In this lab you will pair up with another student group in order to simulate the setup and configuration tasks for VMware Site Recovery Manager
Activate Site Recovery Add On
Important Instructions for Site Recovery Exercises
PLEASE BE AWARE THAT THESE EXERCISES MUST BE PERFORMED FROM THE ASSIGNED HORIZON DESKTOP YOUR INSTRUCTORS ASSIGNED. IF YOU TRY TO PERFORM SOME OF THE EXERCISES OUTSIDE OF THE HORIZON SESSION YOU WILL EXPERIENCE SOME FAILURES.
Activate Site Recovery
1. Click on the Add ons tab
2. Under the Site Recovery Add On, Click the Activate button
3. In the pop up window Click Activate again
Wait until the Site Recovery Add On has been activated. This process should take ~10 minutes to complete.
What is VMware Site Recovery
VMware Site Recovery brings VMware enterprise-class Software-Defined Data Center (SDDC) Disaster Recovery as a Service to the AWS Cloud. It enables customers to protect and recover applications without the requirement for a dedicated secondary site. It is delivered, sold, supported, maintained and managed by VMware as an on-demand service. IT teams manage their cloud-based resources with familiar VMware tools without the difficulties of learning new skills or utilizing new tools and processes.
VMware Site Recovery is an add-on feature to VMware Cloud on AWS. VMware Cloud on AWS integrates VMware’s flagship compute, storage, and network virtualization products: VMware vSphere, VMware vSAN, and VMware NSX along with VMware vCenter Server management. It optimizes them to run on elastic, bare-metal AWS infrastructure. With the same architecture and operational experience on-premises and in the cloud, IT teams can now get instant business value via the AWS and VMware hybrid cloud experience.
The VMware Cloud on AWS solution enables customers to have the flexibility to treat their private cloud and public cloud as equal partners and to easily transfer workloads between them, for example, to move applications from DevTest to production or burst capacity. Users can leverage the global AWS footprint while getting the benefits of elastically scalable SDDC clusters, a single bill from VMware for its tightly integrated software plus AWS infrastructure, and on-demand or subscription services like VMware Site Recovery Service. VMware Site Recovery extends VMware Cloud on AWS to provide a managed disaster recovery, disaster avoidance and non-disruptive testing capabilities to VMware customers without the need for a secondary site, or complex configuration.
VMware Site Recovery works in conjunction with VMware Site Recovery Manager and VMware vSphere Replication to automate the process of recovering, testing, re-protecting, and failing-back virtual machine workloads. VMware Site Recovery utilizes VMware Site Recovery Manager servers to coordinate the operations of the VMware SDDC. This is so that, as virtual machines at the protected site are shut down, copies of these virtual machines at the recovery site startup. By using the data replicated from the protected site these virtual machines assume responsibility for providing the same services.
VMware Site Recovery can be used between a customers datacenter and an SDDC deployed on VMware Cloud on AWS or it can be used between two SDDCs deployed to different AWS availability zones or regions. The second option allows VMware Site Recovery to provide a fully VMware managed and maintained Disaster Recovery solution. Migration of protected inventory and services from one site to the other is controlled by a recovery plan that specifies the order in which virtual machines are shut down and started up, the resource pools to which they are allocated, and the networks they can access.
VMware Site Recovery enables the testing of recovery plans, using a temporary copy of the replicated data, and isolated networks in a way that does not disrupt ongoing operations at either site. Multiple recovery plans can be configured to migrate individual applications or entire sites providing finer control over what virtual machines are failed over and failed back. This also enables flexible testing schedules. VMware Site Recovery extends the feature set of the virtual infrastructure platform to provide for rapid business continuity through partial or complete site failures.
Create a Cross SDDC VPN
We will be setting up an IPSEC VPN connection between your VPC and the VPC of the person you were paired with.
1. Go back to the VMware Cloud on AWS tab.
2. In the main SDDC window, click on View Details
3. Click on the Network menu
In the Management Gateway section, make a note of the Public IP and the Infrastructure Subnet CIDR
In the Management Gateway settings below
4. Click the drop down arrow to open the IPsec VPNs section
5. Click on ADD VPN
Fill in the following information
6. Name: Student # MGMT GW (where # is your peer’s student number)
7. The Public IP address of the persons Gateway you were paired with
8. The Infrastructure IP CIDR of the person you were paired with
9. Pre-shared key is VMware1!
10. Click on Save
When both you and the person you were paired with have completed these steps you should see the status of the VPN turn to Connected
There will be a need to setup a second VPN to our Host infrastructure for this setup to work. This is not normally needed when setting up your on-premises environment but it’s needed for the special setup in this workshop.
11. Make sure the IPSecVPNs drop down is opened, if not click it under Management Gateway
12. Click on Add VPN
Fill in the following information
13. Name this VPN Student# to Host (where # is your student number)
14. Enter 220.127.116.11 for the Remote Gateway Public IP
15. Enter 192.168.30.0/24 under Remote Networks
16. Pre-shared key is VMware1!
17. Click on Save
Prepare and Pair Site Recovery
Firewall Rules for Site Recovery
For this module we will utilize the brand new Firewall Rule Accelerator option in the VMware Cloud on AWS portal.
The firewall rule accelerator will create a group of firewall rules for a set of use cases. The Remote Network of the selected VPN will be used as the source or destination for these rules. You can edit the rules in the Firewall Rules section after they are created if desired although there should be no need to edit them.
1. Click on the Network tab
2. Expand the Firewall Rule Accelerator area
3. For Rule Group select Site Recovery option
4. For VPN Select the VPN created against the Student you were paired up with, and you will repeat the same process for the VPN created to the Host infrastructure.
MAKE SURE TO REPEAT THIS STEP FOR BOTH VPN'S CREATED, THE ONE WITH YOUR PEER STUDENT, AND THE ONE FOR THE HOST.
5. Click on Create Firewall Rules
Watch as the firewall rules get created automatically for you. Once completed, repeat for second VPN, once that one completes you can examine the firewall rules created.
VMware Site Recovery - Site Pairing
IMPORTANT NOTE: Only one person can do the Site Pairing exercise. Please decide between you and your partner who performs this step.
1. On your VMware Cloud on AWS Portal click on the Add Ons tab
2. Click Open Site Recovery
3. Click on New Site Pair
You will be pairing the partner site that was assigned to you by your instructor, note that this is not the information for your SDDC used up until now.
This is the information your partner will need from you and you will need from your partner’s site.
4. Click on the Settings tab in your SDDC
The username on both sides (yours and your peer) will always be firstname.lastname@example.org
5. Copy or note the password for the vCenter Server user
6. Note the URL for the vCenter server and the format it’s displayed versus the format it should be used:
7. Make sure your local vCenter is selected
8. Enter the information from your partner’s SDDC:
PSC host name (make sure to enter the correct format as noted above)
9. Make sure local vCenter server is selected
10. Select all Services
11. Click Next
- Click Finish button
Configure Network Mappings
13. Click Network Mappings in the left pane of the Site Recovery page
14. Click New
15. Select Prepare mappings manually
16. Click Next
17. Expand SDDC Datacenter on both sides
18. Expand Management Networks on both sides
19. Expand vmc-dvs on both sides
20. Select your Student#-LN network and your partner’s Student#-LN (You may need to scroll down to fid these networks)
21. Click the Add Mappings button
22. Click Next
23. DO NOT enter or select anything in Reverse Mappings, click Next
24. Leave defaults and click Next
25. Click Finish
26. Select Folder Mappings in the left pane
27. Click + New to create a new folder mapping
28. Select Prepare mappings manually
29. Click Next
30. Expand SDDC Datacenter on both sides
31. Select Workloads on both sides
32. Click the Add Mappings button
33. Click Next
34. DO NOT select any Reverse mappings, click Next
35. Click Finish
36. Click Resource Mappings in the left pane
37. Click + New
38. Expand SDDC Datacenter on both sides
39. Expand Cluster 1 on both sides
40. Select Compute-ResourcePool on both sides
41. Click Add Mappings button
42. Click Next
43. DO NOT select any reverse mappings, click Next
44. Click Finish
Storage Policy Mappings
45. Select Storage Policy Mappings in the left pane
46. Click + New
47. Select Prepare mappings manually
48. Click Next
49. Click to select Datastore Default on both the left and right pane
50. Click ADD MAPPINGS
51. Click NEXT
52. Click Datastore Default for Reverse mappings
53. Click NEXT
54. Click FINISH
55. Select Placeholder Datastores in the left pane
56. Click + New
57. Select WorkloadDatastore
58. Click Add
SRM - Protect a VM
1. Select a VM to replicate and right-click
2. Select All Site Recovery actions
3. Click Configure Replication
NOTE: You may need to log in to the paired site (This is your partner’s site), make sure you use email@example.com and get your partner users password. After entering you may need to repeat this step.
4. Click Next
5. Select the Target Site
6. If not logged in you may need to login (Remember this is your partner’s site not yours)
7. Enter your partners site credentials
8. Leave all defaults and click Next
9. Leave the default Datastore Default as the VM Storage Policy
10. Select WorkloadDatastore
11. Click Next
12. Leave the default 1 hour for Recovery Point Objective, RPO can be as low as 5 minutes, as high as 24 hour
13. Click Next
14. Select Add to new protection group
15. Name your Protection Group PG# (where # is your student number)
16. Click Next
17. Select Add to new recovery plan
18. Name your Recovery Plan RP# (where # is your student number)
19. Click Next button
20. Click Finish
Perform a Recovery Test
1. In the VMware Cloud on AWS portal, click the Add Ons tab
2. Click on Open Site Recovery (You may need to allow Pop-ups in browser)
3. In the Site Recovery window, click Open
4. Click on Recovery Plans
5. Click on your protection group PG# (where # is your student number)
6. Click on Recovery Plans
7. Click on RP# which should be your Recovery Plan you created in a previous step
8. Click the Test button
9. Leave all defaults and click Next button
10. Click Finish button
11. Follow the progress in the Recent Tasks area at the bottom of your window
12. Notice the test has successfully completed
13. Click the Cleanup button to clean up the activity and return the environment to its normal state
14. Click Next
15. Click Finish, the environment will now be clean. Please note that during testing, your replications protecting your VM’s is not interrupted