In this lab you will pair up with another student group in order to simulate the setup and configuration tasks for VMware Site Recovery Manager
This lab envrionment will configure a cloud to cloudd DR scenario. We will not be pairing Site Recovery with an on premise environment, however such configuratiton is also possible.
Group Pairings Since we only have 10 SDDDCs in our environment we will be pairing in groups of 2 SDDC’s per team.
SDDC1 - SDDC6 SDDC2 - SDDC7 SDDC3 - SDDC8 SDDC4 - SDDC9 SDDC5 - SDDC10
What is VMware Site Recovery
VMware Site Recovery brings VMware enterprise-class Software-Defined Data Center (SDDC) Disaster Recovery as a Service to the AWS Cloud. It enables customers to protect and recover applications without the requirement for a dedicated secondary site. It is delivered, sold, supported, maintained and managed by VMware as an on-demand service. IT teams manage their cloud-based resources with familiar VMware tools without the difficulties of learning new skills or utilizing new tools and processes.
VMware Site Recovery is an add-on feature to VMware Cloud on AWS. VMware Cloud on AWS integrates VMware’s flagship compute, storage, and network virtualization products: VMware vSphere, VMware vSAN, and VMware NSX along with VMware vCenter Server management. It optimizes them to run on elastic, bare-metal AWS infrastructure. With the same architecture and operational experience on-premises and in the cloud, IT teams can now get instant business value via the AWS and VMware hybrid cloud experience.
The VMware Cloud on AWS solution enables customers to have the flexibility to treat their private cloud and public cloud as equal partners and to easily transfer workloads between them, for example, to move applications from DevTest to production or burst capacity. Users can leverage the global AWS footprint while getting the benefits of elastically scalable SDDC clusters, a single bill from VMware for its tightly integrated software plus AWS infrastructure, and on-demand or subscription services like VMware Site Recovery Service. VMware Site Recovery extends VMware Cloud on AWS to provide a managed disaster recovery, disaster avoidance and non-disruptive testing capabilities to VMware customers without the need for a secondary site, or complex configuration.
VMware Site Recovery works in conjunction with VMware Site Recovery Manager and VMware vSphere Replication to automate the process of recovering, testing, re-protecting, and failing-back virtual machine workloads. VMware Site Recovery utilizes VMware Site Recovery Manager servers to coordinate the operations of the VMware SDDC. This is so that, as virtual machines at the protected site are shut down, copies of these virtual machines at the recovery site startup. By using the data replicated from the protected site these virtual machines assume responsibility for providing the same services.
VMware Site Recovery can be used between a customers datacenter and an SDDC deployed on VMware Cloud on AWS or it can be used between two SDDCs deployed to different AWS availability zones or regions. The second option allows VMware Site Recovery to provide a fully VMware managed and maintained Disaster Recovery solution. Migration of protected inventory and services from one site to the other is controlled by a recovery plan that specifies the order in which virtual machines are shut down and started up, the resource pools to which they are allocated, and the networks they can access.
VMware Site Recovery enables the testing of recovery plans, using a temporary copy of the replicated data, and isolated networks in a way that does not disrupt ongoing operations at either site. Multiple recovery plans can be configured to migrate individual applications or entire sites providing finer control over what virtual machines are failed over and failed back. This also enables flexible testing schedules. VMware Site Recovery extends the feature set of the virtual infrastructure platform to provide for rapid business continuity through partial or complete site failures.
Activate Site Recovery Add On
Important Instructions for Site Recovery Exercises
Note: Activating the Site Recovery add on is an operation done per SDDC, therefore only one team member per SDDC should perform this step. Please decide which team member will be activating site recovery.
If you have not already done so log into your SDDC at https://vmc.vmware.com/console/sddcs and open your SDDC
Navigate to Add Ons and click Activate “Site Recovery”
Verify “Default extension ID” is selected and click Acitvate
The activation of the service should take aboutt 10 to 15 min.
Configuring Network Connectivity for Site Recovery
Site Recovery Components are installed on the management resource pool inside your SDDC. These are accessed behind the management gateway and do not have public IP addresses assigned to them but rather consume private infrastructure IP space definedd during the deployment of the SDDC.
Pairing Site Recovery to an on premise or cloud environment requires layer 3 connectivity either by IPSecVPN or Ddirect Connect. We have established this network connectivity in our previous “VPN-lab” If you have not completed this lab you will not be able to proceed.
Management Gateway Firewall Configuration
To enable VMware Site Recovery on your SDDC environment, you must create firewall rules between your on-premises or cloud data center and the Management Gateway.
Note: Only one student should open the firewall rules. Please decide between you and your partner who will be configuring the firewall rules for Site Recovery)
Note: You must enable Site Recovery on your SDDC before proceeding.
- Allow inbound service HTTPS (TCP 433) to vCenter (This rule should have been created on lab “Working with your SDDC)
- Allow inbound service SRM Server Management (TCP 9086) to Site Recovery Manager
- Allow inbound service VR Server Management (TCP 8043) to vSphere Replication
- Allow outbound service Any (All Traffic) from vCenter, Site Recovery Manager, and vSphere Replication
Select Networking & Security > Edge Firewall > Management Gateway.
Select Add New Rule > Name the rule Inbound SRM > for source enter any > for destination go to system defined and select site recovery manager > for services select VMware Site Recovery SRM > set Action to Allow > Publish the Firewall rule. Your rule should look like this
Select Add New Rule > Name the rule inbound VR > for source enter any > for destination go to system defined and select vSphere Replication > for services select VMware Site Recovery vSphere Replication > set Action to Allow > Publish the Firewall rule. Your rule should look like this.
Select Add New Rule > Name the rule Outbound SRM > for source select Site Recovery Manager > for destination select any for services select any > for action select allow > Publish your firewall rule. Your rule should look like this.
Select Add New Rule > Name the rule Outbound VR > for source select vSphere Replication > for destination select any > for services select any > for action select allow > Publish your firewall rule. Your rule should look like this.
Note Opening up your firewall to any source and destination is not a recommended practice for production environments. It is recommended you allow traffic only to your on premises environments or to another cloud SDDC for Site Recovery Configuration.
VMware Site Recovery
IMPORTANT NOTE: Only one person can do the Site Pairing exercise. Please decide between you and your partner who performs this step.
Note As mentioned before Site Recovery Components are only accessible behind the Management Gateway Firewall, therefore we will be u sing our Windows10 VM inside our SDDC for the following steps.
Accessing your Windows 10 VM
Log into your vCenter’s SDDC and open a web console to your win10-## VM you created in the operations lab.
Log into windows as “desktop-admin/VMware1!”
Click the “Start Button” and type “Change Ethernet Settings” and click on the icon.
Click on “Change Adapter Options”
Right click on “Ethernet 0”
Select TCP/IPV4 and click on “Properties”
Click “Obtain IP Address Automatically”
Ensure DNS server is set to 184.108.40.206 and click OK and close
Your Widnows10 VM should now have access to the internet. Open a web browser in your Windows10 VM and log into https://cloud.vmware.com
Log in with my VMware Credentials
Click on “Console” on the top right corner
1. On your VMware Cloud on AWS Portal click on the Add Ons tab
2. Click Open Site Recovery
3. Click on New Site Pair
You will be pairing the partner site that was assigned to you by your instructor, note that this is not the information for your SDDC used up until now.
This is the information your partner will need from you and you will need from your partner’s site.
4. Click on the Settings tab in your SDDC
The username on both sides (yours and your peer) will always be email@example.com
5. Copy or note the password for the vCenter Server user
6. Note the URL for the vCenter server and the format it’s displayed versus the format it should be used:
7. Make sure your local vCenter is selected
8. Enter the information from your partner’s SDDC:
PSC host name (make sure to enter the correct format as noted above)
9. Make sure local vCenter server is selected
10. Select all Services
11. Click Next
- Click Finish button
Configure Network Mappings
13. Click Network Mappings in the left pane of the Site Recovery page
14. Click New
15. Select Prepare mappings manually
16. Click Next
17. Expand SDDC Datacenter on both sides
18. Expand Management Networks on both sides
19. Expand vmc-dvs on both sides
20. Select your Student#-LN network and your partner’s Student#-LN (You may need to scroll down to fid these networks)
21. Click the Add Mappings button
22. Click Next
23. DO NOT enter or select anything in Reverse Mappings, click Next
24. Leave defaults and click Next
25. Click Finish
26. Select Folder Mappings in the left pane
27. Click + New to create a new folder mapping
28. Select Prepare mappings manually
29. Click Next
30. Expand SDDC Datacenter on both sides
31. Select Workloads on both sides
32. Click the Add Mappings button
33. Click Next
34. DO NOT select any Reverse mappings, click Next
35. Click Finish
36. Click Resource Mappings in the left pane
37. Click + New
38. Expand SDDC Datacenter on both sides
39. Expand Cluster 1 on both sides
40. Select Compute-ResourcePool on both sides
41. Click Add Mappings button
42. Click Next
43. DO NOT select any reverse mappings, click Next
44. Click Finish
Storage Policy Mappings
45. Select Storage Policy Mappings in the left pane
46. Click + New
47. Select Prepare mappings manually
48. Click Next
49. Click to select Datastore Default on both the left and right pane
50. Click ADD MAPPINGS
51. Click NEXT
52. Click Datastore Default for Reverse mappings
53. Click NEXT
54. Click FINISH
55. Select Placeholder Datastores in the left pane
56. Click + New
57. Select WorkloadDatastore
58. Click Add
SRM - Protect a VM
1. Select a VM to replicate and right-click
2. Select All Site Recovery actions
3. Click Configure Replication
NOTE: You may need to log in to the paired site (This is your partner’s site), make sure you use firstname.lastname@example.org and get your partner users password. After entering you may need to repeat this step.
4. Click Next
5. Select the Target Site
6. If not logged in you may need to login (Remember this is your partner’s site not yours)
7. Enter your partners site credentials
8. Leave all defaults and click Next
9. Leave the default Datastore Default as the VM Storage Policy
10. Select WorkloadDatastore
11. Click Next
12. Leave the default 1 hour for Recovery Point Objective, RPO can be as low as 5 minutes, as high as 24 hour
13. Click Next
14. Select Add to new protection group
15. Name your Protection Group PG# (where # is your student number)
16. Click Next
17. Select Add to new recovery plan
18. Name your Recovery Plan RP# (where # is your student number)
19. Click Next button
20. Click Finish
Perform a Recovery Test
1. In the VMware Cloud on AWS portal, click the Add Ons tab
2. Click on Open Site Recovery (You may need to allow Pop-ups in browser)
3. In the Site Recovery window, click Open
4. Click on Recovery Plans
5. Click on your protection group PG# (where # is your student number)
6. Click on Recovery Plans
7. Click on RP# which should be your Recovery Plan you created in a previous step
8. Click the Test button
9. Leave all defaults and click Next button
10. Click Finish button
11. Follow the progress in the Recent Tasks area at the bottom of your window
12. Notice the test has successfully completed
13. Click the Cleanup button to clean up the activity and return the environment to its normal state
14. Click Next
15. Click Finish, the environment will now be clean. Please note that during testing, your replications protecting your VM’s is not interrupted