this article by Leandro Cavalho, the author of Windows Server 2012 Hyper-V Cookbook, we will cover the following topics:

  • Backing up Hyper-V and virtual machines using Windows Server Backup

  • Restoring Hyper-V and virtual machines using Windows Server Backup

  • Confguring Hyper-V Replica between two Hyper-V hosts using HTTP authentication

  • Confguring Hyper-V Replica broker for a Failover Cluster

  • Confguring Hyper-V Replica to use certificate-based authentication using an Enterprise CA

  • Using snapshots in virtual machines

(For more resources related to this topic, see here.)

Hyper-V and Windows Server 2012 come with tools and solutions to make sure that your virtual machines will be up, running, and highly available. Components such as Failover Cluster can ensure that your servers are accessible, even in case of failures. However, disasters can occur and bring all the servers and services offline. Natural disasters, viruses, data corruption, human errors, and many other factors can make your entire system unavailable.

People think that High Available (HA) is a solution for Disaster Recovery (DR) and that they can use it to replace DR. Actually HA is a component of a DR plan, which consists of process, policies, procedures, backup and recovery plan, documentation, tests, Service Level Agreements (SLA), best practices, and so on. The objective of a DR is simply to have business continuity in case of any disaster.

In a Hyper-V environment, we have options to utilize the core components, such as Hyper-V Replica, for a DR plan, which replicates your virtual machines to another host or cluster and makes them available if the first host is offline, or even backs up and restores to bring VMs back, in case you lose everything.

This module will walk you through the most important processes for setting up disaster recovery for your virtual machines running on Hyper-V.

Backing up Hyper-V and virtual machines using Windows Server Backup

Previous versions of Hyper-V had complications and incompatibilities with the built-in backup tool, forcing the administrators to acquire other solutions for backing up and restoring.

Windows Server 2012 comes with a tool known as Windows Server Backup (WSB), which has full Hyper-V integration, allowing you to back up and restore your server, applications, Hyper-V, and virtual machines. WSB is easy and provides for a low cost scenario for small and medium companies.

This recipe will guide you through the steps to back up your virtual machines using the Windows Server Backup tool.

Getting ready

Windows Server Backup does not support tapes. Make sure that you have a disk, external storage, network share, and free space to back up your virtual machines before you start.

How to do it...

The following steps will show you how to install the Windows Server Backup feature and how to schedule a task to back up your Hyper-V settings and virtual machines:

  1. To install the Windows Server Backup feature, open Server Manager from the taskbar.

  2. In the Server Manager Dashboard, click on Manage and select Add Roles and Features.

  3. On the Before you begin page, click on Next four times.

  4. Under the Add Roles and Features Wizard, select Windows Server Backup from the Features section, as shown in the following screenshot:

  5. Click on Next and then click on Install. Wait for the installation to be completed.

  6. After the installation, open the Start menu and type wbadmin.msc to open the Windows Server Backup tool.

  7. To change the backup performance options, click on Configure Performance from the pane on the right-hand side in the Windows Server Backup console.

  8. In the Optimize Backup Performance window, we have three options to select from—Normal backup performance, Faster backup performance, and Custom, as shown in the following screenshot:

  9. In the Windows Server Backup console, in the pane on the right-hand side, select the backup that you want to perform. The two available options are Backup Schedule to schedule an automatic backup and Backup Once for a single backup. The next steps will show how to schedule an automatic backup.

  10. In the Backup Schedule Wizard, in the Getting Started page, click on Next.

  11. In the Select Backup Configuration page, select Full Server to back up all the server data or click on Custom to select specific items to back up. If you want to backup only Hyper-V and virtual machines, click on Custom and then Next.

  12. In Select Items for Backup, click on Add Items.

  13. In the Select Items window, select Hyper-V to back up all the virtual machines and the host component, as shown in the following screenshot. You can also expand Hyper-V and select the virtual machines that you want to back up. When finished, click on OK.

  14. Back to the Select Items for Backup, click on Advanced Settings to change Exclusions and VSS Settings.

  15. In the Advanced Settings window, in the Exclusions tab, click on Add Exclusion to add any necessary exclusions.

  16. Click on the VSS Settings tab to select either VSS full Backup or VSS copy Backup as shown in the following screenshot. Click on OK.

  17. In the Select Items for Backup window, confirm the items that will be backed up and click on Next.

  18. In the Specify Backup Time page, select Once a day and the time for a daily backup or select More than once a day and the time and click on Next.

  19. In the Specify Destination Type page, select the option Back up to a hard disk that is dedicated for backups (recommended), back up to a volume, or back up to a shared network folder, as shown in the following screenshot and click on Next.

    If you select the first option, the disk you choose will be formatted and dedicated to storing the backup data only.

  20. In Select Destination Disk, click on Show All Available Disks to list the disks, select the one you want to use to store your backup, and click on OK. Click on Next twice.

  21. If you have selected the Back up to a hard disk that is dedicated for backups (recommended) option, you will see a warning message saying that the disk will be formatted. Click on Yes to confirm.

  22. In the Confirmation window, double-check the options you selected and click on Finish, as shown in the following screenshot:

  23. After that, the schedule will be created. Wait until the scheduled time to begin and check whether the backup has been finished successfully.

How it works...

Many Windows administrators used to miss the NTBackup tool from the old Windows Server 2003 times because of its capabilities and features. The Windows Server Backup tool, introduced in Windows Server 2008, has many limitations such as no tape support, no advanced schedule options, fewer backup options, and so on. When we talk about Hyper-V in this regards, the problem is even worse. Windows Server 2008 has minimal support and features for it.

In Windows Server 2012, the same tool is available with some limitations; however, it provides at least the core components to back up, schedule, and restore Hyper-V and your virtual machines.

By default, WSB is not installed. The feature installation is made by Server Manager. After its installation, the tool can be accessed via console or command lines.

Before you start the backup of your servers, it is good to configure the backup performance options you want to use. By default, all the backups are created as normal. It creates a full backup of all the selected data. This is an interesting option when low amounts of data are backed up. You can also select the Faster backup performance option. This backs up the changes between the last and the current backup, increasing the backup time and decreasing the stored data. This is a good option to save storage space and backup time for large amounts of data.

A backup schedule can be created to automate your backup operations. In the Backup Schedule Wizard, you can back up your entire server or a custom selection of volumes, applications, or files. For backing up Hyper-V and its virtual machines, the best option is the customized backup, so that you don't have to back up the whole physical server. When Hyper-V is present on the host, the system shows Hyper-V, and you will be able to select all the virtual machines and the host component configuration to be backed up. During the wizard, you can also change the advanced options such as exclusions and Volume Shadow Copy Services (VSS) settings. WSB has two VSS backup options—VSS full backup and VSS copy backup. When you opt for VSS full backup, everything is backed up and after that, the application may truncate log files. If you are using other backup solutions that integrate with WSB, these logs are essential to be used in future backups such as incremental ones. To preserve the log files you can use VSS copy backup so that other applications will not have problems with the incremental backups.

After selecting the items for backup, you have to select the backup time. This is another limitation from the previous version—only two schedule options, namely Once a day or More than once a day. If you prefer to create different backup schedule such as weekly backups, you can use the WSB commandlets in PowerShell.

Moving forward, in the backup destination type, you can select between a dedicated hard disk, a volume, or a network folder to save your backups in.

When confirming all the items, the backup schedule will be ready to back up your system.

You can also use the option Backup once to create a single backup of your system.

There's more...

To check whether previous backups were successful or not, you can use the details option in the WSB console. These details can be used as logs to get more information about the last (previous), next, and all the backups.

To access these logs, open Windows Server Backup, under Status select View details. The following screenshot shows an example of the Last backup.

To see which files where backed up, click on the View list of all backed up files link.

Checking the Windows Server Backup commandlets

Some options such as advanced schedule, policies, jobs, and other configurations can only be created through commandlets on PowerShell.

To see all the available Windows Server Backup commandlets, type the following command:

Get-Command –Module WindowsServerBackup

See also

  • The Restoring Hyper-V and virtual machines using Windows Server Backup recipe in this article

Windows Server 2012 Hyper-V Cookbook Over 50 simple but incredibly effective recipes for mastering the administration of Windows Server Hyper-V with this book and ebook.
Published: November 2012
eBook Price: $29.99
Book Price: $49.99
See more
Select your format and quantity:

Restoring Hyper-V and Virtual Machines using Windows Server Backup

Cluster, Hyper-V Replica, Storage Migration, and other features makes for a higher availability for Hyper-V virtual machines, but it is impossible to provide 100 percent assurance in any system. When we lose a host computer, for example, not only is a single system offline, but also all the virtual machines that are running in there. It does not matter if it is only an application, a virtual machine, or the entire Hyper-V host that needs to be restored. In simple words, you have to be prepared to bring your systems online as soon as possible in case of a failure.

One of the benefits of Windows Server Backup is that it is easy to use and it is present in the OS already. With a couple of clicks, your hosts and its VMs are up and running.

This recipe will guide you through the steps to restore your virtual machines using Windows Server Backup.

Getting ready

Windows Server Backup only supports restores of backups that were made by it. Make sure that you have the access to these backups before you begin.

How to do it...

In the following steps, you will see steps how to restore a backup containing virtual machines and the host components using Windows Server Backup:

  1. If the computer on which you restore the data does not have Windows Server Backup installed, proceed with the following steps. In case it is already installed, go to step 7.

  2. To install the Windows Server Backup feature, open Server Manager from the taskbar.

  3. In the Server Manager Dashboard, click on Manage and select Add Roles and Features.

  4. In the Before you begin page, click on Next four times.

  5. In Select features, select Windows Server Backup, as shown in the following screenshot:

  6. Click on Next and then click on Install. Wait for the installation to be completed.

  7. To open WSB, in the start menu, type wbadmin.msc.

  8. In the Windows Server Backup console, in the pane on the right-hand side, click on Restore.

  9. In the Recovery Wizard window, under Getting Started, select This server if the backup is stored locally, or select A backup stored on another location if the backup is in a storage or network folder, as shown in the following screenshot. Then click on Next.

  10. In the Specify Location Type window, you can select from the options Local drives or Remote shared folder. Select the option where your backup files are situated and click on Next.

  11. In the Select Backup Location window, click on the drop-down list to select the backup location where the files are placed, and then click on Next.

  12. In the Select Server window, select the server which you want to restore and click on Next.

  13. In Select Backup Date, select the month, day, and time for restoring, as shown in the following screenshot. If you want to check the content of the backup, click on the hyperlink in front of Recoverable items. Click on Next when done.

  14. In the Select Recovery Type page, select what you want to recover. You can choose from the following options—Files and folders, Hyper-V, Volumes, Applications, and System State. To recover virtual machine and the host components, select Hyper-V, as shown in the following screenshot, and click on Next:

  15. On the Select Items to Recover page, select the virtual machine that you want to restore, as shown in the following screenshot. If you need to recover the Hyper-V settings, check the Host Component option and click on Next.

  16. In the Specify Recovery Options, you can select from the following options—Recover to original location, Recover to alternate location, and copy to folder. Select the options that suits your environment and click on Next. In the Confirmation window, verify the recovery items that will be restored and click on Recover. Wait until the restore is complete and click on Close to close the Recovery Wizard.

  17. To check the recovered items, in the Windows Server Backup console, under Messages, double click on the recovery event. The Application recovery window will open, as shown in the following screenshot:

  18. To check the recovered files, click on View list of all recovered files in the Application recovery window.

  19. To check whether the restoration was successful, open the Hyper-V Manager and check whether the restored virtual machines are listed.

How it works...

After a host failure, file corruption, or any other kind of data loss, you might face a very stressful environment with users calling every minute, managers freaking out, and many other bad consequences of an offline system.

The good news is that Windows Server Backup makes these consequences a little less painful. If you have backed up your virtual machines (and I am sure you did), it can restore them with a very intuitive wizard.

It can be used to restore files, folders, volumes, applications, the entire system state, and the new option introduced in Windows Server 2012, to recover Hyper-V.

In a scenario where you need to restore a virtual machine, the first thing to do is to make sure that WSB is already installed and the backup files are accessible from the computer where you want to restore the data.

In the Recovery Wizard, you can restore the server by specifying the backup location. The location can be a local drive such as attached disks and storages, or it can be a remote shared folder. Then the wizard shows a schedule from which you can select the last backup file. After selecting the backup date and time, the recovery type Hyper-V option must be selected to recover virtual machines. A list with the available virtual machines will be displayed, from which you can select the ones to be restored to the original or alternate location. The next step is just to wait for the restore process to finish and make sure that everything is online again.

See also

  • The Backing up Hyper-V and virtual machines using Windows Server Backup recipe in this article

Configuring Hyper-V Replica between two hyper-V hosts using HTTP authentication

Disaster Recovery (DR) is a very important component for every IT system. Good DR infrastructure normally involves datacenters, servers, storage, network bandwidth, and other expensive solutions. All these factors can make a DR plan more complicated for small- and medium-sized companies. The high cost and complexity would make it very difficult to accomplish.

Hyper- V on Windows Server 2012 comes with a new feature, called Hyper-V Replica to solve this problem. It is a feature that allows the virtual machines to be replicated to another server, such as a remote disaster recovery site server, using a single network connection.

The Hyper-V Replica components consist of a primary server that hosts all the virtual machines running in production, and a replica server that hosts replicas of each virtual machines on the primary server. It allows the administrators to automatically replicate the virtual machines that are to be used in case of a planned failover, such as moving VMs to the replication site, or even a failover in unplanned events where the primary server is offline.

The Hyper-V Replica replication engine has a module called change tracking that captures every "write" within the virtual hard disk file of all the running virtual machines and creates a log file. The replication happens in the Virtual Hard Disk (VHD) level, making it even easier to allow any virtual machine to be replicated. The replication using these logs occurs periodically and asynchronously through an HTTP or HTTPS connection. All the data that must be replicated to the replica server uses the network module, which optimizes the workload to work in slow network connections such as WANs. All you need are two physical servers running Hyper-V and a network connection between then. That's it. It does not need any third-party hardware or software applications. Also, it has the option to create recovery points so that you can restore virtual machines to any point in time. You don't have to worry about database corruption or virus replication when using the recovery points.

Hyper-V Replica is designed to give small- and medium-sized companies a full disaster recovery infrastructure solution for their virtualized environments with few requirements in terms of cost and components.

While allowing you to have replicas on the same network, the idea of Hyper-V Replica is to have a replica on a different network where you can run your VMs in case of a disaster, making it fully compliant with almost all the disaster recovery policies in place today.

In this recipe, you will see how to create a single Hyper-V Replica infrastructure with a primary and recovery server using HTTP based replication. That's not everything about Hyper-V Replica. The next recipes will show advanced configurations such as certificate-based replication and the integration between Hyper-V Replica and Failover Cluster.

Getting ready

Hyper-V Replica requires only two servers with the Hyper-V role installed and a network connection. It's as simple as that!

How to do it...

In the following tasks, you will see how to prepare and configure two servers to work with Hyper-V Replica and how to enable replication of a virtual machine. The tasks will illustrate setting up the primary server (HVHost01) and the replica server (HVHost02). At the end of the tasks, you will see how to fail the virtual machine over to in the replica server in case of disaster.

  1. Open the Hyper-V Manager on the server that will be used as replica server.

  2. In the Hyper-V Manager, click on Hyper-V Settings in the pane on the right-hand side.

  3. In the Hyper-V Settings window, select Replication Configuration.

  4. Click on Enable this computer as a Replica server.

  5. Under Authentication and ports, select Use Kerberos (HTTP) and specify the port to be used.

  6. Under Authorization and storage, select Allow replication from any authenticated server and specify the default location to store the replica files; or, you can select Allow replication from the specified servers. If you select the second option, specify the Primary Server, Storage Location, and Trust Group.

  7. In the following screenshot, the port 80 has been used to replicate with HTTP. The primary server *.contoso.com has been added to allow replication from any server from the contoso.com domain, and a trust group called HVServers has also been created. Click on OK when finished.

  8. Repeat steps 1 through 7 for the primary server as well.

    Though it is not necessary, you can enable the primary server as a replica server for occasions where you need to fail back the VMs using a planned failover.

  9. To enable a Windows Firewall exception for Hyper-V Replica, open PowerShell from the Taskbar and type the following command in both servers:

    Enable-Netfirewallrule -displayname "Hyper-V Replica HTTP Listener (TCP-In)"

  10. Now, with the replica server up and running, right-click on the virtual machine that you want to replicate in the primary server, in the Hyper-V Manager, and select Enable Replication.

  11. In the Enable Replication Wizard, click on Next.

  12. In the Specify Replica Server, type the Hyper-V Replica server name in Replica Server and click on Next.

  13. In Specify Connections Parameters, verify that Use Kerberos authentication (HTTP) is selected. In case of slow network connections, verify that the Compress the data that is transmitted over the network option is checked, as shown in the following screenshot, and click on Next.

  14. Under Choose Replication VHDs, deselect the virtual hard disks file that you don't want to replicate and click on Next.

  15. In Configure Recovery History, select Only the latest recovery point to have only the last recovery point in the replica server, as shown in the next screenshot. You can select Additional recovery points if you want to allow the replica server to receive additional recovery points. If you select this option, specify the number of recovery points in Number of additional recovery points to be stored; to replicate incremental snapshots using the Volume Shadow Copy (VSS), select the checkbox Replicate Incremental VSS copy every: and use the slider to specify the frequency at which the snapshots are taken.

    The slider to specify the time is only applied to the frequency the of snapshots being taken. It can be confused with the time to replicate the virtual machine data to the replica server. The default value is 5 minutes and cannot be changed.

  16. In the Choose Initial Replication Method window, under Initial Replication Method, select Send initial copy over the network, as shown in the next screenshot, to use the network connection to copy the VM files. Select Send initial copy using external media to export the VM data and locally import it in the replica server. You may select the Use an existing virtual machine on the Replica server as the initial copy option if you have a restored copy of the virtual machine on the replica server.

  17. Under Schedule Initial Replication, select Start replication immediately, as shown in the following screenshot, to send the virtual machine data straight away after the wizard is completed. You may alternatively select Start replication on and set the time and date for scheduled replication to schedule the initial replication. Once done, click on Next.

  18. In the Completing the Enable Replication wizard, check the settings and click on Finish. The virtual machine data will be transferred to the replica server on the scheduled time and date.

  19. In case of a disaster and the primary server is offline, right-click on the virtual machine in the replica server, select Replica, and click on Failover.

  20. In the Failover window, select the recovery point to use in the drop-down list and click on Fail Over, as shown in the following screenshot:

How it works...

Hyper-V Replica needs two servers to replicate the virtual machine data. The principal server that runs the virtual machines is known as primary server. The secondary server, called replica server is used in case of a failover. The first thing is to enable the replica server in the Hyper-V Settings. The settings are divided in two classes—authentication and authorization. In authentication, there are two options to transfer the virtual machine files over the network—HTTP, which does not encrypt the data and doesn't require any additional configuration and HTTPS, which encrypts the content using digital certificates for authentication. You must request and install an authentication certificate in order to use HTTPS. This option will be covered in the next recipe.

The replica server also needs to be configured to receive data from other servers. That's the role of the authorization part of the window. You can select the option to Allow replication from any authenticated server or specify a list of servers and the path to store the virtual machine files. In the server list you can also use wildcards like *.contoso.com to allow any server from the contoso.com domain to replicate data to the server. You can use Trusted Groups to separate different areas or customers, creating a sort of tagging. This is an interesting option in case you have different customers and want to make sure their data will be in different locations.

Although the primary server does not need these replica server options, it would be a best practice to enable it in the primary servers so that you can use the Planned Failover feature and transfer the VM back to the primary server after an outage.

After this, a firewall exception must be configured to allow Windows Firewall to receive the HTTP (or HTTPS, if you are using the certificates) requests from the primary server. If you configured the primary server as a replica server, you also must run the PowerShell command.

That's basically all you need to set up the host computers with Hyper-V Replica. The next step is to enable the replication on the virtual machines that you want. This is done by selecting the option Enable Replication on the VM.

The first step of the wizard is to select the replica server. After that, you can select the protocol to send the VM files. You can use either HTTP or HTTPS. On the same screen, you can uncheck the option to compress the data over the network. As the primary and replica servers are intended to run on different sites, this option is checked by default. The next option is to select the VHD that needs to be replicated. In case the VM has more than one VHD, you can select the one VHD that will be present in the replica server. For better performance and to reduce the amount of data that's being replicated, it's recommended to use a different VHD for the page file within the VM and exclude it from being replicated.

In the Recovery History window, you can choose to have only the last recovery point of a VM or more points. You can select the number of recovery points and the interval to create the additional recovery points. The last step is to select the initial replication method and schedule. The default method is to send the initial copy over the network. In case of large virtual machines over slow networks, you can export the VM data to an external media and import in the replica server. In case the VM that you want to replicate already exists in the replica server, you can use it for the initial copy. Then, you can start the replication immediately or schedule the initial replication. It is important to say that the schedule is only applicable during the initial replication. The log replication occurs every 5 minutes and cannot be changed.

When a virtual machine is enabled to replicate, the Hyper-V Replica modules start to monitor the changes in the VHD and create a log to be replicated. This is done by the change tracking module in the Hyper-V Virtual Storage Stack. The replication starts using an asynchronous method, replaying the log files in reverse order.

Then, the unexpected happens: a disaster occurs. No need to panic (at least with your VMs). The failover process is manual. To do so, you must select the virtual machine and fail it over. You can also select the recovery point to restore the VM. It comes in very handy if you have a virus infection in one of your virtual machine, for example.

As a last tip, it is recommended to monitor the health of your replica using the default views and tools, to make sure that you will be able to restore a recent version of your virtual machines in case of failure.

There's more...

You might be wondering what happens when a virtual machine with a static IP address fails over onto another datacenter with a different subnet and network configuration. For example, on datacenter A, where the primary server sits, you have a VM with IP address, default gateway, DNS settings, and so on. On datacenter B, where the replica server is, there are different network configurations, causing problems on all the VMs that failover to access the network.

When the VM starts on the replica server, it will lose the network settings. Even if you keep the same network configuration, it will not work because the VM is running on a different network.

That's why Hyper-V allows you to add failover network configuration settings, which can be used when you failover it to the replica server. It is also important to note that this requires a synthetic virtual network adapter on the VM and doesn't work with legacy virtual network adapters.

To configure these settings, open the virtual machine settings, expand the attached network adapter, and click on Failover TCP/IP, as shown in next screenshot:

Check the Use the following IPv4 address scheme for the virtual machine option and add the network configuration that you want your VM to use when it fails over the other network.

Using PowerShell to configure and enable Hyper-V Replica

PowerShell is also present as a secondary configuration option for Hyper-V Replica and sometimes it makes things very handy and easy, as shown in the next examples.

You can use the command Set-VMReplicationServer to configure your server as a replica server. The next example shows a server being enabled using Kerberos as authentication type, with the default storage location point to C:\Hyper-V and with the option to receive replication from any server enabled.

Set-VMReplicationServer -ReplicationEnabled $true -AllowedAuthenticationType Kerberos -DefaultStorageLocation C:\Hyper-V -ReplicationAllowedFromAnyServer $true

To enable replication to a VM you can use the command Enable-VMReplication. The next example shows how to enable replication to all the virtual machines at the same time using port 80 on server HVHost02.

Enable-VMReplication -VMName * -ReplicaServerName HVHost02 -ReplicaServerPort 80 -AuthenticationType Kerberos

The Start-VMInitialReplication command starts the initial replication for your virtual machines. The next example shows how to start it on every virtual machine:

Start-VMInitialReplication –VMName *

To list all the Hyper-V Replica commandlets on PowerShell, type the following command:

Get-Command -Module Hyper-V *Replica*

 

See also

  • The Configuring Hyper-V Replica Broker for a Failover Cluster recipe in this article

  • The Configuring Hyper-V Replica to use certificate-based authentication using an Enterprise CA recipe in this article

Configuring Hyper-V Replica Broker for a Failover Cluster

If you have either the primary or the replica server as a member of a Failover Cluster environment, you will need to configure the Hyper-V Replica Broker role. This role is necessary to enable a cluster to be part of a Hyper-V Replica so that it can support seamless replication. In this scenario, you can have a standalone server and a cluster working as primary or replica server, or a cluster for each.

When configuring a Hyper-V Replica for a virtual machine, a different virtual name called Client Access Point (CAP) must be used. The CAP is created during the Hyper-V Replica Broker configuration.

In this recipe, you will see how to configure Hyper-V Replica Broker to use your cluster servers in the Hyper-V Replica scenario.

Getting ready

You will need a Failover Cluster environment already configured with a cluster created as well.

How to do it...

These steps will guide you through the Hyper-V Replica Broker configuration, enabling a failover cluster to participate in a Hyper-V Replica infrastructure.

  1. To configure Hyper-V Replica Broker, open the Start menu and type Cluadmin.msc to open the Failover Cluster Manager.

  2. Select the existing cluster and click on Configure Role.

  3. In the High Availability Wizard window, click on Next.

  4. In Select Role, select Hyper-V Replica Broker, as shown in the following screenshot, and click on Next.

  5. In the Client Access Point window, specify the name and the IP address for your CAP and click on Next, as shown in the following screenshot:

  6. In the Confirmation window, click on Next and then Finish.

  7. After the configuration, open the Failover Cluster Manager again, expand your cluster, click on Roles, right-click on the Hyper-V Replica Broker object, and click on Replication Settings.

  8. In the Hyper-V Replica Broker Configuration window, select Enable this cluster as a Replica server.

  9. Under Authentication and ports, select either Use Kerberos (HTTP) or Use certificate-based Authentication (HTTPS). For the last option, you must have a digital certificate installed first.

  10. Under Authorization and storage, select Allow replication from any authenticated server or Allow replication from the specified servers and specify the location to store the replica files. When finished, click on OK, as shown in the next screenshot:

  11. After configuring the Hyper-V Replica Broker, when enabling a virtual machine for replication, for the Client Access Point field type Replica Server.

How it works...

Hyper-V Replica does support cluster, but it cannot use the cluster name while you are enabling replication in the virtual machine. That's why you need to configure the Hyper-V Replica Broker. It creates a virtual name and IP address that can be used in the wizard to create a virtual machine replica.

Hyper-V Replica Broker is a role that is enabled in the Failover Cluster Manager. During its creation, you just need to add the Client Access Point name and the IP address. Then you must enable and configure Hyper-V Replica in the role, as done in a normal host that will be used as a replica server. After adding the authentication and authorization options, your cluster will be ready to start working as part of a Hyper-V Replica infrastructure.

See also

  • The Configuring Hyper-V Replica between two Hyper-V hosts recipe in this article

  • The Configuring Hyper-V Replica to use certificate-based authentication using an Enterprise CA recipe in this article

Windows Server 2012 Hyper-V Cookbook Over 50 simple but incredibly effective recipes for mastering the administration of Windows Server Hyper-V with this book and ebook.
Published: November 2012
eBook Price: $29.99
Book Price: $49.99
See more
Select your format and quantity:

Configuring Hyper-V Replica to use certificate-based authentication using an Enterprise CA

Hyper-V Replica brings you all that you need to build your Infrastructure as a Service (IaaS) and also provides you with a Disaster Recovery environment for your virtualized workloads.

With its simple configuration and a couple of clicks, you can start replicating your virtual machine to a different site with low cost and high reliability. However, the out-of-box experience using HTTP to replicate data does not provide encryption during the transfer to the other site.

This recipe will show you how to use an Enterprise Certification Authority (CA) to obtain a certificate to replicate the virtual machine data using HTTPS.

Getting ready

In order to request a digital certificate, you will need to have an Enterprise CA already installed and configured. Use the Server Manager to install Active Directory Certificate Services and then to configure an Enterprise CA in case you don't have one.

How to do it...

The following steps will show how to create a certificate template in the Enterprise CA, how to request and install a certificate to be used on Hyper-V Replica and how to enable Hyper-V Replica to use certificate-based authentication for replication.

  1. To create a certificate template to be used to issue certificates for Hyper-V, type certsrv.msc from your CA server, to open the Certification Authority console.

  2. Expand your local CA (make a note of the CA name, you will need it during step 16), right-click on Certificate Templates, and select Manage.

  3. In the Certificate Templates Console, right-click on the Workstation Authentication template and select Duplicate Template, as shown in the following screenshot:

  4. In the Properties of New Template pane, go to the General tab and fill in the Template display name and the Template name fields. In the following screenshot, Hyper-V Replica Template was added as the Template name.

  5. Go to the Issuance Requirements tab and check the CA certificate manager approval option to manually approve the certificates using the new template. Although it is optional, you can provide more security and control for new certificates.

  6. Click on the Security tab, select the Authenticated Users group and allow the Enroll permission, as shown in the following screenshot:

     

  7. Click on the Subject Name tab and select Supply in the request to enable the subject name to be added during the request.

  8. Click on the Extensions tab, make sure that Application Policies is selected, and click on Edit.

  9. In the Edit Application Policies Extensions window, click on Add.

  10. In the Add Application Policy screen, select Server Authentication from the list and click on OK twice. Under Description of Application Policies, you will see both Client and Server Authentication as shown in the following screenshot. Click on OK to confirm the new certificate template creation and close the Certificate Templates Console window.

  11. Back in the Certification Authority console, right-click on Certificate Templates, navigate to New, and click on Certificate Template to Issue.

  12. In the Enable Certificate Templates window, select the new certificate template, and click on OK.

  13. From the server that will be used as member of the Hyper-V Replica, open Notepad and use the following text as an example code to create a .inf file to request your certificate. Replace the Subject line value "CN=HVHost01.contoso.com" with your server's Fully Qualified Domain Name (FQDN). Replace the CertificateTemplate value "Hyper-V Replica Template" with the name used in the step 4:

    [Version] Signature="$Windows NT$ [NewRequest] Subject = "CN=HVHost01.contoso.com" Exportable = TRUE KeyLength = 2048 KeySpec = 1 KeyUsage = 0xA0 MachineKeySet = True ProviderName = "Microsoft RSA SChannel Cryptographic Provider" ProviderType = 12 RequestType = CMC [RequestAttributes] CertificateTemplate = "Hyper-V Replica Template"

  14. Save the file as a .inf file and close Notepad. In the next example, the file that will be used is C:\HVhost01.inf.

  15. Open the command prompt as administrator and type the following command to create a new request file:

    Certreq –new C:\HVHost01.inf C:\HVHost01.req

  16. Type the next command to submit the request using the .req file that was created in the previous task. Replace the name "Daleon\Contoso-CA" with your CA server name and the CA name, as shown in step 2.

    Certreq –submit –config "Daleon\Contoso-CA" C:\HVHost01.req C:\ HVHost01.cer

  17. In the command results, make a note of the request ID.

  18. In case you need to approve the pending request, as configured in step 5, open the Certificate Authority console back in the CA server, click on Pending Requests, right-click on the request, select All Tasks, and click on Issue, as shown in the following screenshot:

  19. Open the command prompt back in the Hyper-V host again and type the next command to retrieve the approved certificate. Replace the request ID 10 with the one from step 17.

    Certreq –retrieve 10 HVHost01.cer

  20. Right-click on the .cer file created in the previous step and click on Install Certificate.

  21. In the Certificate Import Wizard, select Local Machine under Store Location and click on Next.

  22. In Certificate Store, select Place all certificates in the following store, click Browse, select Personal, click on OK, Next, and then on Finish to import the certificate.

  23. To enable Hyper-V Replica in the local Windows Firewall, open PowerShell from the taskbar and type the following command in both the servers:

    Enable-Netfirewallrule -displayname "Hyper-V Replica HTTPS Listener (TCP-In)"

  24. Now with the certificate installed locally, open the Hyper-V Manager, click on Hyper-V Settings on the pane on the right-hand side, and check the Enable this computer as a Replica server option.

  25. Check the Use certificate-based Authentication (HTTPS) option and click on Select Certificate

  26. In the Windows Security window, confirm the imported certificate and click on OK, as shown in the next screenshot:

  27. Verify the certificate settings, as shown in the following screenshot, and click on OK.

  28. Repeat steps 13 to 27 to request and install a certificate to the other Hyper-V Server.

  29. When enabling the replica for a virtual machine, under Specify Connection Parameters, select Use certificate-based authentication (HTTPS), as shown in the next screenshot, click on Select Certificate and click on OK.

How it works...

A digital certificate is one of the most common and safest methods used today by applications, websites, and many other solutions to provide communication authenticity and encryption.

Hyper-V Replica can use this technology to encrypt and protect replication data. In this recipe, an Enterprise CA was used as an example for internal certificate requests. Although Enterprise CAs are more common internally, you can also use standalone or even external CAs to create requests for your certificates.

By using an Enterprise CA, you have some benefits such as Active Directory integration, auto enrolment of certificates, and certificate templates.

In the recipe, a template was created with the necessary advanced options required for Hyper-V Replica configuration.

After template creation, a .inf file containing the certificate details must be used to create a request file so that you can issue it from the CA server.

When the certificate is issued and installed on both servers that will be used to configure Hyper-V Replica, you can enable it by using certificate-based authentication and replicate the virtual machines between them.

See also

  • The Configuring Hyper-V Replica between two Hyper-V hosts recipe in this article

  • The Configuring Hyper-V Replica Broker for a Failover Cluster recipe in this article

Using snapshots in virtual machines

In the IT field, it is easy to have problems, errors, mistakes, and other issue that might need a deep troubleshooting process or even worse, such as a system restore. With virtual machines, the administrators have a very interesting option that is not available in physical servers. What if you could rollback a VM before the error occurred? What if you could prepare the VM for some change that can cause an issue. That's what snapshots are made for. You can take a VM snapshot on the fly, do whatever you need to do, and roll it back in case of errors.

This comes very handy and can save our lives, making the problem prevention two clicks away.

To illustrate some scenarios to use snapshots, consider the following examples:

  • System upgrades or migration

  • Software updates

  • Software installation and configuration

  • Registry changes

  • Troubleshooting problems

This list can go on and on, but the idea of snapshots is to give you the opportunity to recover the virtual machine in a fast and an easy way. With them, you can revert the virtual machine to a previous state before the error. That's why snapshots are very common in developing, staging, and testing the environments.

This recipe will show the different ways to create and manage snapshots, as well as its tricks and best practices.

Getting ready

Snapshots can be created on any existing virtual machine. The only prerequisite in this recipe is to have Hyper-V with at least one virtual machine.

How to do it...

The following steps will show how to create and manage virtual machine snapshots.

  1. To take a snapshot of a virtual machine, open Hyper-V Manager, right-click on the virtual machine and click on Snapshot or click on Snapshot in the pane on the right-hand side, as shown in the following screenshot:

  2. To take a snapshot and add a name during its creation, double-click on a virtual machine to open the Virtual Machine Connection window, click on Action in the menu, and then click on Snapshot.

  3. On the Snapshot Name window, type the snapshot name, as shown in the next screenshot, and click on Yes.

  4. To apply, rename, delete, and see the snapshot settings, select any virtual machine, select the snapshot to be managed, and right-click on it, as shown in the following screenshot:

How it works...

As shown in the simple tasks in the recipe, Hyper-V offers several ways to create snapshots. When a new one is created, it captures the virtual machine state, configuration, and all its content, and stores them into an Automatic Virtual Hard Disk (AVHD) file within the virtual machine folder.

When a virtual machine has a snapshot taken, an AVHD file is created and a link between the new file and the current VHD is created. All the "writes" start getting stored in the AVHD file, while the "reads" happen in both files. When you delete the snapshot, Hyper-V merges the AVHD file with the VHD file. The AVHD file is then deleted as along with the link with the VHD file. Because of different disks to read and write and the possibility to create snapshot trees, you can have poor disk performance in the virtual machine. That's why snapshots are intended to be used temporarily.

In previous versions of Hyper-V, snapshot merges happened only with the virtual machine offline. The AVHD file was deleted only when the VM was turned off. One of the principal improvements on Windows Server 2012 is the ability to have a real-time merge between AVHD and VHD files.

In some situations, people might think that snapshots can replace a VM backup at times. They can also create lots of snapshots for a single VM. As a Hyper-V administrator, you must know that snapshots are temporary actions that can never replace any backup of your virtual machines.

There's more...

Using snapshots via PowerShell can be tricky. In PowerShell, snapshots are know by a different name checkpoint. The command Create-CheckPoint is used to take a snapshot from a virtual machine. You can also use Remove-VMSnapshot, Restore-VMSnapshot, Get-VMSnapshot, and Rename-VMSnapshot.

Exporting a virtual machine out of a snapshot

There is a new and special commandlet in PowerShell that can export a virtual machine from an existing snapshot called Export-VMSnapshot.

The following code snippet gets a snapshot called Pre Upgrade Task from the VM SYD-DC1 and export to the folder C:\Hyper-V. After that, you can import and create a new VM from the snapshot.

Export-VMSnapshot –Name "Pre Upgrade Tasks" –VMName SYD-DC1 –Path C:\ Hyper-V

See also

  • The Backing up Hyper-V and virtual machines using Windows Server Backup recipe in this article

  • The Restoring Hyper-V and virtual machines using Windows Server Backup recipe in this article

Summary

In this article, we covered using Windows Server Backup to back up and restore Hyper-V, configuring Hyper-V Replica in some interesting ways, and using snapshots in virtual machines. This should put you well on your way to setting up disaster recovery for your virtual machines running on Hyper-V.

Resources for Article :


Further resources on this subject:


About the Author :


Leandro Carvalho

Leandro Carvalho is a well-known virtualization specialist who writes and presents sessions about virtualization and the private cloud. He works with Microsoft solutions such as Windows Server, Hyper-V, App-V, VDI, security, System Center, Exchange, Lync Server, Sharepoint, Project Server, and client systems, in addition to helping the community constantly with articles, forums, videos, and lectures about his passion—Microsoft Virtualization. He has the certifications Certified Ethical Hacker/MCP/MCSA+M+S/MCSE+S/MCTS/MCITP/MCT, and MVP. In 2009, he won the MCT Awards Latin America Trainer of the Year, and he has been awarded Microsoft MVP as Virtualization Specialist every year since 2010.

Leandro can be reached at http://leandroesc.wordpress.com and http://msmvps.com/blogs/msvirtualization and his Twitter handle is @LeandroEduardo.

Books From Packt


 Citrix XenDesktop 5.6 Cookbook
Citrix XenDesktop 5.6 Cookbook

 Microsoft Application Virtualization Advanced Guide
Microsoft Application Virtualization Advanced Guide

 VMware View 5 Desktop Virtualization Solutions
VMware View 5 Desktop Virtualization Solutions

 Instant Migration from Windows Server 2008 and 2008 R2 to 2012 How-to [Instant]
Instant Migration from Windows Server 2008 and 2008 R2 to 2012 How-to [Instant]

 Windows Server 2012 Unified Remote Access Planning and Deployment
Windows Server 2012 Unified Remote Access Planning and Deployment

 Getting Started with Citrix XenApp 6
Getting Started with Citrix XenApp 6

 Microsoft Data Protection Manager 2010
Microsoft Data Protection Manager 2010

 Windows Server 2012 Hyper-V: Deploying the Hyper-V Enterprise Server Virtualization Platform
Windows Server 2012 Hyper-V: Deploying the Hyper-V Enterprise Server Virtualization Platform


Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Resources
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software