AvailabilityGuard v7.0 Deployment Brief 5-day Deployment Plan Overview June, 2015 1
2 Agenda Brief Technology Overview Deployment Architecture and Process Deployment Requirements Overview Q&A 2
Architecting IT to mitigate risks IT s greatest nightmares: Critical data loss Unplanned (and prolonged) downtime Standard solution architecture: Implement HA: local redundancy (tier-1 storage, SAN multipathing, clustering, Virtualization/HA) Setup DR: geographical redundancy (replication, geoclustering, SRM, manual fail-over) 3
Best-Practice Alignment & Configuration Drift App Server Database Software Clustering OS Hypervisor & Private-Cloud Services Compute Hardware SAN Storage & Storage Services Thousands of Vendor Best Practices practically impossible to follow Configuration of standby systems gets out of sync Constant configuration changes in all layers of production environment Some changes violate vendor best practices Downtime & Data Loss Risks Changes manually applied to HA and DR systems (not tested live) Some changes slip through the cracks Downtime & Data Loss Risks 4
Exposure Exposure Transforming risk management Configuration gaps between Prod/HA/DR Test / Audit Test / Audit Today Time Configuration gaps With AvailabilityGuard Time 5
The only solution AvailabilityGuard Automatic daily verification of Production, HA & DR systems Validates Compliance with Vendor Best Practices Validates that HA systems are always fail-over ready Validates that Production and DR are always in sync Clear visibility into RPO, RTO and other DR metrics (actual vs. planned) AvailabilityGuard helps make IT work ALL THE TIME 6
AvailabilityGuard solution overview Complete Production/HA/DR Scanning Daily, Non-Intrusive, Agentless data collection Servers (physical/virtual), Databases, Storage Automatic Production/HA/DR Documentation Automated, accurate, up-to-date Discovers relationships between production and recovery systems Risk Detection and Gap Analysis Knowledge base of over 5,000 known risks Risk tracking and measurement, actionable trouble tickets & reports Complete & Effective HA/DR All the Time 7
AvailabilityGuard Gap Knowledgebase Data Protection Availability Management Replication Data completeness Data consistency Process failures Data protection SLA RPO management Data retention Performance Location Insure protection of critical assets SAN best practices I/O multi-pathing best practices SAN security / tampering prevention Optimization Reclaimable storage Optimize replication Optimize I/O Optimize performance SAN best practices Virtualization Storage allocation Dependency mapping Database best practices Data corruption Performance DB vendor recommendations Joint DB / storage vendor recommendations DR Data access Correct access to shared storage (HA) and replicas (DR) Redundancy and performance Host configuration OS version / SPs / patches Installed products / versions Kernel parameters Network services Virtualization best practices HA & DR Vendor best practices Clustering best practices Consistent configuration across cluster nodes Vendor best practices Local / geo clustering App Server Load balancing Deployment best practices Redundancy RAID level SAN Multi-pathing Network NIC / teaming DNS, LDAP, AD DB file configuration 8
Agenda Brief Technology Overview Deployment Architecture and Process Deployment Requirements Overview Q&A 18
Deployment architecture overview IE6+ WIN 2008 R2 AG Software Oracle DB Storage arrays CLI proxy(ies) (Symmetrix / CLARiiON / VNX / DS / XIV / 3PAR) SSH (V7000 / SVC / DataDomain / Isilon / RecoverPoint) HTTP (HDS / HP XP / VPLEX) ZAPI (NetApp Filer) AG collectors (optional) Servers (physical or virtual) AIX VIO: HMC CLI VMware: vcenter API UNIX: OS Commands Virtualization DB2 Databases Querying meta-data tables/ views All executed commands are strictly read-only 19
Project timeline (basic deployment) kickoff Implementation Implementation Project completion Executive completion (handover) Presentation Preparation Deployment Review / Training Summary Report The customer Continuity Continuity + The Customer Continuity Few Hours (per admin) Target Systems List Deployment Worksheet AG Server Storage proxy(ies) UNIX accounts sudo / pbrun / etc. Windows accounts Database accounts Firewall adjustments Change controls 1-3 Days Day 1: AG Installation Day 1-3: AG Scan Configuration Day 1-3: Full Scan Day 1-3: Review Scan Day 1-3: Administration and Configuration training 2 days 1 Week AG System overview sessions w/ relevant personnel AG UI review Tickets Review Capture information Deployment summary report Ticket details Summary presentation 21
Agenda Brief Technology Overview AvailabilityGuard Deployment Overview Deployment Requirements Overview Q&A 23
24 The AvailabilityGuard server # of scanned hosts < 100 2 Intel / AMD (4 recommended) CPU / Cores RAM Free Disk Space OS Type 8 GB 80 GB Windows 2008 R2 64-bit 100 500 2 Intel / AMD (4 recommended) 16 GB 100 GB Windows 2008 R2 64-bit 500 1000 4 Intel / AMD 32 GB 120 GB Windows 2008 R2 64-bit > 1000 Specific sizing required Windows 2008 R2 64-bit Can be VM with reserved resources Local administrator rights required (domain user preferred, but not mandatory) Oracle 11g standard / enterprise edition installed locally /w AG (license not included with AG) Domain member preferred English Edition of Windows, latest Windows update is recommended 24
Scanning Storage Systems Type Requirements Connection EMC Symmetrix Name of Unix server(s) w/ SYMCLI + user account Sudo for several read-only commands SSH / 22 EMC VPLEX Name/IP of VPLEX management server(s) + user account HTTPS / 443 EMC CLARiiON EMC RecoverPoint EMC Isilon (NAS) Name of server(s) w/ NAVICLI + user account Individual IP, username and password per array Name/IP of one RPA per RecoverPoint installation User account with view permissions (the predefined monitor user can be used) Name/IP of each Isilon System A user account with permission to run read-only isi commands SSH / 22 SSH / 22 SSH / 22 HDS / HP XP HDS - Name of HiCommand / CommandView server(s) + user with View only rights HP XP - Name of CommandView / HiCommand server(s) + user with View only rights HTTP / 2001 HP 3PAR Name/IP + user with Read only rights SSH / 22 NetApp Two data collection methods are available: #1: File name/ip + user account* with read-only privileges required for each filer #2: User account* with read-only privileges required for DFM * can be AD account Note - continued in the next slide HTTP / 80 HTTPS / 443 27
Scanning Storage Systems (continued) Type Requirements Connection IBM DS 6 / 8K Name of server(s) w/ DSCLI + user account Individual IP, username and password per array SSH / 22 IBM SVC / V7000 Name/IP of SVC arrays + read-only user account SSH / 22 IBM XIV Name of server(s) w/ XCLI + user account Individual IP, username and password per array IBM DS 4 / 5K Name of server(s) w/ SMCLI + user account Only if not defined in the SMCLI config - Individual IP, user and password per array SSH / 22 SSH / 22 28
Scanning Servers (OS) Type Requirements Connection All OS Existence of one or more of: EMC - inq, syminq, PowerPath HDS/HP XP HDLM (Unix/Linux), inqraid NetApp - snapdrive, sanlun (Unix/Linux), dsmcli (Windows) IBM DS - datapath, pcmpath XIV - HAK CLI UNIX / Linux Non-privileged local/domain user account sudo or similar / root privileges required for a small number of read-only commands SSH (22) Windows Non-privileged domain user Local administrator rights on each scanned host (used for read-only WMI queries and read-only commands) WMI (All TCP, UDP 135-9) WinRM (80/5985 and 445) Server list can be imported from EMC Control Center, HiCommand, vsphere, HMC, Excel, etc. 30
Scanning Virtualization Platforms Type Requirements Connection VMware Name/IP of vcenter servers + Windows user account with the Read-Only role Access to ESX servers is NOT required Virtual machines - See requirements for standard Linux / Windows SOAP / 443 AIX VIO Name/IP of HMC servers + read-only user account User account with read-only privileges for VIO and LPARS Either a restricted user (rksh) or a regular user SSH / 22 Solaris Zones See requirements for standard UNIX Global and private zones should be scanned SSH / 22 HP npar / vpar See requirements for standard UNIX SSH / 22 Solaris LDOM See requirements for standard UNIX SSH / 22 31
32 Scanning Databases Type Requirements Connection ALL Authenticating and connecting directly to the instance via JDBC User should be granted limited read-only privileges for meta-data tables and views Databases, virtual IPs and ports are automatically discovered during host scan Oracle Two data collection methods are available: #1: Local read-only user required on each instance #2: An OEM user with a view any target privilege (EM_ALL_VIEWER in OEM 12) MS-SQL Local read-only user required on each instance; or Windows authentication JDBC / 1521 JDBC / 1433 IBM UDB Local read-only user required on each instance JDBC / 5000 Sybase Local read-only user required on each instance JDBC / 50000 32 32
37 For Networks with a Firewall Source Destination Port / Protocol Description Desktop of potential AG users AG Server 8080 / http Access to AG web UI AG Server HDS HiCommand / HP CommandView 2001 / http Connecting to HDS/HP mgmt consoles AG Server HP 3PAR 22 / ssh Connecting to HP 3PAR AG Server NetApp filers / DFM 80, 443 / http, https Connecting to filers AG Server Unix servers 22 / ssh Connecting to Unix servers AG Server HMC Server 22 / ssh Connecting to HMC Servers AG Server SVC Arrays 22 / ssh Connecting to SVC Arrays AG Server EMC RPA 22 / ssh Connection to EMC RecoverPoint AG Server EMC Isilon System 22 / ssh Connection to EMC Isilon AG Server EMC VPLEX 443 / https Connection to EMC VPLEX AG Server Windows servers All tcp, udp 135-9 / wmi Connecting to Windows servers AG Server Windows servers 80/5985, 445 (default) / WinRM Connecting to Windows servers AG Server Zerto Virtual Manager 9669 / HTTPS Connecting to Zerto Virtual Manager AG Server Oracle instances / OEM ip/vip 1521 (default) / jdbc Connecting Oracle AG Server SQL Server instances ip/vip 1433 (default) / jdbc Connecting MS-SQL AG Server IBM DB2/UDB databases ip/vip 50000 (default) / jdbc Connecting DB2/UDB AG Server Sybase instances ip/vip 5000 (default) / jdbc Connecting Sybase AG Server vcenter / vsphere 443 / soap Connecting vcenter AG Server SRM 9007 / SOAP Connecting SRM (discovered from VC) AG Server Mail server 25 (default) /smtp Sending emails from AvailabilityGuard AG Server EMC Control Center server 1521 / jdbc or 1575 /jdbc-ssl Connecting to ECC RAMBDB views AG Server http://www.continuitysoftware.com 80 (default) / http Automatic update ftp://drivehq.com 20-22 (default) / ftp AG Server Active directory LDAP host 389 (default) Optional, if using active directory for users AG Server Oracle GoldenGate Monitor 1521 (default) / JDBC Connecting to Oracle GoldenGate Monitor Protocols mentioned above are commonly already used by IT (permitted) 37 37
Summary Initial deployment requirements AvailabilityGuard server Identify target systems (checklist) Allocate target system credentials Configure access control (Sudo, PowerBroker, etc.) Verify the existence of software tools on servers Verify network access Detailed information AvailabilityGuard 7.0 Deployment Requirements Guide AvailabilityGuard 7.0 User Guide 39
Agenda Brief Technology Overview AvailabilityGuard Deployment Overview Deployment Requirements Walkthrough Q&A 40
Questions? (thank you) 41
Thank you 42
The AvailabilityGuard Family Comprehensive Service Availability Risk Detection SAN Includes: 43
Support matrix Operating System Solaris 8+ HPUX 11.0+ AIX 4+ Linux RedHat AS 3+ Linux SuSE 8+ Windows 2000+ VMware vsphere 3+ Volume Management All supported OS VMs Veritas Volume Manager LVM 2, ASM, ZFS, Databases Oracle 8.1.7+ MS SQL Server 2000 SP3+ Sybase 12.5+ DB2 UDB 8.1+ Storage EMC Symmetrix, VNX, RecoverPoint, DataDomain, Isilon, VPLEX NetApp Filers All HDS AMS series (500 & 1000), USP (TagmaStore, USP V/VM, VSP) IBM DS 6xxx, 8xxx, XIV, SVC, V7000 HP XP, 3PAR Application Servers IBM WebSphere Oracle WebLogic Apache Tomcat Multi-Pathing EMC PowerPath, Veritas DMP, HP (PVLinks, HPDM ), Linux MPIO, AIX MPIO, SDD, HDS HDLM, Netapp DSM, Replication EMC TimeFinder, SRDF, EMC MirrorView, SnapView, RecoverPoint NetApp SnapMirror, SnapShots, SnapVault HDS TrueCopy, ShadowImage, UniversalReplicator, TrueShadow IBM FlashCopy, FlashCopy/SE, Metro Mirror, Global Mirror, Global Copy HP 3PAR Remote Copy, Virtual Copy Oracle DataGuard, GoldenGate VVR Zerto Virutal Replication Clustering Veritas Cluster Server VMware HA / FT / SRM IBM PowerHA (HA/CMP) Oracle RAC & CRS Microsoft Cluster Server HP MC/SG, PolyServe Sun Cluster NetApp cluster (cdot) 49