Configure private cloud as DR target using VMware SRM

You can use your Google Cloud VMware Engine private cloud as a disaster recovery (DR) site for on-premises VMware workloads.

This DR solution is based on vSphere replication and VMware Site Recovery Manager (SRM). You can use a similar approach to use your private cloud as a primary site that is protected by your on-premises recovery site.

This recovery solution offers the following:

  • Eliminates the need to set up a data center specifically for DR.
  • Lets you reduce deployment costs and total cost of ownership for establishing DR.

This solution requires the following from you:

  • Install, configure, and manage vSphere Replication and SRM in your private cloud.
  • Provide your own licenses for SRM when the private cloud is the protected site. You do not need any additional SRM licenses for the site when it is used as the recovery site.

With this solution, you have full control over vSphere replication and SRM. The familiar Google Cloud Console, gcloud command-line tool, and Compute Engine API interfaces let you use your existing scripts and tools.

You can use any versions of vRealize Automation (vRA) and SRM that are compatible with your private cloud and on-premises environments. The examples in this guide use vRA 6.5 and SRM 6.5. These versions are compatible with vSphere 6.5.

Deploying a DR solution using SRM in your private cloud

The following sections describe how to deploy a DR solution using SRM in your private cloud.

Verify that VMware product versions are compatible

The configurations in this guide are subject to the following compatibility requirements. To find out the versions of vCenter and PSC in your private cloud, open the Google Cloud VMware Engine portal, go to Resources, select your private cloud, and click the vSphere Management Network tab.

  • The same version of SRM must be deployed in your private cloud and your on-premises environment.
  • The same version of vSphere Replication must be deployed in your private cloud and your on-premises environment.
  • The versions of the Platform Services Controller (PSC) in your private cloud and your on-premises environment must be compatible.
  • The versions of vCenter in your private cloud and your on-premises environment must be compatible.
  • The versions of SRM and vSphere replication must be compatible with each other and with the versions of PSC and vCenter.

For more information, see VMware Site Recovery Manager Documentation.

Estimate the size of your DR environment

  1. Verify that your identified on-premises configuration is within supported limits. For SRM 6.5, the limits are documented in the VMware knowledge base article on operational limits for Site Recovery Manager 6.5.
  2. Ensure that you have sufficient network bandwidth to meet your workload size and RPO requirements. For more information, see Calculate Bandwidth for vSphere Replication.
  3. Use the sizer tool to estimate the resources that are needed in your DR site to protect your on-premises environment.

Create a private cloud for your environment

Create a private cloud from the VMware Engine portal by following the instructions and sizing recommendations in Create a private cloud.

Set up private cloud networking for the SRM solution

From the VMware Engine portal, set up private cloud networking for the SRM solution.

Create a subnet for the SRM solution network and assign it a subnet CIDR. For more information, see Create and manage subnets.

Set up a site-to-site connection and open required ports

For information about how to set up site-to-site connectivity between your on-premises network and your private cloud, see Connect from on-premises to private cloud using VPN.

Set up infrastructure services in your private cloud

To help you manage your workloads and tools, configure infrastructure services in the private cloud.

If you want to do any of the following, add an external identity provider:

cs-needs-review

To provide IP address lookup, IP address management, and name resolution services for your workloads in the private cloud, set up a DHCP and DNS server as described in Set up DNS and DHCP applications and workloads in your private cloud.

The gve.goog domain is used by management VMs and hosts in your private cloud. To resolve requests to this domain, configure DNS forwarding on the DNS server as described in Create a conditional forwarder.

Install a vSphere replication appliance in your on-premises environment

Install a vSphere replication appliance (vRA) in your on-premises environment by following the VMware documentation. The installation consists of these high-level steps:

  1. Prepare your on-premises environment for vRA installation.
  2. Deploy vRA in your on-premises environment using the OVF in the VR ISO from vmware.com. For vRA 6.5, this VMware blog entry has the relevant information.
  3. Register your on-premises vRA with vCenter SSO at the on-premises site.

For information about vSphere Replication 6.5, see the VMware vSphere Replication 6.5 Installation and Configuration PDF.

Install the vSphere Replication appliance in your private cloud environment

Before you begin, verify that you have the following:

  • IP reachability from subnets in your on-premises environment to the management subnet of your private cloud
  • IP reachability from the replication subnet in your on-premises vSphere environment to the SRM solution subnet of your private cloud

For more information, see Configure a VPN connection to your private cloud. The steps are similar to those for the on-premises installation.

Google recommends using FQDNs instead of IP addresses during the vRA and SRM installation. To find out the FQDN of the vCenter and PSC in your private cloud, open the VMware Engine portal, go to Resources, select your private cloud, and click the vSphere Management Network tab.

Google requires that you not install vRA and SRM using the default CloudOwner user. Instead, create a new user. This is done to help ensure high uptime and availability for your private cloud vCenter environment. However, the default CloudOwner user in the private cloud vCenter doesn't have sufficient privileges to create a user with administrator privileges.

Before installing vRA and SRM, you must elevate the vCenter privileges of the CloudOwner user and then create a user with administrator privileges in the vCenter SSO domain. For more information about the default private cloud user and permission model, see Learn the private cloud permission model.

For information about installing instructions for vSphere Replication 6.5, see the VMware vSphere Replication 6.5 Installation and Configuration PDF.

vCenter UI: Create a user in private cloud for vRA and SRM installation

Sign in to vCenter using CloudOwner user credentials after escalating privileges from the portal. Create a new user, srm-soln-admin, in vCenter and add it to the administrators group in vCenter. Sign out of vCenter as the CloudOwner user and sign in as the srm-soln-admin user.

VMware Engine portal: Configure firewall rules for vRA

To open ports to enable the following network communications, configure firewall rules as described in Set up firewall tables and rules to open ports to enable communication between:

  • vRA in the SRM solution network and vCenter and ESXi hosts in the management network
  • vRA appliances at the two sites

For a list of port numbers that must be open for vSphere replication 6.5, see Port numbers that must be open for vSphere Replication.

Install SRM server in your on-premises environment

Before you begin, verify the following:

  • vSphere Replication Appliance is installed in your on-premises and private cloud environments.
  • The vSphere replication appliances at both sites are connected to each other.
  • You have reviewed the VMware information on prerequisites and best practices. For SRM 6.5, you can refer to the VMware document Prerequisites and Best Practices for SRM 6.5.

Follow VMware documentation to perform SRM server installation in the deployment model Two-Site Topology with One vCenter Instance per Platform Services Controller as described in Site Recovery Manager in a Two-Site Topology with One vCenter Server Instance per Platform Services Controller. The installation instructions for SRM 6.5 are available in the VMware document Installing Site Recovery Manager.

Install SRM server in your private cloud

Before you begin, verify the following:

The following steps describe the private cloud SRM installation:.

vCenter UI: install SRM

After logging in to vCenter using srm-soln-admin credentials, follow the VMware documentation to perform SRM server installation in the deployment model Two-Site Topology with One vCenter Instance per Platform Services Controller as described in Site Recovery Manager in a Two-Site Topology with One vCenter Server Instance per Platform Services Controller. The installation instructions for SRM 6.5 are available in the VMware document Installing Site Recovery Manager.

VMware Engine portal: configure firewall rules for SRM

Configure firewall rules as described in Set up firewall tables and rules to allow communication between:

  • The SRM server and vCenter or PSC in the private cloud
  • The SRM servers at both sites

For a list of port numbers that must be open for vSphere Replication 6.5, see Port numbers that must be open for vSphere Replication.

vCenter UI: configure SRM

After SRM is installed in the private cloud, perform the following tasks as described in the sections of the VMware Site Recovery Manager Installation and Configuration Guide. For SRM 6.5, see Installing Site Recovery Manager.

  • Connect the Site Recovery Manager Server Instances on the Protected and Recovery Sites
  • Establish a Client Connection to the Remote Site Recovery Manager Server Instance
  • Install the Site Recovery Manager License Key.

VMware Engine portal: restore privileges

For information about how to restore privileges, see Restore privileges.

Ongoing management of your SRM solution

You have full control over vSphere replication and SRM software in your private cloud environment and are expected to perform necessary software lifecycle management. Ensure that any new version of software is compatible with the private cloud vCenter and PSC before updating or upgrading vSphere replication or SRM.

Multiple replication configuration

You can use both array-based replication and vSphere replication technologies together with SRM at the same time. For more information, see pSRM – Array Based Replication vs. vSphere Replication. Either array-based replication or vSphere replication must be applied to a set of VMs. A given VM can be protected either by array-based replication or vSphere replication but not both. You can configure the VMware Engine site as a recovery site for multiple protected sites. For information about multi-site configurations, see SRM Multi-Site Options.

References

What's next