Previous articles in the Hyper-V series examined the installation and configuration of Hyper-V hosts as well as managing network resources and memory using tools such as Hyper-V Manager, Windows PowerShell and the Deployment Image Servicing and Management (DISM) tool. This article explores the Windows Server 2012 R2 Hyper-V Replica functionality and the configuration of the Hyper-V replica server.
Hyper-V Replica is a disaster recovery feature built into Windows Server 2012 Hyper-V. It allows the replication of a running virtual machine to a secondary location. The virtual machine is replicated while it is running and its changes are synchronized with the VM replica. While the primary virtual machine is running, the Hyper-V Replica VM is turned off. The principal server that runs the virtual machines is known as the primary server. The secondary server, called the replica server, is used in case of a failover. Although the primary server does not need to have the replica server options configured, you may want to enable those settings on the primary server so that you can use the Planned Failover feature and execute a reverse replication of the VM back to the primary server after an outage.
You can establish Hyper-V Replica between Hyper-V hosts regardless of their location and domain membership. The Hyper-V hosts do not need to be part of the same Active Directory Domain Services forest. You can implement Hyper-V Replica with Hyper-V hosts from untrusted domains or workgroups using certificate-based authentication.
Hyper-V Replica provides a virtual machine-level replication which replicates virtual machine data and changes over LAN or WAN connections to a remote location without any additional software or hardware requirement. In Windows Server 2012 R2, you can configure replication frequency and extended replication. Extended replication sends the virtual machine changes to a third Hyper-V host. This enables you to use Hyper-V Replica to create two additional instances of a single virtual machine.
If either the primary or the replica server is a member of a Failover Cluster, configuration of the Hyper-V Replica Broker role is required. This role is necessary to enable a cluster to be part of a Hyper-V Replica. It is possible to have a standalone server and a cluster working as primary or replica server, or a cluster on each end of the configuration. When the primary Hyper-V hosts or replica Hyper-V hosts are members of a Hyper-V failover cluster, you can use Failover Cluster Manager to manage Hyper-V Replica settings.
Hyper-V Replica prerequisites:
- * Windows Server 2012 or a newer Windows Server version with the Hyper-V role installed at both locations. Server hardware should have sufficient capacity to run all of the virtual machines—its local virtual machines as well as replicated virtual machines.
- * Adequate storage on both the primary and replica Hyper-V hosts. This is necessary to store local and replicated virtual machine data.
- * Sufficient LAN or WAN bandwidth must be available between the locations that are hosting the primary and replica Hyper-V hosts.
- * Enable Firewall rules to permit replication between the primary and replica servers. After the Hyper-V role is installed, the Hyper-V Replica HTTP Listener (TCP-In) and Hyper-V Replica HTTPS Listener (TCP-In) rules are added to the Windows Firewall. One or both of these rules must be enabled on the replica Hyper-V host. The replica hyper-V host is the one receiving the replication from the primary server.
- * For certificate-based authentication, ensure that an X.509v3 certificate from a trusted certification authority (CA) exists to support mutual authentication between the Hyper-V hosts.
- * For Kerberos authentication, both Hyper-V hosts must be joined to the same AD DS forest.
- * Members of the Hyper-V Administrators group or local administrators can configure and manage Hyper-V Replica.
Managing Hyper-V Replication
Hyper-V Manager, Windows PowerShell and Failover Cluster Manager are the main tools available to manage Hyper-V replica.
When you configure a virtual machine for replication, initial replication is performed and a copy of the virtual machine is created on the replica server. After that, changes in the primary virtual machine are written in the log file, which is replicated and applied to the VM replica at regular intervals. The replicated virtual machine remains turned off while primary virtual machine is running.
Replication Health monitors the replication process and shows important events, as well as the replication and synchronization state of the Hyper-V host. You can monitor Replication Health in Hyper-V Manager, where you can add a Replication Health column to the virtual machines pane. You can also right-click the virtual machine that has replication enabled, and then click View Replication Health.
From Windows PowerShell, you can also view Replication Health by using the cmdlets Get-VMReplication and Measure-VMReplication. It is also possible to monitor Replication Health by using Performance Monitor and Event Viewer. A Replication Health report can be saved as a .csv file.
The Hyper-V replication health for a virtual machine can be in a Normal, Warning, or Critical state. For Replication Health to be in Normal state, the Hyper-V Replica replication system must replicate changes in the primary virtual machine according with the replication schedule and then consistently apply those changes to the virtual hard disk of the replica VM. If more than 20 percent of the replication cycles have not been applied, Replication Health automatically changes to a Warning state. See figure below.
Other Hyper-V replication actions:
- * Pause Replication. It pauses replication for the selected virtual machine.
- * Resume Replication. It resumes replication for the selected virtual machine. This option is available only if replication for the virtual machine is paused.
- * Extend Replication. This action is available on replica virtual machines. It is available only on Windows Server 2012 R2 and it extends virtual machine replication from the replica server to a third server (the Extended Replica Server).
- * Remove Recovery Points. This action is possible only during a failover. If you select it, all recovery points (checkpoints) for a replica virtual machine are deleted and their differencing virtual hard disks are merged.
- * Remove Replication. This action stops replication for the virtual machine.
Hyper-V Replica configuration using Windows PowerShell
The command Set-VMReplicationServer is used to configure a Hyper-V host as a replica server. The example below shows a server being enabled using Kerberos as the authentication type. The default storage location points to E:\VM_Replicas with the option to receive replication from any server enabled.
Set-VMReplicationServer -ReplicationEnabled $true
- * ReplicationEnabled: $True will enable replication, and $False will disable replication to this host.
- * AllowedAuthenticationType: For authentication, acceptable values are Kerberos, Certificate or CertificateAndKerberos.
- * DefaultStorageLocation: Configures where the replica virtual machines will be stored.
- * ReplicationAllowedFromAnyServer: $True or $False to enable or disable replication from any authenticated server.
Once you configure the Hyper-V replica server to accept incoming replication, the next step is to enable Virtual machine replication on the primary server. The following example demonstrates how to enable replication to all virtual machines on a primary server (S12R2) using the HTTP protocol:
Enable-VMReplication -VMName * -ReplicaServerName S12R2
-ReplicaServerPort 80 -AuthenticationType Kerberos
The Start-VMInitialReplication command starts the initial replication for the virtual machines. The next example shows how to start it on all virtual machines:
Start-VMInitialReplication –VMName *
You can change the replication configuration of a virtual machine by using the Set-VMReplication.cmdlet. The example below configures a virtual machine named ScoreA as a Replica virtual machine, allowing replication from a primary server named S12R2 from domain abc.com.
Set-VMReplication ScoreA –AsReplica –AllowedPrimaryServer S12R2.abc.com
The following command gets the replication settings of all virtual machines replicating to server Win12R2.abc.com
Get-VMReplication –ReplicaServerName Win12R2.abc.com
There are many other configurations options that can be set using Windows PowerShell. You can use the Get-Command -Module Hyper-V *Replica* command to display all the Hyper-V replica cmdlets in powershell.
Hyper-V Replica configuration using Hyper-V Manager
Using the Hyper-V manager, let’s review the steps to configure the Hyper-V replica feature and test its failover capabilities. This lab uses two Hyper-V hosts, S12R2 and Win12R2. S12R2 is the primary server; ithas the virtual machine that we want to replicate. But as we plan to perform reverse replication, both servers shall be configured as replica servers. In other words, both Hyper-V hosts will accept incoming replication from each other.
The lab starts with S12R2 as the primary server and Win12R2 as the replica server. However by configuring both hosts as replica servers, it is possible to perform a reverse replication on virtual machines. That means that Win12R2 may be enabled as a primary server to send virtual machine replication data to S12R2 which will behave as a replica server and accept the VM data replicated from Win12R2. Breaking down the lab into four different phases will make it easier to understand the whole process.
- * Phase 1: Configure incoming replication
- * Phase 2: Enable Virtual Machine replication
- * Phase 3: Test Hyper-V replica failover
- * Phase 4: Execute a planned failover
Phase 1 is covered in this article. Phases 2, 3 and 4 will be detailed in the next article of this series.
Phase 1: Configure incoming replication.
In Hyper-V Manager, in the Actions pane, right click Win12R2 and select Hyper-V Settings.
In Hyper-V Settings, in the left pane, click Replication Configuration. In the right pane, in the Replication Configuration section, click both Enable this computer as a Replica server, and Use Kerberos (HTTP).
Select Allow replication from the specified servers and click Add.
You can configure a replica server to allow replication from any authenticated server, or to limit replication to specific servers. In that case, you need to specify a fully qualified domain name (FQDN) for the primary server (for example S12R2.abc.com), or use a wildcard with a domain suffix, for example *.abc.com.
When you are limiting replication to specific servers, you also need to specify a trust group that is used to identify the servers within which a virtual machine can move.
In the Add Authorization Entry type S12R2.abc.com, in the Specify the default location to store Replica files field, type C:\vms\replicas, in the Specify the trust group type REServers, and then click OK.
In the Hyper-V Settings dialog box, click OK. The same steps must be executed on the other Hyper-V host, S12R2. The figure below shows the Hyper-V settings for S12R2 is configured as a replica server to accept incoming replications from Win12R2.
The firewall also needs to be configured on both Hyper-V hosts as they are configured as replica servers to accept incoming replication from each other. Again for brevity’s sake we show the configuration of one Hyper-V host only.
The following steps are executed from the S12R2 Hyper-V host. From Start open the Command Prompt (Admin) and type mmc.
In Console1, in the File menu, click Add/Remove Snap-in.
In Add or Remove Snap-ins, click Windows Firewall with Advanced Security. In the Available Snap-ins section, click Add.
In Select Computer click Another computer. In the Another computer field, type Win12R2, click Finish, and then click OK. The remote computer must have Remote Service Management and Windows Firewall Remote Management rules enabled.
In Console1, in the navigation pane, expand Windows Firewall with Advanced Security, and then click Inbound Rules. In the details pane, right-click Hyper-V Replica HTTP Listener (TCP In), and click Enable Rule. Close Console1.
The same firewall rule can be enabled with PowerShell running the following command:
Enable-Netfirewallrule -displayname “Hyper-V Replica HTTP Listener (TCP-In)”
After completing these steps the replica server is ready to start receiving virtual machine replicas from the primary server.
The Windows Server 2012 Hyper-V Replica functionality allows for two instances of a single virtual machine residing on different Hyper-V hosts. One of the instances is the primary, running virtual machine and the other instance is a replica, offline copy. Hyper-V synchronizes these instances regularly on a configured schedule. Manual failover is possible at any time. Hyper-V hosts that participate in replication do not have to be in the same Active Directory Domain Services (AD DS) domain or forest. In this article we completed the replica server configuration using PowerShell and the Hyper-V Management console. The next article of this series is dedicated to implement the other three phases of our plan: enable virtual machine replication, test Hyper-V replica failover, and execute a plan failover.