VMware Cloud Foundation Site Protection and Disaster Recovery Guide. VMware Cloud Foundation 3.0.1

Similar documents
Backup and Restore. 20 NOV 2018 VMware Validated Design 4.3 VMware Validated Design for Software-Defined Data Center 4.3

Site Protection and Recovery. VMware Validated Design 4.0 VMware Validated Design for Software-Defined Data Center 4.0

Operational Verification. 21 AUG 2018 VMware Validated Design 4.3 VMware Validated Design for Software-Defined Data Center 4.3

Scenarios. VMware Validated Design for IT Automating IT 4.0 EN

Scenarios for IT Automating IT. 21 AUG 2018 VMware Validated Design 4.3 VMware Validated Design for IT Automating IT 4.3

Scenarios. VMware Validated Design 4.0 VMware Validated Design for IT Automating IT 4.0

Use Case Deployment Using vrealize Suite Lifecycle Manager. Modified on 21 DEC 2017 VMware Validated Design 4.1

Scenarios. VMware Validated Design for IT Automating IT EN

Upgrade. 17 JUL 2018 VMware Validated Design 4.3 VMware Validated Design for Software-Defined Data Center 4.3

Upgrade. 13 FEB 2018 VMware Validated Design 4.2 VMware Validated Design for Software-Defined Data Center 4.2

Intelligent Operations Use Case Deployment Using vrealize Suite Lifecycle Manager

vrealize Suite 7.0 Backup and Restore by Using EMC Avamar vrealize Suite 7.0

Certificate Replacement. 25 SEP 2018 VMware Validated Design 4.3 VMware Validated Design for Remote Office Branch Office 4.3

Upgrading from vrealize Automation 7.1 or Later to June 2018 vrealize Automation 7.4

Upgrading from vrealize Automation to 7.3 or May 2018 vrealize Automation 7.3

Migrating vrealize Automation to 7.3 or March 2018 vrealize Automation 7.3

Upgrading from vrealize Automation 7.1, 7.2 to 7.3 or 7.1, 7.2, 7.3 to March 2018 vrealize Automation 7.3

Upgrading from vrealize Automation 6.2 to 7.1

Monitoring and Alerting. 27 MAR 2018 VMware Validated Design 4.2 VMware Validated Design for Software-Defined Data Center 4.2

Monitoring and Alerting. 19 SEP 2017 VMware Validated Design 4.1 VMware Validated Design for Software-Defined Data Center 4.1

Monitoring and Alerting

Monitoring and Alerting. VMware Validated Design 4.0 VMware Validated Design for Software-Defined Data Center 4.0

VMware Horizon JMP Server Installation and Setup Guide. Modified on 06 SEP 2018 VMware Horizon 7 7.6

vcloud Director Service Provider Admin Portal Guide vcloud Director 9.1

vcloud Director Tenant Portal Guide vcloud Director 9.0

McAfee Network Security Platform

McAfee Network Security Platform

IaaS Configuration for Virtual Platforms

Installation and Upgrade on Windows Server 2008 When the Secondary Server is Virtual VMware vcenter Server Heartbeat 6.5 Update 1

McAfee Network Security Platform

Simrad ES80. Software Release Note Introduction

Zenoss Service Impact Installation and Upgrade Guide for Resource Manager 5.x and 6.x

vcloud Director Tenant Portal Guide vcloud Director 9.1

Cisco UCS Performance Manager Installation Guide

McAfee Network Security Platform

Zenoss Resource Manager Installation Guide

vcloud Director Service Provider Admin Portal Guide 04 OCT 2018 vcloud Director 9.5

Zenoss Resource Manager Installation Guide

McAfee Network Security Platform

Cisco UCS Performance Manager Migration Guide

COMPUTER EDUCATION TECHNIQUES, INC. (MS_W2K3_SERVER ) SA:

Zenoss Resource Manager Installation Guide

Zenoss Core Installation Guide

NOTES. Figure 1 illustrates typical hardware component connections required when using the JCM ICB Asset Ticket Generator software application.

File Manager Quick Reference Guide. June Prepared for the Mayo Clinic Enterprise Kahua Deployment

Zenoss Core Installation Guide

Zenoss Resource Manager Installation Guide

EasyMP Network Projection Operation Guide

Zenoss Resource Manager Installation Guide

Certificate Replacement. 21 AUG 2018 VMware Validated Design 4.3 VMware Validated Design for Software-Defined Data Center 4.3

EasyMP Multi PC Projection Operation Guide

License Manager Installation and Setup

Deployment of VMware NSX-T for Workload Domains. 19 MAR 2019 VMware Validated Design VMware NSX-T 2.4

Epson iprojection Operation Guide (Windows/Mac)

Certificate Replacement. 26 SEP 2017 VMware Validated Design 4.1 VMware Validated Design for Management and Workload Consolidation 4.

Siebel Business Analytics Applications Upgrade Guide. Version May 2006

STRM Installation Guide

LINX MATRIX SWITCHERS FIRMWARE UPDATE INSTRUCTIONS FIRMWARE VERSION

Control Center Installation Guide for High-Availability Deployments

Information regarding

Operational Verification. 26 SEP 2017 VMware Validated Design 4.1 VMware Validated Design for Software-Defined Data Center 4.1

Certificate Replacement. 21 AUG 2018 VMware Validated Design 4.3 VMware Validated Design for Management and Workload Consolidation 4.

McAfee Network Security Platform

Agilent Mass Hunter Software

Zenoss Resource Manager Configuration Guide

Lab 1 - Counter. Create a project. Add files to the project. Compile design files. Run simulation. Debug results

EasyMP Multi PC Projection Operation Guide

Zenoss Core Configuration Guide

Registering as an HPE Reseller

Zenoss Community Edition (Core) Configuration Guide

Control Center Installation Guide for High-Availability Deployments

Zenoss Resource Manager Configuration Guide

EasyMP Network Projection Operation Guide

Zenoss Core Configuration Guide

HP Unified Functional Testing

Installation and Upgrade Instructions

pdfapilot Server 2 Manual

Zenoss Resource Manager Configuration Guide

Control Center Installation Guide

Release Notes for. LANCOM Advanced VPN Client 4.10 Rel

How to Design REST API? Written Date : March 23, 2015

EasyMP Multi PC Projection Operation Guide

Troubleshooting Guide

McAfee Data Loss Prevention Prevent

Polycom RealPresence Media Editor Quick Start

YOU ARE: AND THIS IS:

Registering as a HPE Reseller. Quick Reference Guide for new Partners in Asia Pacific

Welch Allyn CardioPerfect Workstation Installation Guide

c360 Add-On Solutions

Distributed Systems Principles and Paradigms

Coprocessor memory definition. Loic Pallardy / Arnaud Pouliquen

Troubleshooting. Verify the Cisco Prime Collaboration Provisioning Installation (for Advanced or Standard Mode), page

Sage CRM 2017 R3 Software Requirements and Mobile Features. Updated: August 2017

Sage CRM 2018 R1 Software Requirements and Mobile Features. Updated: May 2018

Installation Guide AT-VTP-800

McAfee Network Security Platform

McAfee Network Security Platform

Data sharing in OpenMP

Deposit a Technical Report in PubRep

Control Center Installation Guide

Transcription:

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide VMwre Cloud Foundtion 3.0.1

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide You cn find the most up-to-dte technicl documenttion on the VMwre wesite t: https://docs.vmwre.com/ If you hve comments out this documenttion, sumit your feedck to docfeedck@vmwre.com VMwre, Inc. 3401 Hillview Ave. Plo Alto, CA 94304 www.vmwre.com Copyright 2018 VMwre, Inc. All rights reserved. Copyright nd trdemrk informtion. VMwre, Inc. 2

Contents Aout Site Protection nd Recovery for VMwre Cloud Foundtion 5 1 Prerequisites for Implementing Disster Recovery on VMwre Cloud Foundtion 6 2 Prepre NSX for Cross-Region Support 9 Assign the Primry Role to NSX Mnger in Region A 9 Crete Universl Trnsport Zone in Region A 10 Delete the NSX Controllers in Region B 11 Assign the Secondry Role to NSX Mnger in Region B 12 3 Configure Dynmic Routing 14 4 Updte the NTP Sources on vrelize Opertions Mnger in Region A 15 5 Plce the Virtul Mchines of Mngement Solution in Dedicted Folder 16 Move the Virtul Mchines of vrelize Automtion nd vrelize Opertions Mnger to Dedicted Folders in Region A 16 Crete Virtul Mchine Folders for vrelize Automtion nd vrelize Opertions Mnger in Region B 17 6 Instll Site Recovery Mnger 19 7 Deploy vsphere Repliction 20 8 Prepre the Environment for vsphere Repliction Trffic 21 Crete VMkernel Adpter for vsphere Repliction in Region A 21 Crete VMkernel Adpter for vsphere Repliction in Region B 22 Isolte the Network Trffic of vsphere Repliction 23 9 Migrte vrelize Automtion nd vrelize Opertions Mnger to the Cross- Region Appliction Virtul Network 25 Crete the Cross-Region Appliction Virtul Network 26 Power Оff the Virtul Mchines of vrelize Automtion nd vrelize Opertions Mnger 26 Migrte vrelize Automtion nd vrelize Opertions Mnger to the Cross-Region Appliction Virtul Network 27 Shut Down nd Remove the vrelize VLAN from the Physicl Network 28 Connect the Cross-Region Appliction Virtul Network to the Universl Distriuted Logicl Router 29 VMwre, Inc. 3

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide Power Оn the Virtul Mchines of vrelize Automtion nd vrelize Opertions Mnger 29 Instll the vcfvrdrhelper script in Region A 30 Configure the Environment After the Migrtion to the Cross-Region Network 31 10 Crete the NSX Lod Blncer for vrelize Automtion nd vrelize Opertions Mnger in Region B 32 Deploy the NSX Edge for Lod Blncing vrelize Automtion nd vrelize Opertions Mnger in Region B 32 Disle the Interfce on the vrelize NSX Edge Lod Blncer in Region B 34 Configure the NSX Lod Blncer for vrelize Automtion nd vrelize Opertions Mnger in Region B 35 11 Fil Over nd Fil Bck the SDDC Mngement Applictions 44 12 Upgrde NSX in Cross-Site Configurtion 45 Upgrde Primry NSX Mnger 45 Upgrde Secondry NSX Mnger 46 Upgrde NSX Components on Primry Site 47 Upgrde NSX Components on Secondry Site 47 13 Cloud Foundtion Glossry 49 VMwre, Inc. 4

Aout Site Protection nd Recovery for VMwre Cloud Foundtion Site Protection nd Recovery for VMwre Cloud Foundtion provides step-y-step instructions out dpting dul-region softwre-defined dt center (SDDC) on top of VMwre Cloud Foundtion for disster recovery of VMwre mngement components. You use VMwre Site Recovery Mnger nd VMwre vsphere Repliction to perform site protection nd recovery of the Cloud Mngement Pltform tht consists of vrelize Automtion with emedded vrelize Orchestrtor, nd of the vrelize Opertions Mnger nlytics cluster. While not directly documented, this document cn e used to protect worklod domins cross regions s well. The documenttion covers oth filover to the recovery region nd filck to the protected region. Intended Audience The Site Protection nd Recovery for VMwre Cloud Foundtion documenttion is intended for cloud rchitects, infrstructure dministrtors, cloud dministrtors nd cloud opertors who re fmilir with nd wnt to use VMwre softwre to deploy in short time nd mnge n SDDC tht meets the requirements for cpcity, sclility, ckup nd restore, nd disster recovery. Required VMwre Softwre The Site Protection nd Recovery for VMwre Cloud Foundtion documenttion is complint nd vlidted with VMwre Cloud Foundtion 2.3.1. Performing SDDC Filover nd Filck After you configure the SDDC for disster recovery, for informtion out filover or filck of the components of the Cloud Mngement Pltform or vrelize Opertions Mnger, see the Site Protection nd Recovery documenttion in VMwre Vlidted Design for Softwre-Defined Dt Center 4.2. VMwre, Inc. 5

Prerequisites for Implementing Disster Recovery on VMwre Cloud Foundtion 1 Before you implement disster recovery in VMwre Cloud Foundtion, your environment must support certin prerequisites for deployment nd networking. You implement disster recovery on vrelize Automtion nd the vrelize Opertions Mnger nlytics cluster. You cn pply the guidnce for protecting worklods in Cloud Foundtion worklod domins. Both scenrios, mngement stck disster recovery nd worklod disster recovery, re vlidted nd require the following prerequisites. Disster Recovery Considertions When you prepre for disster recovery, you must determine which of your two Cloud Foundtion instnces will function s the protected site nd which one s the recovery site. The protected site hosts the usiness-criticl SDDC services. In the context of Cloud Foundtion, the protected site contins the vrelize products, including vrelize Opertions Mnger nd vrelize Automtion, nd tennt worklods with filover tht is enled in the event of disster. The recovery site is n lterntive loction to which these vrelize pplictions nd tennt worklods, if the ltter is configured, re migrted nd hosted in the event of disster. In this guide, the protected site is referred to s Region A nd the recovery site is referred to s Region B. Disster Recovery Prerequisites Before you implement disster recovery, verify tht your environment stisfies the following prerequisites: In ech region, provide the Windows virtul mchine nd environment configurtion for Site Recovery Mnger deployment. Attriute Guest OS Cluster Dtstore Site Recovery Mnger Windows Server 2012 R2 (64-it) vrck-cluster vsndtstore Numer of CPUs 2 Memory (GB) 4 Disk spce (GB) 40 VMwre, Inc. 6

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide Attriute SCSI Controller Virtul mchine network dpter Virtul mchine network Active Directory domin Service ccount VMwre Tools Site Recovery Mnger LSI Logic SAS VMXNET3 vrck-dportgroup-mgmt Sudomin of the Cloud Foundtion instnce Windows dministrtor Ltest version Downlod Site Recovery Mnger 6.5.1 instller to oth VMs. In ech region, provide the environment configurtion for deploying the vsphere Repliction virtul pplince. Attriute Cluster Dtstore Site Recovery Mnger vrck-cluster vsndtstore Numer of CPUs 2 Memory (GB) 4 Disk spce (GB) 18 SCSI Controller Virtul mchine network dpter Virtul mchine network LSI Logic SAS VMXNET3 vrck-dportgroup-mgmt Downlod the vsphere Repliction 6.5.1.iso imge nd mount it on the mchine tht you use to ccess the vsphere We Client. Otin license for Site Recovery Mnger. Cloud Foundtion Prerequisites Verify tht VMwre Cloud Foundtion is version 2.3.1 or lter. Verify tht you hve otined Cloud Foundtion license tht covers the use of cross-vcenter NSX ojects. Deploy vrelize Automtion nd vrelize Opertions Mnger fter you deploy or upgrde Cloud Foundtion to 2.3.1. vrelize Automtion nd vrelize Opertions Mnger re deployed in Region A. Temporrily migrte ll virtul mchines on NSX logicl switches to VLAN-cked distriuted port groups to keep their connectivity nd disconnect the virtul mchines from the logicl switches. You cn reconnect these virtul mchines to the logicl switches fter NSX is configured for cross vcenter Server opertions. VMwre, Inc. 7

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide Networking Prerequisites The regions must e connected to ech other nd the connection must support jumo frmes nd Lyer 3 routing etween the regions. All uplinks, port chnnels, nd VLANs tht crry VXLAN nd vsphere Repliction trffic must e configured for jumo frmes. The mximum supported ltency etween regions must e 150 ms. Sufficient ndwidth must e ville for repliction trffic. See VMwre Knowledge Bse rticle 2037268 to determine the required ndwidth for your worklods. BGP must e licensed nd ville for use on the Lyer 3 devices in oth regions. Nexus switches must e updted to Nexus OS relese tht supports routing protocol djcencies over virtul port chnnels. See https://www.cisco.com/c/en/us/support/docs/ip/ip-routing/118997- technote-nexus-00.html for the minimum required Nexus OS relese nd dditionl configurtion required. VMwre, Inc. 8

Prepre NSX for Cross-Region Support 2 The first step in configuring disster recovery is to configure cross-region NSX to enle worklod moility. Configure NSX for cross-region support of universl ojects. Due to the defult configurtion of NSX within VMwre Cloud Foundtion, NSX must e reconfigured to support universl ojects. If you select to use defult networks during VMwre Cloud Foundtion ring-up, you must remove NSX ojects tht were deployed nd you must updte the hosts VTEPs to use unique routle IP ddresses. 1 Assign the Primry Role to NSX Mnger in Region A Assign NSX Mnger the primry role to enle universl networking ojects tht re used cross ll primry nd secondry NSX instnces in the protected nd recovery regions. Set universl Segment ID pool to define the rnge of VXLANs tht re ville to cross-region logicl segments. 2 Crete Universl Trnsport Zone in Region A A trnsport zones controls to which hosts logicl switch cn rech. Crete universl trnsport zone so tht logicl switches cn connect to ll hosts for disster recover. 3 Delete the NSX Controllers in Region B For dul-region setup, cross-vcenter NSX controllers re deployed only in the region tht contins the primry NSX Mnger. You must remove the NSX controller cluster in the recovery region. 4 Assign the Secondry Role to NSX Mnger in Region B To enle cross-vcenter NSX networking, configure the NSX Mnger in Region B s secondry. You perform this opertion from the primry NSX Mnger which is in Region A. You join the mngement cluster in Region B to the universl trnsport zone from the locl vcenter Server. Assign the Primry Role to NSX Mnger in Region A Assign NSX Mnger the primry role to enle universl networking ojects tht re used cross ll primry nd secondry NSX instnces in the protected nd recovery regions. Set universl Segment ID pool to define the rnge of VXLANs tht re ville to cross-region logicl segments. VMwre, Inc. 9

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_a/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 2 Assign the primry role to the mngement NSX Mnger. c d In the Nvigtor, click Networking & Security. In the Nvigtor, click Instlltion. On the Mngement t, select the mngement NSX Mnger nd select Actions > Assign Primry Role. In the Assign Primry Role dilog ox, click Yes. 3 Crete universl Segment ID pool. c On the Instlltion t, click the Logicl Network Preprtion t nd click Segment ID. Select the mngement NSX Mnger from the drop-down menu. Under the Universl Segment ID pool nd Multicst rnge section, click Edit, enter 12000-12999 for the Universl Segment ID Pool, nd click OK. 4 Repet Step 2 nd Step 3 for ny worklod domins you wnt to configure for disster recovery. Use different Segment ID pool rnge for ech worklod domin. Crete Universl Trnsport Zone in Region A A trnsport zones controls to which hosts logicl switch cn rech. Crete universl trnsport zone so tht logicl switches cn connect to ll hosts for disster recover. 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_a/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword VMwre, Inc. 10

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 2 In the Nvigtor, click Networking & Security. 3 In the Nvigtor, click Instlltion. 4 On the Logicl Network Preprtion t, click Trnsport Zones. 5 From the NSX Mnger drop down menu, select the IP ddress of the mngement NSX Mnger. 6 Click the New Trnsport Zone icon. 7 In the New Trnsport Zone dilog ox, enter the following settings. Mrk this oject for Universl Synchroniztion Nme Repliction mode Vlue Selected Mgmt Universl Trnsport Zone Unicst 8 Select the clusters to e prt of the trnsport zone nd click OK. 9 Right-click Mgmt Universl Trnsport Zone nd select Enle CDO Mode. 10 (Optionl) Repet the procedure for worklod domins tht you wnt to configure for disster recovery. Delete the NSX Controllers in Region B For dul-region setup, cross-vcenter NSX controllers re deployed only in the region tht contins the primry NSX Mnger. You must remove the NSX controller cluster in the recovery region. 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_b/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 2 In the Nvigtor, click Networking & Security. 3 In the Nvigtor, click Instlltion. 4 On the Mngement t, under NSX Controller nodes select n NSX Controller nd click the Delete icon. 5 Delete the remining two controllers. When you delete the lst controller, select the Forcefully Delete option. VMwre, Inc. 11

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 6 (Optionl) Repet the procedure for worklod domins tht you wnt to configure for disster recovery. Assign the Secondry Role to NSX Mnger in Region B To enle cross-vcenter NSX networking, configure the NSX Mnger in Region B s secondry. You perform this opertion from the primry NSX Mnger which is in Region A. You join the mngement cluster in Region B to the universl trnsport zone from the locl vcenter Server. 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_a/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 2 Assign the secondry role to the Mngement NSX Mnger in Region B. c d e In the Nvigtor, click Networking & Security. In the Nvigtor, click Instlltion. On the Mngement t, select the mngement NSX instnce. Select Actions > Add Secondry NSX Mnger. In the Add Secondry NSX Mnger dilog ox, enter the following settings nd click OK. NSX Mnger User nme Pssword Confirm Pssword Vlue IP ddress of mngement NSX Mnger in Region B dmin mgmtnsx_dmin_pssword mgmtnsx_dmin_pssword f In the Trust Certificte confirmtion dilog ox, click Yes. VMwre, Inc. 12

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 3 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_b/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 4 In vcenter Server in Region B, dd the mngement cluster in Region B to the Mgmt Universl Trnsport Zone. c d e In the Nvigtor, click Networking & Security. In the Nvigtor, click Instlltion. On the Instlltion pge, click the Logicl Network Preprtion t nd click Trnsport Zones. Select Mgmt Universl Trnsport Zone nd click the Connect Clusters icon. In the Connect Clusters dilog ox, select the mngement cluster in Region B nd click OK. 5 Repet the procedure for worklod domins tht you wnt to configure for disster recovery. VMwre, Inc. 13

Configure Dynmic Routing 3 Dynmic routing enles the dynmic discovery of the IP sunets configured on NSX virtul wires y the physicl network nd vice vers. 1 Configuresdfsd sfdsfdynmic routing for the mngement cluster in Region A. See Configure NSX Dynmic Routing in the Mngement Cluster in Region A in VMwre Vlidted Design for Softwre-Defined Dt Center. 2 Configure dynmic routing for the mngement cluster in Region B. See Configure NSX Dynmic Routing in the Mngement Cluster in Region B in VMwre Vlidted Design for Softwre-Defined Dt Center. 3 (Optionl) Configure dynmic routing for worklod domin in Region A. See Configure NSX Dynmic Routing in the Shred Edge nd Compute Cluster in Region A in VMwre Vlidted Design for Softwre-Defined Dt Center. 4 (Optionl) Configure dynmic routing for worklod domin in Region B. See Configure NSX Dynmic Routing in the Shred Edge nd Compute Cluster in Region B in VMwre Vlidted Design for Softwre-Defined Dt Center. VMwre, Inc. 14

Updte the NTP Sources on vrelize Opertions Mnger in Region A 4 Before you fil over vrelize Opertions Mnger etween regions, updte the NTP synchroniztion settings with n NTP server in ech region. 1 Log in to the mster node of vrelize Opertions Mnger y using Secure Shell (SSH) client in Region A. Open n SSH session to the vrops-mster.domin.locl virtul mchine. Log in using the following credentils. User nme Pssword Vlue root vrops_root_pssword 2 Open the /etc/ntp.conf file in edit mode. vi /etc/ntp.conf 3 Locte the ## CSA Section Strt # section of the file. 4 Under the server ip-ddress iurst prefer line, dd the following new line. server ip-ddress-ntp-server-regionb iurst prefer where ip-ddress-ntp-server-regionb is the IP ddress of the designted NTP server in Region B. 5 Sve the file.!wq 6 Restrt the NTP demon. service ntp restrt 7 Repet the procedure for the mster replic nd ll dt nodes. VMwre, Inc. 15

Plce the Virtul Mchines of Mngement Solution in Dedicted Folder 5 Virtul mchine folders provide logicl grouping of virtul mchines. You use plce the virtul mchines of vrelize Automtion nd of vrelize Opertions Mnger in own folder. You lter crete mpping etween these folders in Site Recovery Mnger s prt of the filover setup. This chpter includes the following topics: Move the Virtul Mchines of vrelize Automtion nd vrelize Opertions Mnger to Dedicted Folders in Region A Crete Virtul Mchine Folders for vrelize Automtion nd vrelize Opertions Mnger in Region B Move the Virtul Mchines of vrelize Automtion nd vrelize Opertions Mnger to Dedicted Folders in Region A Crete folders to group the virtul mchines of vrelize Automtion nd vrelize Opertions Mnger, nd move the virtul mchines there. You use the folders for esier configurtion of virtul mchine repliction. 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_a/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword VMwre, Inc. 16

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 2 Crete folders for ech of the vrelize Automtion nd vrelize Opertions Mnger virtul mchines. c In the Nvigtor, click VMs nd Templtes nd expnd the vcenter Server tree. Right-click the vrck-dtcenter dt center oject nd select New Folder > New VM nd Templte Folder. In the New Folder dilog ox, enter region-m01fd-vr s the folder nme nd click OK. where region is the sudomin of this Cloud Foundtion instnce, for exmple, sfo01. d Crete nother folder nmed region-m01fd-vrops. 3 Move the vrelize Automtion virtul mchines to the region-m01fd-vr folder. c In the Nvigtor, click VMs nd Templtes nd expnd the vcenter Server tree. Click the vcenter Server oject nd click the VMs t. Select ll vrelize Automtion virtul mchines nd drg them to the region-m01fd-vr folder. 4 Move the vrelize Opertions Mnger virtul mchines to the region-m01fd-vrops folder. c In the Nvigtor, click VMs nd Templtes nd expnd the vcenter Server tree. Click the vcenter Server oject nd click the VMs t. Select ll vrelize Opertions Mnger virtul mchines nd drg them to the region-m01fdvrops folder. Crete Virtul Mchine Folders for vrelize Automtion nd vrelize Opertions Mnger in Region B Crete folders to group the virtul mchines of vrelize Automtion nd vrelize Opertions Mnger, nd move the virtul mchines there. You use the folders in folder mpping when filover etween the regions occurs. 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_b/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword VMwre, Inc. 17

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 2 Crete folders for ech of the vrelize Automtion nd vrelize Opertions Mnger virtul mchines. c In the Nvigtor, click VMs nd Templtes nd expnd the vcenter Server tree. Right-click the vrck-dtcenter dt center oject nd select New Folder > New VM nd Templte Folder. In the New Folder dilog ox, enter region-m01fd-vr s the folder nme nd click OK. where region is the sudomin of this Cloud Foundtion instnce, for exmple, lx01. d Crete nother folder nmed region-m01fd-vrops. VMwre, Inc. 18

Instll Site Recovery Mnger 6 You deploy Site Recovery Mnger in ech region for filover of criticl pplictions from Region A to Region B in the cses of disster or plnned migrtion. 1 Instll Site Recovery Mnger in Region A. See Instll Site Recovery Mnger in Region A in VMwre Vlidted Design for Softwre-Defined Dt Center. 2 Instll Site Recovery Mnger in Region B. See Instll Site Recovery Mnger in Region B in VMwre Vlidted Design for Softwre-Defined Dt Center. 3 Configure site piring in Site Recovery Mnger. follow the procedures in the VMwre Vlidted Design: Configure the Site Recovery Mnger Instnces See Configure the Site Recovery Mnger Instnces in VMwre Vlidted Design for Softwre- Defined Dt Center. Note Becuse Cloud Foundtion instlls oth regions with the sme host nmes, the Pltform Services Controller instnces in the two regions cnnot e joined to your Active Directory domin. When you follow the procedures in VMwre Vlidted Design or Softwre-Defined Dt Center, replce the Active Directory service ccounts with locl vcenter Single Sign-On ccount such s dministrtor@vsphere.locl. 4 Repet this process for ny worklod domins tht you wnt to protect. Site Recovery Mnger hs one-to-one reltionship with vcenter Server. VMwre, Inc. 19

Deploy vsphere Repliction 7 You deploy nd configure vsphere Repliction to enle repliction of criticl virtul mchine dt from Region A to Region B for filover y using Site Recovery Mnger in the cses of disster or plnned migrtion. 1 Deploy vsphere Repliction in Region A. Perform the procedures in Deploy vsphere Repliction in Region A in VMwre Vlidted Design for Softwre-Defined Dt Center providing the following settings. Folder Resource Mngement network destintion Vlue Mngement VMs SDDC-Mngement-ResourcePool vrck-dportgroup-mgmt 2 Deploy vsphere Repliction in Region B. Perform the procedures in Deploy vsphere Repliction in Region B in VMwre Vlidted Design for Softwre-Defined Dt Center providing the following settings. Folder Resource Mngement network destintion Vlue Mngement VMs SDDC-Mngement-ResourcePool vrck-dportgroup-mgmt 3 Connect the vsphere Repliction instnces. Perform the procedures in Connect the vsphere Repliction Instnces in VMwre Vlidted Design for Softwre-Defined Dt Center. 4 (Optionl) Repet this process for worklod domins tht you wnt to protect. VMwre, Inc. 20

Prepre the Environment for 8 vsphere Repliction Trffic You replicte virtul mchine dt from the protected region to the recovery region y using vsphere Repliction. vsphere Repliction trffic must e route-le etween regions. Configure dt center networks nd VMkernel dpters on the mngement hosts to enle vsphere Repliction dt trnsfer etween regions. Prerequisites vsphere Repliction trffic must e route-le etween oth regions. Crete dt center network for routing vsphere Repliction trffic outside of the Cloud Foundtion instnce in oth regions. 1 Crete VMkernel Adpter for vsphere Repliction in Region A Crete VMkernel dpters to isolte the incoming repliction trffic on trget ESXi hosts nd connect the dpters to the dt center network tht is llocted for repliction trffic. 2 Crete VMkernel Adpter for vsphere Repliction in Region B Crete VMkernel dpters to isolte the incoming repliction trffic on trget ESXi hosts nd connect the dpters to the dt center network tht is llocted for repliction trffic. 3 Isolte the Network Trffic of vsphere Repliction vsphere Repliction consumes lot of ndwidth during initil repliction, nd when virtul mchines re dded or destroyed. To void network prolems in the dt center, isolte repliction trffic from other network trffic. Crete VMkernel Adpter for vsphere Repliction in Region A Crete VMkernel dpters to isolte the incoming repliction trffic on trget ESXi hosts nd connect the dpters to the dt center network tht is llocted for repliction trffic. VMwre, Inc. 21

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_a/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 2 Crete VMkernel dpter for vsphere Repliction on ech host. c d e f g h i Select Home > Hosts nd Clusters. Expnd the vcenter Server tree nd select mngement host in the vrck-cluster cluster. Click the Configure t nd under Networking select VMkernel dpters. Click the Add host networking icon. On the Select connection type pge of the Add Networking wizrd, select VMkernel Network Adpter nd click Next. On the Select Trget Device pge, click Browse next to Select n existing network, select the dt center network previously llocted for vsphere Repliction, click OK, nd click Next. On the Port Properties dilog ox, select the vsphere Repliction nd vsphere Repliction NFC check oxes, nd click Next. On the IPv4 setting pge, select Use sttic IPv4 settings, enter the IPv4 settings for routing of repliction trffic etween the regions, nd click Next. On the Redy to complete pge, verify the settings nd click Finish. 3 Configure the MTU on the vsphere Repliction VMkernel dpter. c On the VMkernel dpters pge, select the newly-creted VMkernel port nd click the Edit settings icon. In the Edit s dilog ox, click NIC settings. On the NIC settings pge, chnge the MTU to 9000 nd click OK. 4 Repet Step 2 nd Step 3 for ll hosts in the mngement cluster. 5 Repet the procedure for worklod domins tht you wnt to configure for disster recovery. Crete VMkernel Adpter for vsphere Repliction in Region B Crete VMkernel dpters to isolte the incoming repliction trffic on trget ESXi hosts nd connect the dpters to the dt center network tht is llocted for repliction trffic. VMwre, Inc. 22

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_b/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 2 Crete VMkernel dpter for vsphere Repliction on ech host. c d e f g h i Select Home > Hosts nd Clusters. Expnd the vcenter Server tree nd select mngement host in the vrck-cluster cluster. Click the Configure t nd under Networking select VMkernel dpters. Click the Add host networking icon. On the Select connection type pge of the Add Networking wizrd, select VMkernel Network Adpter nd click Next. On the Select Trget Device pge, click Browse next to Select n existing network, select the dt center network previously llocted for vsphere Repliction, click OK, nd click Next. On the Port Properties dilog ox, select the vsphere Repliction nd vsphere Repliction NFC check oxes, nd click Next. On the IPv4 setting pge, select Use sttic IPv4 settings, enter the IPv4 settings for routing of repliction trffic etween the regions, nd click Next. On the Redy to complete pge, verify the settings nd click Finish. 3 Configure the MTU on the vsphere Repliction VMkernel dpter. c On the VMkernel dpters pge, select the newly-creted VMkernel port nd click the Edit settings icon. In the Edit s dilog ox, click NIC settings. On the NIC settings pge, chnge the MTU to 9000 nd click OK. 4 Repet Step 2 nd Step 3 for ll hosts in the mngement cluster. 5 Repet the procedure for worklod domins tht you wnt to configure for disster recovery. Isolte the Network Trffic of vsphere Repliction vsphere Repliction consumes lot of ndwidth during initil repliction, nd when virtul mchines re dded or destroyed. To void network prolems in the dt center, isolte repliction trffic from other network trffic. VMwre, Inc. 23

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide Isolting the vsphere Repliction trffic lso enhnces network performnce in the dt center y reducing the impct of this trffic on other trffic types. You isolte the network trffic to the vsphere Repliction Server y dedicting VMkernel network dpter on ech mngement ESXi host tht sends dt to the vsphere Repliction Server nd using dedicted network dpter on the vsphere Repliction Server VM. u Perform Isolte the Network Trffic of vsphere Repliction in VMwre Vlidted Design for Softwre- Defined Dt Center. VMwre, Inc. 24

Migrte vrelize Automtion nd vrelize Opertions Mnger to the Cross-Region Appliction Virtul Network 9 To enle disster recovery nd worklod moility you must migrte the virtul mchines from the vrelize VLAN cked network to the Mgmt-xRegion01-VXLAN VXLAN cked network. 1 Crete the Cross-Region Appliction Virtul Network The cross-region ppliction virtul network is n NSX universl logicl switch tht is ville in oth regions. Its configurtion supports filover nd worklod migrtion while keeping the worklod IP ddresses the sme. 2 Power Оff the Virtul Mchines of vrelize Automtion nd vrelize Opertions Mnger Power off the vrelize Automtion nd vrelize Opertions virtul mchines to prepre them for migrtion to the cross-region ppliction virtul network. The virtul mchines must e powered off efore migrtion s IP connectivity to or from the ppliction virtul network is not ville t this stge. 3 Migrte vrelize Automtion nd vrelize Opertions Mnger to the Cross-Region Appliction Virtul Network Migrte the powered-off virtul mchines of vrelize Automtion nd vrelize Opertions Mnger from the vrelize port group tht is VLAN-cked to the cross-region ppliction virtul network tht is VXLAN-cked. 4 Shut Down nd Remove the vrelize VLAN from the Physicl Network Before you ring up the IP sunet for vrelize Automtion nd vrelize Opertions Mnger, remove the deprected vrelize VLAN from the physicl network. 5 Connect the Cross-Region Appliction Virtul Network to the Universl Distriuted Logicl Router Crete n internl interfce to the logicl switch on the universl distriuted logicl router. Internl interfces re generlly for Est-West trffic. 6 Power Оn the Virtul Mchines of vrelize Automtion nd vrelize Opertions Mnger Now tht IP connectivity hs een estlished to the vrelize Appliction Virtul Network you cn power on the virtul mchines. 7 Instll the vcfvrdrhelper script in Region A Instll the vcfvrdrhelper script on SDDC Mnger in Region A to updte the vrelize port group informtion in SDDC Mnger dtse in Region A. VMwre, Inc. 25

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 8 Configure the Environment After the Migrtion to the Cross-Region Network After migrting nd powering on the virtul mchines of vrelize Automtion nd vrelize Opertions Mnger, remove the vrelize port group, enle SSL pssthrough nd HTTP redirects for vrelize Opertions Mnger the vrelize edge device. Wht to do next Crete the Cross-Region Appliction Virtul Network The cross-region ppliction virtul network is n NSX universl logicl switch tht is ville in oth regions. Its configurtion supports filover nd worklod migrtion while keeping the worklod IP ddresses the sme. 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_a/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 2 In the Nvigtor, click Nvigtor. 3 In the Nvigtor, click Logicl Switches. 4 From the NSX Mnger drop-down menu, select the IP ddress of the Mngement NSX Mnger. 5 In the New Logicl Switch dilog ox, enter the following settings nd click OK. Nme Trnsport Zone Repliction Mode Vlue Mgmt-xRegion01-VXLAN Mgmt Universl Trnsport Zone Unicst 6 Repet the procedure for worklod domins tht you wnt to configure for disster recovery. Power Оff the Virtul Mchines of vrelize Automtion nd vrelize Opertions Mnger Power off the vrelize Automtion nd vrelize Opertions virtul mchines to prepre them for migrtion to the cross-region ppliction virtul network. The virtul mchines must e powered off efore migrtion s IP connectivity to or from the ppliction virtul network is not ville t this stge. VMwre, Inc. 26

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_a/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 2 In the Nvigtor, click VMs nd Templtes. 3 Select the region-m01fd-vrops folder nd click the VMs t. 4 Power off the vrelize Opertions Mnger virtul mchines in the following order. vrelize Opertions Mnger Dt Nodes vrelize Opertions Mnger Replic vrelize Opertions Mnger Mster 5 Select the region-m01fd-vr folder nd click the VMs t. 6 Power off the vrelize Automtion virtul mchines in the following order. vrelize Automtion Distriuted Execution Mnger (DEM) Workers vrelize Automtion DEM Orchestrtor vrelize Automtion Infrstructure Mnger Service vrelize Automtion Infrstructure We Servers vrelize Automtion Applinces Microsoft SQL Server Migrte vrelize Automtion nd vrelize Opertions Mnger to the Cross-Region Appliction Virtul Network Migrte the powered-off virtul mchines of vrelize Automtion nd vrelize Opertions Mnger from the vrelize port group tht is VLAN-cked to the cross-region ppliction virtul network tht is VXLAN-cked. VMwre, Inc. 27

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_a/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 2 In the Nvigtor, clicknetworking. 3 Expnd the Mngement vcenter Servers tree. 4 Right-click the vrck-dswitch distriuted switch nd select Migrte VMs to Another Network. 5 On the Select source nd destintion networks pge of the Migrte VMs to Another Network wizrd, configure the following networks nd click Next. Under Source network, click Browse for the Specific network, select the vrck-dportgroupvrelize port group nd click OK Next to Destintion Network, click Browse, select the port group tht ends with MgmtxRegion01-VXLAN nd click OK. This port group represents the cross-region ppliction virtul network. 6 On the Select VMs to Migrte pge, select ll virtul mchines, except vrelize-edge-0 nd vrelize-edge-1 virtul mchines, nd click Next. 7 On the Redy to complete pge, verify the chnges nd click Finish. Shut Down nd Remove the vrelize VLAN from the Physicl Network Before you ring up the IP sunet for vrelize Automtion nd vrelize Opertions Mnger, remove the deprected vrelize VLAN from the physicl network. You remove the vrelize VLAN from the physicl network ccording to the physicl network topology nd vendors used. As result, you must perform procedure ccording your network setup. Consider the following high-level process: Log in to the switch tht contins the SVI (defult gtewy) for the vrelize VLAN nd delete the SVI nd VLAN. Delete the VLAN from ll switches in the environment. Delete the VLAN from the trunk ports on the ESXi hosts. VMwre, Inc. 28

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide Connect the Cross-Region Appliction Virtul Network to the Universl Distriuted Logicl Router Crete n internl interfce to the logicl switch on the universl distriuted logicl router. Internl interfces re generlly for Est-West trffic. 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_a/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 2 In the Nvigtor, click Networking & Security. 3 In the Nvigtor, click NSX Edges nd select the IP ddress of the mngement NSX Mnger from the NSX Mnger drop-down ox. 4 Doule-click the universl distriuted logicl router to open its settings. 5 On the Mnge t, click the s t nd select Interfces. 6 Click the Add icon, in the Add Logicl Router Interfce dilog ox, enter the following vlues, nd click OK. Nme Type Connected To Primry IP Address / Sunet Prefix Lengh Vlue Mgmt-xRegion01-VXLAN Internl Mgmt-xRegion01-VXLAN IP ddress nd sunet prefix lengh from deleted vrelize SVI MTU 9000 Power Оn the Virtul Mchines of vrelize Automtion nd vrelize Opertions Mnger Now tht IP connectivity hs een estlished to the vrelize Appliction Virtul Network you cn power on the virtul mchines. Prerequisites If the Microsoft SQL Server ws not on the vrelize VLAN it must e rought up first nd hve its IP chnged. After chnging the SQL servers IP ddress verify the updted IP ddress is resolvle vi DNS. VMwre, Inc. 29

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_a/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 2 In the Nvigtor, click VMs nd Templtes. 3 Select the region-m01fd-vrops folder nd click the VMs t. 4 Power on the vrelize Opertions Mnger virtul mchines in the following order. vrelize Opertions Mnger Mster vrelize Opertions Mnger Replic vrelize Opertions Mnger Dt Nodes 5 Select the region-m01fd-vr folder nd click the VMs t. 6 Power on the vrelize Automtion virtul mchines in the following order. Microsoft SQL Server vrelize Automtion Applinces vrelize Automtion Infrstructure We Servers vrelize Automtion Infrstructure Mnger Service DEM Orchestrtors nd DEM workers vrelize Automtion Distriuted Execution Mngers Instll the vcfvrdrhelper script in Region A Instll the vcfvrdrhelper script on SDDC Mnger in Region A to updte the vrelize port group informtion in SDDC Mnger dtse in Region A. Becuse the port group for the vrelize is different s result from configuring the environment for disster recovery, this vlue must e updted in the SDDC Mnger dtse so tht future vrelize deployments re in the correct port group. u Perform the steps in VMwre Knowledge Bse rticle 59203 to updte the vrelize port group nd enle DNS record repliction from SDDC Mnger in Region A to SDDC Mnger in Region B. VMwre, Inc. 30

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide Configure the Environment After the Migrtion to the Cross-Region Network After migrting nd powering on the virtul mchines of vrelize Automtion nd vrelize Opertions Mnger, remove the vrelize port group, enle SSL pssthrough nd HTTP redirects for vrelize Opertions Mnger the vrelize edge device. 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_a/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 2 Delete the vrelize port group from the vsphere Distriuted Switch. c In the Nvigtor, click Networking. Expnd the Mngement vcenter Server tree. Right-click the vrck-dportgroup-vrelize port group of the vrck-dswitch switch nd select Delete nd confirm. 3 Enle SSL Pssthrough on the VROPS_HTTPS Appliction Profile on the vrelize-edge. c d e f In the Nvigtor, click Networking & Security. Click NSX Edges nd select the IP ddress of the Mngement Mnger from the NSX Mnger drop-down ox. Doule-click vrelize-edge to open its settings. On the Mnge t, click the Lod Blncer t. Select Appliction Profiles, select VROPS_HTTPS, nd click the Edit icon. In the Edit Profile dilog ox, deselect the Configure Service Certificte, select the Enle SSL Pssthrough check ox, nd click OK. 4 Reconfigure for HTTP on the VROPS_REDIRECT Appliction Profile on the vrelize-edge. On the Lod Blncer pge for the vrelize-edge, select Appliction Profiles, select VROPS_REDIRECT, nd click the Edit icon. In the Edit Profile dilog ox, select HTTP from the Type drop-down menu, nd click OK. VMwre, Inc. 31

Crete the NSX Lod Blncer for vrelize Automtion nd vrelize Opertions Mnger in Region B 10 The NSX lod lncer used for vrelize virtul mchines cn not e filed over, s such one must e configured in Region B to support the lod lncing requirements of these pplictions. 1 Deploy the NSX Edge for Lod Blncing vrelize Automtion nd vrelize Opertions Mnger in Region B Deploy lod lncer for use y mngement pplictions connected to the ppliction virtul network Mgmt-xRegion01-VXLAN fter their filover to Region B. 2 Disle the Interfce on the vrelize NSX Edge Lod Blncer in Region B Becuse the lod lncers in Region A nd Region B hve the sme IP ddresses, the lod lncer in Region B must hve its interfce disconnected until disster recovery event occurs. 3 Configure the NSX Lod Blncer for vrelize Automtion nd vrelize Opertions Mnger in Region B Configure the NSX Edge to perform lod lncing for vrelize Automtion nd vrelize Opertions Mnger when those pplictions re running in Region B. Deploy the NSX Edge for Lod Blncing vrelize Automtion nd vrelize Opertions Mnger in Region B Deploy lod lncer for use y mngement pplictions connected to the ppliction virtul network Mgmt-xRegion01-VXLAN fter their filover to Region B. 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_b/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword VMwre, Inc. 32

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 2 In the Nvigtor, click Networking & Security. 3 Click NSX Edges nd select the IP ddress of the mngement NSX Mnger from the NSX Mnger drop-down ox. 4 Click the Add icon to crete new NSX Edge. 5 On the Nme nd Description pge, enter the following settings, nd click Next. Instll Type Nme Deploy NSX Edge Enle High Avilility Vlue Edge Services Gtewy vrelize-edge Selected Selected 6 On the s pge, enter the following settings, nd click Next. User Nme Pssword Enle SSH ccess Enle FIPS mode Enle uto rule genertion Edge Control Level logging Vlue dmin edge_dmin_pssword Selected Deselected Selected INFO 7 On the Configure Deployment pge, perform the following configurtion steps, nd click Next. c Select vrck-dtcenter from the Dtcenter drop-down menu. Select the Lrge rdio utton to specify the Applince Size. Click the Add icon, enter the following settings, nd click OK. Perform twice to dd two NSX Edge pplinces with the sme settings. Resource pool Dtstore Folder Resource Reservtion Vlue Network-ResourcePool vsndtstore Networking VMs System Mnged 8 On the Configure Interfces pge, click the Add icon to configure the interfce, enter the following settings, click OK, nd click Next. Nme Type Vlue mgmt-vnic-vrelize-edge Internl VMwre, Inc. 33

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide Connected To Connectivity Sttus Primry IP Address Secondry IP Addresses Sunet Prefix Length Vlue Mgmt-xRegion01-VXLAN Connected Sme s vrelize-edge in Region A Sme s vrelize-edge in Region A Sme s vrelize-edge in Region A MTU 9000 Send ICMP Redirect Selected 9 On the Configure Defult Gtewy pge, enter the defult gtewy for the vrelize network nd enter 9000 for the MTU nd click Next. 10 On the Firewll nd HA pge, select the following settings nd click Next. Configure Firewll defult policy Defult Trffic Policy Logging vnic Vlue Selected Accept Disle ny Declre Ded Time 15 11 On the Redy to Complete pge, review the configurtion settings you entered nd click Finish. 12 Enle HA logging. c d On the NSX Edges pge, doule-click vrelize-edge to open its settings. Click the Mnge t nd click the s t. Click Chnge in the HA Configurtion pge. Select the Enle Logging check ox nd click OK. Disle the Interfce on the vrelize NSX Edge Lod Blncer in Region B Becuse the lod lncers in Region A nd Region B hve the sme IP ddresses, the lod lncer in Region B must hve its interfce disconnected until disster recovery event occurs. VMwre, Inc. 34

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_b/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 2 In the Nvigtor, click Networking & Security. 3 Click NSX Edges nd select the IP ddress of the Mngement NSX Mnger from the NSX Mnger drop-down ox. 4 Doule-click vrelize-edge. 5 Click the Mnge t nd click the s t. 6 Click Interfces, select the mgmt-vnic-vrelize-edge vnic, nd click Edit. 7 In the Edit NSX Edge Interfce dilog ox, set Connectivity Sttus to Disconnected nd click OK. Configure the NSX Lod Blncer for vrelize Automtion nd vrelize Opertions Mnger in Region B Configure the NSX Edge to perform lod lncing for vrelize Automtion nd vrelize Opertions Mnger when those pplictions re running in Region B. 1 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_b/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 2 Get the edge-id for the vrelize-edge lod lncer. c In Nvigtor, click Networking & Security. Click NSX Edges nd select the IP ddress of the Mngement NSX Mnger from the NSX Mnger drop-down ox. Write down the ID listed in the Id field for the vrelize-edge. VMwre, Inc. 35

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 3 Use REST client to retrieve the lod lncer configurtion from the vrelize-edge lod lncer in Region A. Using REST client, send GET https://region-a-nsx-mnger/pi/4.0/edges/edgeid/lodlncer/config. Where Region-A-NSX-Mnger is the IP ddress of the Mngement NSX Mnger in Region A nd edge-id is the ID tht you hve written down. For exmple, the output could e s follows: <?xml version="1.0" encoding="utf-8"?> <lodblncer> <version>55</version> <enled>true</enled> <enleserviceinsertion>flse</enleserviceinsertion> <ccelertionenled>true</ccelertionenled> <virtulserver> <virtulserverid>virtulserver-4</virtulserverid> <nme>vs_is-mnger_443</nme> <enled>true</enled> <ipaddress>20.1.8.10</ipaddress> <protocol>https</protocol> <port>443</port> <connectionlimit>0</connectionlimit> <defultpoolid>pool-4</defultpoolid> <pplictionprofileid>pplictionprofile-4</pplictionprofileid> <enleserviceinsertion>flse</enleserviceinsertion> <ccelertionenled>flse</ccelertionenled> </virtulserver> <virtulserver> <virtulserverid>virtulserver-5</virtulserverid> <nme>vs_is-we_443</nme> <enled>true</enled> <ipaddress>20.1.8.12</ipaddress> <protocol>https</protocol> <port>443</port> <connectionlimit>0</connectionlimit> <defultpoolid>pool-5</defultpoolid> <pplictionprofileid>pplictionprofile-5</pplictionprofileid> <enleserviceinsertion>flse</enleserviceinsertion> <ccelertionenled>flse</ccelertionenled> </virtulserver> <virtulserver> <virtulserverid>virtulserver-6</virtulserverid> <nme>vs_vr-v-we_443</nme> <enled>true</enled> <ipaddress>20.1.8.11</ipaddress> <protocol>https</protocol> <port>443</port> <connectionlimit>0</connectionlimit> <defultpoolid>pool-6</defultpoolid> <pplictionprofileid>pplictionprofile-6</pplictionprofileid> <enleserviceinsertion>flse</enleserviceinsertion> <ccelertionenled>flse</ccelertionenled> VMwre, Inc. 36

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide </virtulserver> <virtulserver> <virtulserverid>virtulserver-7</virtulserverid> <nme>vrops_virtual_server</nme> <enled>true</enled> <ipaddress>20.1.8.13</ipaddress> <protocol>https</protocol> <port>443</port> <connectionlimit>0</connectionlimit> <defultpoolid>pool-7</defultpoolid> <pplictionprofileid>pplictionprofile-7</pplictionprofileid> <enleserviceinsertion>flse</enleserviceinsertion> <ccelertionenled>flse</ccelertionenled> </virtulserver> <virtulserver> <virtulserverid>virtulserver-8</virtulserverid> <nme>vrops_redirect</nme> <enled>true</enled> <ipaddress>20.1.8.13</ipaddress> <protocol>http</protocol> <port>80</port> <connectionlimit>0</connectionlimit> <pplictionprofileid>pplictionprofile-8</pplictionprofileid> <enleserviceinsertion>flse</enleserviceinsertion> <ccelertionenled>flse</ccelertionenled> </virtulserver> <pool> <poolid>pool-4</poolid> <nme>pool_is-mnger_443</nme> <lgorithm>round-roin</lgorithm> <trnsprent>flse</trnsprent> <monitorid>monitor-7</monitorid> <memer> <memerid>memer-13</memerid> <ipaddress>20.1.8.6</ipaddress> <weight>1</weight> <monitorport>443</monitorport> <port>443</port> <mxconn>0</mxconn> <minconn>0</minconn> <condition>enled</condition> <nme>is_mn1</nme> </memer> <memer> <memerid>memer-14</memerid> <ipaddress>20.1.8.7</ipaddress> <weight>1</weight> <monitorport>443</monitorport> <port>443</port> <mxconn>0</mxconn> <minconn>0</minconn> <condition>disled</condition> <nme>is_mn2</nme> </memer> </pool> VMwre, Inc. 37

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide <pool> <poolid>pool-5</poolid> <nme>pool_is-we_443</nme> <lgorithm>round-roin</lgorithm> <trnsprent>flse</trnsprent> <monitorid>monitor-8</monitorid> <memer> <memerid>memer-15</memerid> <ipaddress>20.1.8.4</ipaddress> <weight>1</weight> <monitorport>443</monitorport> <port>443</port> <mxconn>0</mxconn> <minconn>0</minconn> <condition>enled</condition> <nme>is_we1</nme> </memer> <memer> <memerid>memer-16</memerid> <ipaddress>20.1.8.5</ipaddress> <weight>1</weight> <monitorport>443</monitorport> <port>443</port> <mxconn>0</mxconn> <minconn>0</minconn> <condition>enled</condition> <nme>is_we2</nme> </memer> </pool> <pool> <poolid>pool-6</poolid> <nme>pool_vr-v-we_443</nme> <lgorithm>round-roin</lgorithm> <trnsprent>flse</trnsprent> <monitorid>monitor-9</monitorid> <memer> <memerid>memer-17</memerid> <ipaddress>20.1.8.2</ipaddress> <weight>1</weight> <monitorport>443</monitorport> <port>443</port> <mxconn>0</mxconn> <minconn>0</minconn> <condition>enled</condition> <nme>vra_va1</nme> </memer> <memer> <memerid>memer-18</memerid> <ipaddress>20.1.8.3</ipaddress> <weight>1</weight> <monitorport>443</monitorport> <port>443</port> <mxconn>0</mxconn> <minconn>0</minconn> <condition>enled</condition> VMwre, Inc. 38

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide <nme>vra_va2</nme> </memer> </pool> <pool> <poolid>pool-7</poolid> <nme>vrops_pool</nme> <lgorithm>lestconn</lgorithm> <trnsprent>flse</trnsprent> <monitorid>monitor-10</monitorid> <memer> <memerid>memer-38</memerid> <ipaddress>20.1.8.17</ipaddress> <weight>1</weight> <monitorport>443</monitorport> <port>443</port> <mxconn>0</mxconn> <minconn>0</minconn> <condition>enled</condition> <nme>vrops-dt-node-2</nme> </memer> <memer> <memerid>memer-39</memerid> <ipaddress>20.1.8.16</ipaddress> <weight>1</weight> <monitorport>443</monitorport> <port>443</port> <mxconn>0</mxconn> <minconn>0</minconn> <condition>enled</condition> <nme>vrops-dt-node-1</nme> </memer> <memer> <memerid>memer-40</memerid> <ipaddress>20.1.8.15</ipaddress> <weight>1</weight> <monitorport>443</monitorport> <port>443</port> <mxconn>0</mxconn> <minconn>0</minconn> <condition>enled</condition> <nme>vrops-replic</nme> </memer> <memer> <memerid>memer-41</memerid> <ipaddress>20.1.8.14</ipaddress> <weight>1</weight> <monitorport>443</monitorport> <port>443</port> <mxconn>0</mxconn> <minconn>0</minconn> <condition>enled</condition> <nme>vrops-mster</nme> </memer> </pool> <pplictionprofile> VMwre, Inc. 39

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide <pplictionprofileid>pplictionprofile-4</pplictionprofileid> <nme>is Mnger</nme> <insertxforwrdedfor>flse</insertxforwrdedfor> <sslpssthrough>true</sslpssthrough> <templte>https</templte> <serversslenled>flse</serversslenled> </pplictionprofile> <pplictionprofile> <pplictionprofileid>pplictionprofile-5</pplictionprofileid> <persistence> <method>sourceip</method> <expire>1800</expire> </persistence> <nme>is We</nme> <insertxforwrdedfor>flse</insertxforwrdedfor> <sslpssthrough>true</sslpssthrough> <templte>https</templte> <serversslenled>flse</serversslenled> </pplictionprofile> <pplictionprofile> <pplictionprofileid>pplictionprofile-6</pplictionprofileid> <persistence> <method>sourceip</method> <expire>1800</expire> </persistence> <nme>vrelize Automtion VA We</nme> <insertxforwrdedfor>flse</insertxforwrdedfor> <sslpssthrough>true</sslpssthrough> <templte>https</templte> <serversslenled>flse</serversslenled> </pplictionprofile> <pplictionprofile> <pplictionprofileid>pplictionprofile-8</pplictionprofileid> <persistence> <method>sourceip</method> <expire>1800</expire> </persistence> <nme>vrops_redirect</nme> <insertxforwrdedfor>flse</insertxforwrdedfor> <sslpssthrough>flse</sslpssthrough> <templte>https</templte> <serversslenled>flse</serversslenled> <httpredirect> <to>https://vrops-cluster.sfo01.vmw.corp/vcops-we-ent/login.ction</to> </httpredirect> </pplictionprofile> <pplictionprofile> <pplictionprofileid>pplictionprofile-7</pplictionprofileid> <persistence> <method>sourceip</method> <expire>1800</expire> </persistence> <nme>vrops_https</nme> <insertxforwrdedfor>flse</insertxforwrdedfor> <sslpssthrough>true</sslpssthrough> VMwre, Inc. 40

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide <templte>https</templte> <serversslenled>flse</serversslenled> </pplictionprofile> <monitor> <monitorid>monitor-1</monitorid> <type>tcp</type> <intervl>5</intervl> <timeout>15</timeout> <mxretries>3</mxretries> <nme>defult_tcp_monitor</nme> </monitor> <monitor> <monitorid>monitor-2</monitorid> <type>http</type> <intervl>5</intervl> <timeout>15</timeout> <mxretries>3</mxretries> <method>get</method> <url>/</url> <nme>defult_http_monitor</nme> </monitor> <monitor> <monitorid>monitor-3</monitorid> <type>https</type> <intervl>5</intervl> <timeout>15</timeout> <mxretries>3</mxretries> <method>get</method> <url>/</url> <nme>defult_https_monitor</nme> </monitor> <monitor> <monitorid>monitor-7</monitorid> <type>https</type> <intervl>3</intervl> <timeout>10</timeout> <mxretries>3</mxretries> <method>get</method> <url>/vmpsprovision</url> <nme>is Mnger</nme> <receive>provisionservice</receive> </monitor> <monitor> <monitorid>monitor-8</monitorid> <type>https</type> <intervl>3</intervl> <timeout>10</timeout> <mxretries>3</mxretries> <method>get</method> <url>/wpi/pi/sttus/we</url> <nme>is We</nme> <receive>registered</receive> </monitor> <monitor> <monitorid>monitor-9</monitorid> VMwre, Inc. 41

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide <type>https</type> <intervl>3</intervl> <timeout>10</timeout> <mxretries>3</mxretries> <method>get</method> <url>/vcc/services/pi/helth</url> <expected>204</expected> <nme>vrelize Automtion VA We</nme> </monitor> <monitor> <monitorid>monitor-10</monitorid> <type>https</type> <intervl>3</intervl> <timeout>5</timeout> <mxretries>2</mxretries> <method>get</method> <url>/suite-pi/pi/deployment/node/sttus</url> <nme>vrops_monitor</nme> <receive>online</receive> </monitor> <logging> <enle>true</enle> <loglevel>info</loglevel> </logging> </lodblncer> 4 Sve the output to file. Edit the file nd remove the line tht egins with <version>. For exmple, <version>55</version> from Step 3. Sve the file. 5 Log in to Mngement vcenter Server y using the vsphere We Client. Open We rowser nd go to https://vcenter_server_ddress_region_b/vsphere-client. Log in using the following credentils. User nme Pssword Vlue dministrtor@vsphere.locl vsphere_dmin_pssword 6 Get the edge-id for the vrelize-edge lod lncer in Region B. c In Nvigtor, click Networking & Security. Click NSX Edges nd select the IP ddress of the Mngement NSX Mnger from the NSX Mnger drop-down ox. Write down the ID listed in the Id field for the vrelize-edge. VMwre, Inc. 42

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide 7 Use REST client to configure the vrelize Edge lod lncer in Region B. Send PUT https://region-b-nsx-mnger/pi/4.0/edges/edgeid/lodlncer/config request. Where Region-B-NSX-Mnger is the IP ddress of the Mngement NSX Mnger in Region B nd edge-id is the ID from Step 6. Pste the response from Step 4 in to the ody of the PUT request. You receive sttus code of 204 No Conent s confirmtion the commnd ws successful. 8 Enle the DNS resolver on the vrelize-edge. c d Bck in the vsphere We Client in Region B, doule-click on vrelize-edge. On the Mnge t, click the s t, select Configurtion nd click Chnge. In the DNS Configurtion dilog ox, select the Enle DNS Service check ox. Enter the IP ddress of SDDC Mnger for DNS Server 1 nd DNS Server 2, nd click OK. VMwre, Inc. 43

Fil Over nd Fil Bck the SDDC Mngement Applictions 11 After you set up twо Cloud Foundtion instnces for disster recovery, you cn fil over vrelize Automtion, vrelize Opertions Mnger, nd worklod domin virtul mchines protected y vsphere Repliction nd Site Recovery Mnger. Perform the instructions in the VMwre Vlidted Design Site Protection nd Recovery documenttion ccording to the setup of your Cloud Foundtion environment. 1 Configure Filover of Mngement Applictions 2 Test the Filover of Mngement Applictions 3 Perform Plnned Migrtion of Mngement Applictions 4 Perform Disster Recovery of Mngement Applictions 5 Post-Filover Configurtion of Mngement Applictions 6 Filck of the SDDC Mngement Applictions 7 Reprotect of the SDDC Mngement Applictions VMwre, Inc. 44

Upgrde NSX in Cross-Site 12 Configurtion This section explins how upgrde NSX components when they re mnully configured in cross-site deployment. Perform the steps in the order in which they re documented on ech worklod domin in your Cloud Foundtion environment. 1 Upgrde Primry NSX Mnger Upgrde NSX Mnger on the primry site. 2 Upgrde Secondry NSX Mnger Upgrde NSX Mnger on the secondry site. 3 Upgrde NSX Components on Primry Site After the secondry NSX Mnger is upgrded, upgrde the remining NSX stck on the primry site. 4 Upgrde NSX Components on Secondry Site After the complete NSX stck is upgrded on the primry site, upgrde the remining NSX stck on the secondry site. Upgrde Primry NSX Mnger Upgrde NSX Mnger on the primry site. 1 Downlod the pproprite instll undle. For more informtion, see Downlod LCM Bundles in the VMwre Cloud Foundtion Opertions nd Administrtion Guide. 2 Upgrde NSX Mnger. For more informtion, see Updte Worklod Domin in the VMwre Cloud Foundtion Opertions nd Administrtion Guide. The upgrde fils during the controller upgrde. Here is smple screenshot of wht you my see. VMwre, Inc. 45

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide Figure 12 1. Smple Screenshot of Filed Upgrde on Primry Site 3 Leve the upgrde on the primry site s is nd proceed to the next step. Upgrde Secondry NSX Mnger Upgrde NSX Mnger on the secondry site. 1 Downlod the pproprite instll undle. For more informtion, see Downlod LCM Bundles in the VMwre Cloud Foundtion Opertions nd Administrtion Guide. 2 SSH in to the SDDC Mnger VM with the vcf user nme nd pssword specified in the Deployment Prmeter sheet. 3 Run the following commnd. curl -k https://127.0.0.1/lcm/upgrdes -u 'user_nme:pssword' -X POST -d '{"undletype":"vmware_software", "undleid":"undle-id to e scheduled for updte","scheduledtime":time when updte should strt>,"expectedendtime": 0,"slType":"SLOW", "vcenterids":["vcenter-id for the vc where the updte needs to e scheduled"]} ' -H 'Content-Type:ppliction/json' 4 Check the upgrde sttus on the Ptches/Updte t of the worklod domin on the SDDC Mnger Dshord. NSX Mnger is upgrded. Though the NSX controllers pper to e upgrded, they re skipped since there re no controllers present on the secondry site. The upgrde fils t stge NSX upgrde stge hostprep upgrde. VMwre, Inc. 46

VMwre Cloud Foundtion Site Protection nd Disster Recovery Guide Figure 12 2. Smple Screenshot of Filed Upgrde on Secondry Site 5 Leve the upgrde on the secondry site s is nd proceed to the next step. Upgrde NSX Components on Primry Site After the secondry NSX Mnger is upgrded, upgrde the remining NSX stck on the primry site. u On the Updtes/Ptches t of the worklod domin pge on the primry site, pply the undle or schedule it for n pproprite dte nd time. For more informtion, see Updte Worklod Domin in the VMwre Cloud Foundtion Opertions nd Administrtion Guide. Upgrde NSX Components on Secondry Site After the complete NSX stck is upgrded on the primry site, upgrde the remining NSX stck on the secondry site. VMwre, Inc. 47

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback