Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Azure Site Recovery contributes to your business continuity and disaster recovery (BCDR) strategy by keeping your business apps up and running during planned and unplanned outages. Site Recovery manages and orchestrates disaster recovery of on-premises machines and Azure virtual machines (VMs). Disaster recovery includes replication, failover, and recovery of various workloads.
This article describes how to protect a file server by using Site Recovery and makes other recommendations to suit various environments.
- Replicate Azure IaaS file server machines
- Replicate an on-premises file server by using Site Recovery
The aim of an open distributed file-sharing system is to provide an environment where a group of geographically distributed users can collaborate to work efficiently on files and be guaranteed that their integrity requirements are enforced. A typical on-premises file server ecosystem that supports a high number of concurrent users and a large number of content items uses Distributed File System Replication (DFSR) for replication scheduling and bandwidth throttling.
DFSR uses a compression algorithm known as Remote Differential Compression (RDC) that can be used to efficiently update files over a limited-bandwidth network. It detects insertions, removals, and rearrangements of data in files. DFSR is enabled to replicate only the changed file blocks when files are updated. There are also file server environments, where daily backups are taken in non-peak timings, which cater to disaster needs. DFSR isn't implemented.
The following diagram illustrates the file server environment with DFSR implemented.
In the previous diagram, multiple file servers called members actively participate in replicating files across a replication group. The contents in the replicated folder are available to all the clients that send requests to either of the members, even if a member goes offline.
Replicate a file server by using Site Recovery: File servers can be replicated to Azure by using Site Recovery. When one or more on-premises file servers are inaccessible, the recovery VMs can be brought up in Azure. The VMs can then serve requests from clients, on-premises, provided there is site-to-site VPN connectivity and Active Directory is configured in Azure. You can use this method in the case of a DFSR-configured environment or a simple file server environment with no DFSR.
Extend DFSR to an Azure IaaS VM: In a clustered file server environment with DFSR implemented, you can extend the on-premises DFSR to Azure. An Azure VM is then enabled to perform the file server role.
After the dependencies of site-to-site VPN connectivity and Active Directory are handled and DFSR is in place, when one or more on-premises file servers are inaccessible, clients can connect to the Azure VM, which serves the requests.
You can use this approach if your VMs have configurations that aren't supported by Site Recovery. An example is a shared cluster disk, which is sometimes commonly used in file server environments. DFSR also works well in low-bandwidth environments with medium churn rate. You need to consider the additional cost of having an Azure VM up and running all the time.
The following diagram helps you determine what strategy to use for your file server environment.
| Environment | Recommendation | Points to consider |
|---|---|---|
| File server environment with or without DFSR | Use Site Recovery for replication | Site Recovery doesn't support shared disk clusters or network attached storage (NAS). If your environment uses these configurations, use any of the other approaches, as appropriate. Site Recovery doesn't support SMB 3.0. The replicated VM incorporates changes only when changes made to the files are updated in the original location of the files. Site Recovery offers a near-synchronous data replication process, and hence in the event of an unplanned failover scenario, there could be potential data loss, and might create USN mismatch issues. |
| File server environment with DFSR | Extend DFSR to an Azure IaaS virtual machine | DFSR works well in extremely bandwidth-crunched environments. This approach requires an Azure VM that is up and running all the time. You need to account for the cost of the VM in your planning. |
Because Site Recovery replication is application agnostic, these recommendations are expected to hold true for the following scenarios.
| Source | To a secondary site | To Azure |
|---|---|---|
| Azure | - | Yes |
| Hyper-V | Yes | Yes |
| VMware | Yes | Yes |
| Physical server | Yes | Yes |
Important
Before you continue with any of the following three approaches, make sure that these dependencies are taken care of.
Site-to-site connectivity: A direct connection between the on-premises site and the Azure network must be established to allow communication between servers. Use a secure site-to-site VPN connection to an Azure virtual network that is used as the disaster recovery site. For more information, see Establish a site-to-site VPN connection between an on-premises site and an Azure virtual network.
Active Directory: DFSR depends on Active Directory. This means that the Active Directory forest with local domain controllers is extended to the disaster recovery site in Azure. Even if you aren't using DFSR, if the intended users need to be granted access or verified for access, you must take these steps. For more information, see Extend on-premises Active Directory to Azure.
If you're configuring and managing disaster recovery of file servers hosted on Azure IaaS VMs, you can choose between two options, based on whether you want to move to Azure Files:
If you have on-premises clients that access the IaaS file server virtual machine, take all the following steps. Otherwise, skip to step 3.
- Establish a site-to-site VPN connection between the on-premises site and the Azure network.
- Extend on-premises Active Directory.
- Set up disaster recovery for the IaaS file server machine to a secondary region.
For more information on disaster recovery to a secondary region, see this article.
The following steps describe replication for a VMware VM. For steps to replicate a Hyper-V VM, see this tutorial.
- Prepare Azure resources for replication of on-premises machines.
- Establish a site-to-site VPN connection between the on-premises site and the Azure network.
- Extend on-premises Active Directory.
- Prepare on-premises VMware servers.
- Set up disaster recovery to Azure for on-premises VMs.
- Establish a site-to-site VPN connection between the on-premises site and the Azure network.
- Extend on-premises Active Directory.
- Create and provision a file server VM on the Azure virtual network. Make sure that the virtual machine is added to the same Azure virtual network, which has cross-connectivity with the on-premises environment.
- Install and configure DFSR on Windows Server.
- Implement a DFS namespace.
- With the DFS namespace implemented, failover of shared folders from production to disaster recovery sites can be done by updating the DFS namespace folder targets. After these DFS namespace changes replicate via Active Directory, users are connected to the appropriate folder targets transparently.
- Go to the Azure portal, and select your Recovery Service vault.
- Select the recovery plan created for the file server environment.
- Select Test Failover.
- Select the recovery point and the Azure virtual network to start the test failover process.
- After the secondary environment is up, perform your validations.
- After the validations are finished, select Cleanup test failover on the recovery plan, and the test failover environment is cleaned.
For guidance on doing test failover for Active Directory and DNS, see Test failover considerations for Active Directory and DNS.
- Go to the Azure portal, and select your Recovery Services vault.
- Select the recovery plan created for the file server environment.
- Select Failover.
- Select the recovery point to start the failover process.
For more information on how to perform a failover, see Failover in Site Recovery.