I am working on a proof of concept project. We are testing Zerto replication to Azure. I am curious to know how people are pre-staging public IPs and network security groups, etc.? To give a very basic example, if we intend to failover a simple Windows VM running an IIS site, is it possible to prestage the public IP assigned to it? This would be something to add to the overall “run book.” What are your experiences?
Pre-provisioning NSGs within Azure is absolutely possible, in fact when you create a VPG replicating to Azure Zerto gives you the ability to define the NSG you wish to utilise for each instance on recovery, which we automate for you. Zerto also provides the ability to set a static private IP for the VM.
However for Public IPs this is slightly more challenging as these are assigned to network interfaces which in turn are assigned to VM Instances. Because Zerto only creates the VM Instances and their associated network interfaces during a failover, automating the Public IP becomes trickier. What most customers will do here is pre provision static public IPs within your Azure subscription (assuming static is required) and then utilise a post failover script within the VPG creation wizard to use the Azure CLI to assign the public IP to the relevant network interface(s). For the relevant commands please see https://docs.microsoft.com/en-us/cli/azure/network/nic/ip-config?view=azure-cli-latest#az-network-nic-ip-config-update
I hope that helps!
Senior Solution Engineer