SharePoint Disaster

Recovery to Microsoft
Azure
Example architectures for building a
recovery environment in Microsoft
Azure

On-premises environment

Microsoft Azure recovery environment

Production environment

Warm standby environment

Live production environment

Tier 1

Query processing

Front-end services

Replica

Tier 2

Tier 3

Overview

Front end services

Front-end
services

Running VMs

Index Partition 0

Distributed cache

Tier 1

Query processing

Tier 2

Back-end services

Crawl

Back-end services

Crawl

Back-end services

Crawl

Admin

Content processing

Admin

Content processing

Admin

Workflow manager

Analytics

Workflow manager

Analytics

Workflow manager

Tier 4

The disaster recovery environment for an on-premises

SharePoint 2013 farm can be hosted in Microsoft Azure.

Content

Distributed cache

Back-end services

Crawl

Back-end services

Crawl

Content processing

Admin

Content processing

Admin

Content processing

Admin

Content processing

Analytics

Workflow manager

Analytics

Workflow manager

Analytics

Workflow manager

Analytics

File Share

Tier 4
Search

Availability Group #1

Content

Log shipping

Availability Group #3

Replica

Crawl

Availability Group #2

Service Applications

Index Partition 0

Query processing

Back-end services

Availability Group #1
Configuration

Front-end services

Distributed cache

Tier 3

File Share
Content

Query processing

Replica

Replica

Distributed cache

Search

Front end services

Front-end
services

Distributed File System

Replication (DFSR)

Microsoft Azure Infrastructure Services provides a secondary datacenter.

Configuration

Service Applications

Replay logs

Content

Availability Group #2

Availability Group #3

Pay only for the resources you use.

Small recovery farms can be scaled out after a disaster to meet scale and capacity targets.

The recovery farm in Microsoft Azure is configured as

identically as possible to the production on-premises farm.
Same representation of server roles.
Same configuration of customizations.
Same configuration of search components (these can be on a smaller version of the production farm).

Log shipping and Distributed File System Replication (DFSR)

are used to copy database backups and transaction logs to
the Microsoft Azure farm.

Production environment

Cold standby

Live production environment

Running VMs

Tier 1

Front end services

Front-end
services

Front-end services

Replica

DFSR is used to transfer logs from the production environment to the recovery environment. In a WAN
scenario DFSR is more efficient than shipping the logs directly to the secondary server in Microsoft Azure.
Logs are replayed to the Microsoft Azure-based SQL Server computers.

Query processing

Tier 2

Log-shipped databases are not attached to the farm until a recovery exercise is performed.

Index Partition 0

Start these VMs for disaster recovery

Query processing

Distributed cache

Distributed cache

Replica

Front end services

Front-end
services
Distributed cache

Query processing

Stop log shipping.

Tier 3

Stop accepting traffic to the primary farm.

Query processing

Distributed cache

Replica

Failover procedures:

Front-end services

Back-end services

Crawl

Back-end services

Crawl

Back-end services

Crawl

Admin

Content processing

Admin

Content processing

Admin

Content processing

Workflow manager

Analytics

Workflow manager

Analytics

Workflow manager

Analytics

Index Partition 0

Replica

Back-end services

Crawl

Back-end services

Crawl

Back-end services

Admin

Content processing

Admin

Content processing

Admin

Content processing

Workflow manager

Analytics

Workflow manager

Analytics

Workflow manager

Analytics

Replay the final transaction logs.

Attach the content databases to the farm.
Start a full crawl.

Tier 4

File Share
Search

Restore service applications from the replicated services databases.

Content

Configuration

Search
Content

Availability Group #2

Service Applications

Recovery objectives provided by this solution include:

File Share

Availability Group #1

Log shipping

Availability Group #3

Content

Distributed File System

Replication (DFSR)

Sites and content

Replay logs

Availability Group #1
Configuration

Service Applications

Content

Availability Group #2

Availability Group #3

Search (re-crawled, no search history)

Services

Additional items that can be addressed by Microsoft

Consulting Services or a partner:
q Synchronizing custom farm solutions
q Connections to data sources on premises (BDC and search content sources)
q Search restore scenarios
q Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO)

Cold standby environments take longer to start but are less

expensive

SharePoint recovery environment in Microsoft Azure

Design and build the
failover environment in
Microsoft Azure

The farm is fully built, but the virtual machines are stopped after the farm is created. You only pay
processing costs when the virtual machines are running, but storage and network data transfer costs
apply.
In the event of a disaster, all the farm virtual machines are started and patched.
Backups and transaction logs are applied to the farm databases.

q Create a virtual network in Microsoft Azure.

q Connect the on-premises network with the virtual network in Microsoft Azure with a
site-to-site VPN connection. This connections uses a dynamic gateway in Microsoft
Azure.
q Deploy one or more domain controllers to the Microsoft Azure virtual network and
configure these to work with your on premises domain. These DCs are catalog servers.
q Adapt the SharePoint farm for cloud services and availability sets.
q Deploy the SharePoint farm plus a file server to host file shares.
q Setup log shipping and DFSR between the on-premises environment and the
Microsoft Azure-based recovery environment.

The configuration of Active Directory for this solution

constitutes a hybrid deployment scenario in which
Windows Server AD DS is partly deployed onpremises and partly deployed on Microsoft Azure
Virtual Machines.

Microsoft Azure

Additional procedures for cold standby environments

Turn on virtual machines regularly to patch, update, and verify the environment.
Run procedures to refresh DNS and IP addresses.
Setup SQL AlwaysOn after a failover.

Build the Windows Server Active Directory Domain Services hybrid environment

On-premises
environment

Virtual Network
Cloud Service
Active Directory &
DNS

VPN Gateway
Windows Server 2012
RRAS

Active Directory

Cloud Service
Distributed
Cache

Front End

Cloud Service
Back End

Database

(http://msdn.microsoft.com/en-us/library/
windowsazure/jj156090.aspx).
File share for log
shipping and third
node of a Node
Majority for SQL
Server AlwaysOn

Active VPN

Gateway
subnet

Important Before deploying Active Directory in

Microsoft Azure, read Guidelines for Deploying
Windows Server Active Directory on Microsoft Azure
Virtual Machines

Availability Set

Availability Set

Availability Set

For complete guidance on designing and deploying

Active Directory environments, see http://
TechNet.microsoft.com.

This reference architecture includes two virtual machines configured

as domain controllers. Each is configured as follows:

Size Small.

Operating system Windows Server 2012.

Role Active Directory Domain Services domain controller

designated as a global catalog server. This configuration reduces
egress traffic across the VPN connection. In multi-domain
environment with high rates of change, configure domain
controllers on premises to not sync with the global catalog servers
in Microsoft Azure.

Data disks Place the Windows Server AD DS database, logs, and

SYSVOL on Microsoft Azure data disks. Do not place these on the
Operating System disk or the Temporary Disks provided by
Microsoft Azure. This is important.

Role Install and configure Windows DNS on the domain

controllers.

IP addresses Use dynamic IP addresses. This requires you to

create a Microsoft Azure Virtual Network.

Availability Set

2014 Microsoft Corporation. All rights reserved. To send feedback about this documentation, please write to us at ITSPdocs@microsoft.com.