Administration Guides

DR Solution for Azure

Home



Overview

This solution explains how Golden Copy Blob sync mode can be used for application specific DR recovery in Azure.  The solution uses blob storage and File Shares in  Azure Storage accounts to allow recovery of one or more applications in Azure.  This solution will cover the high level steps needed to get the data prepared for an application server running in Azure.  There are many aspects to accessing and securing data within Azure that are not covered in this guide.  Consult with Azure documentation on aspects of running and accessing applications within Azure for your requirements.     This solution documents the SMB share solution.   For a more seamless integration Azure blob allows NFS mount of blob storage for native access to object data in place.    See the guide here that describes NFS support for blob data.


Support Statement

  1. This guide is provided "as is" and Azure steps are examples only,  support contract does not include support for Azure.  Customers must have expertise in Azure to complete steps not covered in this guide.

Requirements

  1. Azure subscription.
  2. PowerScale Onefs 8.1.x or 8.2.x.
  3. Golden Copy Installed and deployed
  4. All Azure resources in the example should be created within the same resource group.
  5. Active Directory joined from on premise to Cloud instance of Active Directory hosted by Azure.  This guide does not cover these steps,  consult with Azure documentation on how to complete this configuration and secure access to the SMB shares in Azure.   

High Level Steps

Golden Copy Steps

These steps explain how to protect a single application's data stored on PowerScale with the goal of providing a DR recover option for the application in Azure.

  1. Create Azure Storage Account and Blob Container to store the application data.
    1. These steps are covered here.
    2. In this example the storage account created is DRApp1,  the storage container name is application1, and then follow the steps to get the secret key needed for authentication.
  2. Install Golden Copy and configure sync mode on an application folder to sync the path on the PowerScale where the application data is stored and is required for DR recovery.
    1. Azure example in the configuration guide to add a folder.
    2. Example for Azure to add  folder command in Sync Mode (default mode when adding a folder).  This example assumes the application data is all stored under the path /ifs/data/applicationdata on the PowerScale cluster named gcsource:
      1. searchctl archivedfolders add --PowerScale gcsource --folder /ifs/data/applicationdata --secretkey NdDKoJffEs9U9Xg== --endpoint blob.core.windows.net --container application1 --bucket DRApp1  --cloudtype azure 
    3. Start the Sync job full sync to copy the application data to the blob storage in Azure.
      1. searchctl archivedfolders archive --id  (use searchctl archivedfolders list to get the folder ID for  /ifs/data/applicationdata
  3. Now move on to Azure DR steps.


Azure DR Application  & Blob to File Share Configuration Steps

  1. In the Azure portal the following tasks and resources need to exist:
    1. Windows server VM for Blob to file share conversion (size of the VM does not matter).
    2. Application 1 VM(s) required for the application to execute in Azure. 
      1. NOTE: The scope of this is outside this document’s intended purpose. It may require multiple VM's, a resource familiar with Azure services and application server clone. Migration to Azure should be consulted.
  2. Azure Windows server blob conversion VM configuration:
    1. Verify blob container files are synced. You can view the blob files using the Azure portal. See example viewing the storage account and then the container contents (in this example the container name is "gc1")
    2. Create Storage Account File share by clicking on the storage account, then the File Shares and then click + File Share.  In the "New file share" window enter a Name for the application share (i.e Example below "application1"):
      1.  
      3. Now copy the connect code for a Windows VM clicking on the 3 dots, and then "connect" option. Select the drive letter defaults:
      4.   
      5. Copy the connect code for powershell
    3. Login to the Windows Conversion Server VM created above.  (NOTE the VM should be in the same resource group as the Storage Account).
      1. Open a PowerShell prompt and paste the connection code to mount the "application1" share.
      2. Verify in Windows explorer the share can be opened and create a test file:
      3.  
      4. Done.
    4. Install Azure Storage Explorer tools into the Conversion VM:
      1. The installer can be found here https://azure.microsoft.com/en-us/features/storage-explorer/ .
      2. Open Storage Explorer, click the User Icon and login to your Azure portal administrator account.  This is the subscription option to provide access to all resources in your Azure account.
      3. You should now see all storage accounts created within your Azure account, and the top level of the files uploaded by Golden Copy.  The cluster name is the first folder visible in the Blob storage container.
      4.  
    5. Infrastructure Configuration Completed, you are now ready for DR.
    6. Done

DR Recovery of Blob Data to SMB shares in Azure Procedures

  1. In a DR scenario, data must be copied from blob to the file share created above. 
  2. The process to move data from Blob container to File share can be completed with the Azure Storage Explorer tool.  This step can take time to complete depending on the quantity of data.
  3. Open Azure Storage Explorer.
    1. Browse to the storage account name and expand to select the container name.  Navigate on the right hand pane to the "application1" folder data.  Then select the "application1" folder and click the "Download: button.  See example below:
    3. Select the Mapped drive letter (Z: in this example) to copy the blob data to the File share "application1" created for the Application.
    4. The download job is queued and visible at the bottom of the UI and will show progress and completion of the copy:
      1.  
    5. Once the copy is completed, or during the long transfer time, view the Z: mapped share to view the files that are appearing in the File share.
      1.  
    6. Now that the Storage is copied to storage account file share the storage recover steps are completed.   Any application mounting and testing steps now require application VM's to mount the "application1" share to gain access to data in the File share.
    7. This completes the example storage failover solution.


How to connect remote Computers to the Azure Cloud Share

  1. An administrator can use the same powershell command to connect from a remote location to the Azure file share.  This allows administrators quick easy access to the data remotely.  The powershell connection uses SMB3 encryption so the data inflight is encrypted.
  2. User Connections to Azure File Shares.
    1. This should be done using Integrated Active Directory authentication.
    2. This guide provides setup, overview of how to integrate on premise AD to with Azure AD service to secure shares and ACL's on the shares.
    3. Microsoft Azure guide on AD authentication


How to Sync Changed File Data back to Blob Container for Recall 

  1. Overview:
    1. Data that is added or changed after the DR event will need to have this data synced back to the Blob container before it can be synced back to Isilon using Golden Copy Recall.
  2. This will be completed Using Storage Explorer Tool installed on the management VM in Azure.
  3. Select the blob container name in storage explorer on the left had menu, then click the upload button.  NOTE:  The administration VM must have a mapped drive letter to the File share in place.
    1. Select the path on the drive letter mapped to the file share that needs to be synced back to the blob container.  NOTE:  partial data sync is possible by selecting only the data you need to sync back. See example below.
    2.  
    3. Accept the overwrite options to replace data on the target blob container.
    4.   
    5. Wait for the copy to complete.
    6. Any changed data from Azure will be copied back into the Blob storage. NOTE: overwriting data will remove the metadata in the container which means metadata will no longer be restored by Golden copy.
  4. To recall the data with Golden Copy see this guide link here to recall the container blob data back onto your cluster.




© Superna Inc