ARM - Azure Site Recovery
This is a Azure Resource Manager template and PowerShell script that allows Azure Administrators to deploy Azure Site Recovery for selected VMs along with a Recovery Plan for testing.
This demonstrates integration with Azure Automation runbooks in a recovery plan to perform functions like apply a Public IP, add secondary IP's to VMs, and add network security group rules.
Before you begin, ensure you have met the following requirements:
You have installed the latest version of Az Module for Azure PowerShell
You are familiar with using ARM Templates in Azure
You have an understanding of Azure Site Recovery for Azure-to-Azure
Have a source environment that matches the definition in the ARM template (VM name structure primarily)
Type Name ResourceGroup Virtual Machine $prefix-ads1 $prefix-mgmt-rg Virtual Machine $prefix-rdp1 $prefix-mgmt-rg Virtual Machine $prefix-web1 $prefix-web-rg Virtual Machine $prefix-web2 $prefix-web-rg Virtual Network $prefix-vnet $prefix-srv-rg Availability Set $prefix-ads-dr-avset $prefix-srv-rg Availability Set $prefix-web-dr-avset $prefix-srv-rg
This initialize script and ARM Template was written for a specific envionment design, and I haven't removed all of the assumptions from that environment. This includes:
- Pre-Creation of resources required for ASR, including destination side resource groups, virtual networks, and availability sets
- includes storage account that runbook PS1 files have been uploaded into as blobs, under a container named 'dr-runbooks'
- Resource group locks exist on Source resources, which are removed and re-applied as part of the deployment
- Not fully-scripted creation of a Run-As account for the Automation Account runbooks are stored and executed from
Hopefully leaving in these components will serve as a reference for others to build upon.
Using this Template
To use this ARM template, follow these steps:
- Clone/Download the contents of the repository locally or in Azure Cloud Shell
- Create storage account and upload contents of
runbooksfolder as blobs (see assumptions above)
- Update the parameter values in
Login-AzAccountand authenticate to your Azure tenant
- Run to deploy:
.\initialize.ps1 ` -prefix <unique prefix for environment> ` -ResourceGroupName <rg where ASR components will be placed> ` -tenantid <Azure AD tenant ID> ` -subscription_id < Subid under which ASR is deployed`
Manually create a Run-As account for the Automation Account that was created
Configure Recovery Services Vault diagnostic settings to store ASR logs in Log Analytics workspace (manual step)
dashboard.jsonto include the following:
- Log Analytics workspace name
- ResourceId of Log Analytics workspace
Do this on:
- Lines 19->22
- Lines 95->98
- Lines 184->187
- Lines 273->276
dashboard.jsonas an Azure Dashboard
Manually run the runbook
dr-enableextensionupdatefrom the Azure Automation Account, to enable ASR extension updates
Contributing to this Template
Items for improvement
- Iterate over a list of Virtual Machines, rather than specifying them each individually
- Include an Azure Run-As account creation
- Integrate into a Build and Release Pipeline in Azure DevOps with YAML definition
To contribute follow these steps:
- Fork this repository.
- Create a branch:
git checkout -b <branch_name>.
- Make your changes and commit them:
git commit -m '<commit_message>'
- Push to the original branch:
git push origin <project_name>/<location>
- Create the pull request.
Alternatively see the GitHub documentation on creating a pull request.
I built this template through much trial and error, but I did use a couple of sources that gave me a leg up: