Blog

Cloud Volumes ONTAP for Azure: Disaster Recovery Site Set Up

Having the right DR strategy is an important way to make sure the lights stay on should a disaster strike your application hosting environment. While cloud-based DRaaS solutions offer easy-to-deploy, and simplified alternatives to costly on-premises DR solutions, they may not give enterprise users all the platform flexibility they need.

Cloud Volumes ONTAP provides efficient and reliable DR capabilities in AWS, Azure and Google Cloud. This blog will provide step-by-step instructions on how to deploy and configure a disaster recovery solution in Azure using Cloud Volumes ONTAP.

Cloud Volumes ONTAP and Azure Disaster Recovery

Cloud Volumes ONTAP helps in Azure disaster recovery by providing an easy-to-deploy, storage-efficient, enterprise-class DR solution. Benefits of using Cloud Volumes ONTAP for DR include:

Configuration Prerequisites

To begin with, you’ll need to have NetApp Cloud Manager. If you haven’t used Cloud Manager yet, follow these instructions on how to set up your Azure subscription and Cloud Volumes ONTAP environment.

Network Prerequisites

To replicate volumes from an on-premises environment to the cloud for DR purposes, we need to establish Network connectivity to Azure, either using site-to-site VPN or ExpressRoute. ExpressRoute is a dedicated private connection from an on-premises network to Azure VNET, facilitated by a service provider. VPN, on the other hand, is a less expensive option of establishing hybrid connectivity through an encrypted channel over internet. In this section we’ll show how to create a network with required inbound and outbound permissions and then configure a VPN to establish connectivity with the on-premises environment.

1. First off, we need to create a VNet.
From the Azure portal, select Virtual Networks > click “+Add” and provide the network details such as name, address space, resource group, location, subnet name and address range. It is important to configure the address space in a way that does not overlap with your DR copy’s address. When all the info is included, click “Create”:

Create a VNet

2. In this step, we are going to create a gateway subnet. The VPN gateway required for enabling connectivity between on-premises environment and Azure will be deployed to this gateway subnet in the Azure VNet.

For DR purposes, we will be replicating data from on-premises (or another cloud) to Cloud Volumes ONTAP in Azure using SnapMirror® technology. For that reason, your VPN should be created from the VNET to the on-premises environment. Open the VNet created in Step 1 from the Azure portal and click on “+ Gateway subnet”:

NetAppPic1

3. You can choose to use the default address range listed in the window or adjust it as per your network requirements. Click “OK” to create the gateway subnet:

NetAppPic2

4. In the Azure portal click on “+Create a resource” and search for “Virtual network gateway”:

In the Azure portal click on “+Create a resource” and search for “Virtual network gateway”

5. Click on “Create”: 

The virtual network gateway.

  1. In the Virtual network gateway creation wizard, provide the following details:
  • Select your subscription from the drop-down menu.
  • Name of the gateway.
  • Azure region where the gateway will be deployed.
  • Select “VPN” as the gateway type.
  • For VPN type, select “Route based.” (“Policy-based” should be selected only if your on-premises perimeter device does not support route-based VPN.)
  • Select a VPN SKU based on your aggregate VPN throughput requirements. Minimum VpnGw2 SKU is recommended as it provides a throughput of 1 Gbps, but note that it would be dependent on your internet service provider’s throughput as well.
  • Select the virtual network that we created in Step 1.
  • Create a new public IP if you don’t have an existing one.
  • Give the public IP a name.
  • The remaining settings can be configured to be default and click on “Next:Tags”

    The virtual network gateway creation wizard.

7. In this step you have the option to add tags relevant to your Azure environment. Click on "Next: Review + Create":

Add tags relevant to your Azure environment.

8. Once the validation is successful, click on “Create” to create the Virtual Network Gateway:

Click on "Create" to create the Virtual Network Gateway

Note that this creation process may take up to 45 minutes to complete.

9. Now that the VPN gateway is created, we need to create a local network gateway that represents your on-premises VPN endpoint and the IP range of the on-premises network that will be connected to Azure VNet. Open the newly created gateway. Go to Settings > Connections, and click “Add”:

Create a local network gateway that represents your on-premises VPN endpoint and the OP range of the on-premises network that will be connected to Azure VNet.

10. Provide the name of the connection. Click on Choose a local gateway > Create new, and provide details of your on-premises VPN device, including the name to identify the device, public IP, and the local network IP range. Then click “OK”:

Provide the name of the connection.

11. Provide a shared key which will be used to encrypt the communication between your on-premises VPN device and Azure VPN gateway. It can be the key provided by your on-premises device or you can create one here and use the same in your local VPN device. Click “OK” to create the connection:

Click OK to create the connection.

12. Open the Virtual network gateway > connections, click on the connection created in the step above, and verify that the status is “connected”:

Verify that the status is "connected".

With that step, your network prerequisites should all be complete. You can now move on to using Cloud Manager.

Start the Cloud Manager

Log in to your NetApp Cloud Central account and see the “Fabric View” screen.

Find the Cloud Volumes ONTAP tab and select “Go to Cloud Manager”.

Since you are a new Cloud Manager user, you'll get an empty Working Environments screen/view/display:

You'll get an empty working environments screen.

Discover an On-Premises Environment

1. Click on “+Add Working Environments” to start a new environment. 

2. Select "Discover" and then select "ONTAP".

Select "Discover" and then select "ONTAP".

3. Enter the on-premises cluster management IP details and admin credentials.

Select "Discover" and then select "ONTAP".

4. Click “Continue” to discover the on-premises ONTAP system. Once the Discover operation is completed, you’ll see the new on-Prem environment in your Working Environments in Cloud Manager.
Click "Continue" to discover the on-premises ONTAP system.

5. Double-click the discovered cluster to see the volumes and determine which one you wish to replicate.

OnPrem1

Create a New Cloud Volumes ONTAP Environment in Azure

Click the “Add a Working Environment” on the Cloud Manager main screen. This will start a wizard that will guide you step by step in the process. 

1. In the first step you will choose the cloud in which you wish to start your new environment.
The available options are AWS or Azure cloud, in a single-node or high availability configuration.
For this scenario, we are selecting the “Cloud Volumes ONTAP for Azure” option.

Choose in which you wish to start your new environment.

2. In this step you will provide the details of the environment to be created including the environment name and admin credentials. Add Resource group tags for the Azure environment as an optional parameter. When you are finished, click “Continue.”

Details & Credentials

3. In this step, configure the Azure location and connectivity. Select the Azure Region, Vnet, and subnet to be used, such as the one created in the steps outlined above.

Location & Connectivity

If you choose to create a new security group, Cloud Manager will create a group with all required inbound/outbound access rules. Alternatively, you can choose an existing security group (click here for the documentation about which ports are needed).
You should also confirm that connectivity exists between Cloud Manager Server and the selected VNet. Click “Continue.”

  1. In the next screen, choose your license option: Pay-As-You-Go, or BYOL to use an existing license.

In either case, select a NetApp Support Site (NSS) account to be used with the configuration.
An NSS account is recommended for the Pay-As-You-Go option to activate support for your system. Note that the NSS account can be added later as well.

Activation provides access to NetApp technical support resources and software updates. For the BYOL option, an NSS account allow you to upload your license key and enable the subscription for the term that you purchased. This includes automatic updates for term renewals.

In this example, we will keep the default Pay-As-You-Go option.

We will keep the default Pay-As-You-Go option.

5. In this step, you can choose between several preconfigured packages available for various types of workloads.

Preconfigured Packages

These options include PoC and small workloads, Database and application data production workloads, Cost effective DR, and high-performance production workloads. You can hover over each option to view the configuration parameters of each option.

Alternatively, you can click the “Create my own configuration” button in the top-right corner of the screen. For this scenario let’s choose to create our own configuration.

6. In the next screen, select the Licensing option. There are three licensing options: Explore, Standard, and Premium. Hover over each option to view their characteristics and visit the pricing page here to see the complete pricing information.

Licensing.



You can also choose the VM type here. The possible/typical VM types are Standard DS4_v2 and Standard DS13_v2. For this configuration we will choose Standard DS4_v2. Once selected, click “Continue.”

7. Configure the storage disk type. You can choose between Premium Storage and Standard Storage (the typical choice for DR will be Standard). Choose the disk size from the drop-down menu. Disk size is applicable for initial aggregate and any additional aggregates created using this simple configuration option.

Configure the Blob tiering option. This will tier most of your DR data to low-cost Azure Blob storage. During failover, when the data is needed, it will be automatically moved back to the managed disks performance tier.

Configure the Blob tiering option. This will tier most of your DR data to low-cost Azure Blob storage. During failover, when the data is needed, it will be automatically moved back to the managed disks performance tier. 

Underlying Storage Resources

When you are done, click "Continue". 

8. In this step, configure the disk write speed: Normal or High, where data is buffered for faster writing. 

In this scenario, we will keep the default values. 

We will keep the default values.

9. Next, the wizard will prompt you to create a volume. Skip this step since you are copying volumes from the on-premises ONTAP to Azure for DR. Select “Skip.”

10. In this step you are asked to review the configuration settings and approve that the Cloud Manager will provision the selected Azure resources on your behalf. Tick the “I understand….” box and then click “GO.”

Review the configuration and approve that the Cloud Manager will provision the selected Azure resources on your behalf.

You can see that the environment is initializing. This may take up to 25 minutes to provision.

The environment is initializing.

Once provisioned, Cloud Volumes ONTAP will be listed in the working environments along with your other ONTAP systems.

Create a Replication Relationship

Snapshots are created automatically by ONTAP operating systems as a default backup mechanism. To configure replication between different source and destination ONTAPs, the user should configure the data replication policies that specify how snapshots will be copied over to the destination volume. The following replication policies are available:

  • Mirror Policy: Copies the newly-created snapshots to the destination. This is suitable in DR scenarios, where the destination volume can be activated at any time for data access.
  • Backup Policy: This policy is used for copying specific snapshot copies to the destination volume, mainly for backup and long-term retention purposes, allowing you to restore to different points in time.
  • Mirror and Backup Policy: As the name indicates, this option combines both Mirror and Backup policies and is useful for DR as well as long-term retention.

These policies are included in the system. Alternatively, you can create custom policies of your own.

1. From the main working environments page, drag and drop the source environment to the target environment.

Drag and drop the source environment to the target environment.

2. On the “Source Peering Setup” page choose the LIF you want to use for the cluster peering setup, which is the initial connection between the two working environments.

Source Peering Setup

3. This screen will show the list of volumes on the source. Select the volume to be replicated.

List of volumes on the source.

4. In this step you can define the destination volume. The name, disk type, and tiering policy will be assigned with default values according to the source. Keep the defaults and select "Continue". 

Destination Volume Name and Tiering.

5. Define the data transfer rate maximum. This setting is useful in environments with bandwidth restrictions. Select “Continue.”

Define the data transfer rate maximum.

6. In this step, choose the replication policy. For this scenario, we will choose the Mirror policy which is sufficient for the purposes of disaster recovery.

Choose the replication policy.

7. In the “Schedule” window, choose a replication schedule based from the available options listed. This will define the data Recovery Point Objective (RPO) of your DR solution.

The Schedule window.

8. Review the configuration, tick the "I understand..." box to approve, and click on "GO" to star the replication process.

Review & Approve.

9. On successful setup, you will see a message as follows stating that replication has started: 

See a message stating that replication has started.

10. Once the replication is completed successfully, you can see the replication relationship in the working environments view with an arrow indicating the direction of replication. As can be seen from the image below, the on-prem volume is being replicated to Cloud Volumes ONTAP in Azure:


    1. The on-prem volume is being replicated to Cloud Volumes ONTAP in Azure.

Monitor and Manage the Replication Relationship

1. Click on the “Replication Status” tab in the Cloud Manager main view to review the replication health. This view will show the source and target volumes, the relationship status, last copy, etc.

This view will show the source and target volumes, the relationship status, last copy, etc.

2. You can also manage replication configuration from the same view. Click the hamburger icon on the left of the relationship line to view the various options. For example, you can break the replication, reverse sync the data (used during a failback operation), edit the sync schedule, etc.

You can also manage replication configuration from the same view.

Conclusion

Cloud Volumes ONTAP offers a cloud-based disaster recovery solution for your storage. The solution can be configured for Azure as well as for AWS disaster recover y, and it can operate alongside an Azure Site Recovery architecture to augment your disaster recovery strategy in Azure. It offers better protection and security when compared to traditional disaster recovery solutions and caters to multicloud and hybrid cloud architectures for enterprises.

Still looking into using Cloud Volumes ONTAP? Try it out today, free for 30 day.

-