VMware vSphere Replication - 6.0 User’s Manual
vSphere Replication for Disaster
Recovery to Cloud
vSphere Replication 6.0
This document supports the version of each product listed and
supports all subsequent versions until the document is
replaced by a new edition. To check for more recent editions
of this document, see http://www.vmware.com/support/pubs.
EN-001621-01
vSphere Replication for Disaster Recovery to Cloud
You can find the most up-to-date technical documentation on the VMware Web site at:
http://www.vmware.com/support/
The VMware Web site also provides the latest product updates.
If you have comments about this documentation, submit your feedback to:
docfeedback@vmware.com
Copyright © 2015 VMware, Inc. All rights reserved. Copyright and trademark information.
VMware, Inc.
3401 Hillview Ave.
Palo Alto, CA 94304
www.vmware.com
2 VMware, Inc.
Contents
About Disaster Recovery to Cloud 5
1
Updated Information 7
Disaster Recovery to Cloud System Requirements and Compatibility 9
2
Roles and Permissions that Disaster Recovery to Cloud Requires 9
Installing and Configuring vSphere Replication to Cloud 11
3
Installing vSphere Replication for Disaster Recovery to Cloud 11
Upgrading vSphere Replication from Earlier Product Versions 12
Configure NTP Synchronisation in Your Environment 12
How vSphere Replication Connects to Cloud 12
Configuring the Connection to the Cloud 14
Replicating Virtual Machines to Cloud 21
4
Configure a Replication to Cloud for a Single Virtual Machine 21
Configure a Cloud Replication Task for Multiple Virtual Machines 24
Using Replication Seeds for Replications to Cloud 26
Reconfiguring Replications to the Cloud 29
5
Reconfigure a Replication to Cloud 29
Recovering Virtual Machines to Cloud 31
6
Test Recovery to Cloud 31
Planned Migration to Cloud 33
Configuring Replications from Cloud 35
7
Configure a Replication From Cloud 36
Configure a Reverse Replication from Cloud 38
Monitoring and Managing Replication Tasks 39
8
Monitoring the Status of Replication Tasks 39
Pause or Resume a Replication Task 40
Stop a Replication To Cloud 40
Stop a Replication From Cloud 41
Troubleshooting vSphere Replication for Disaster Recovery to Cloud 43
9
vSphere Replication UI is Missing After a vCenter Server Upgrade 43
Index 45
VMware, Inc. 3
vSphere Replication for Disaster Recovery to Cloud
4 VMware, Inc.
About Disaster Recovery to Cloud 1
You can subscribe to the VMware vCloud® Air™ Disaster Recovery service to protect your vSphere
workloads.
vCloud Air Disaster Recovery lets administrators of small sites to protect their vSphere virtual workloads
from a wide class of disasters by replicating those workloads into the cloud. vCloud Air Disaster Recovery
uses the host-based replication feature of vSphere Replication to copy the protected source virtual machines
into the infrastructure of the cloud provider. If a disaster occurs, the vCloud Air Disaster Recovery servers
can convert the replicated data into vApps and virtual machines in the cloud.
VMware, Inc. 5
vSphere Replication for Disaster Recovery to Cloud
6 VMware, Inc.
Updated Information
This vSphere Replication for Disaster Recovery to Cloud is updated with each release of the product or when
necessary.
This table provides the update history of the vSphere Replication for Disaster Recovery to Cloud.
Revision Description
EN-001621-01
EN-001621-00 Initial release.
Corrected information on supported vCenter Server versions in Chapter 2, “Disaster Recovery to
n
Cloud System Requirements and Compatibility,” on page 9.
Corrected product name in topic “Select Recovery Networks on the Target Virtual Data Center,” on
n
page 15.
VMware, Inc. 7
vSphere Replication for Disaster Recovery to Cloud
8 VMware, Inc.
Disaster Recovery to Cloud System
Requirements and Compatibility 2
To enable replications to the cloud, your environment must meet certain requirements in terms of additional
configuration and specific versions of the VMware products that you use.
System Requirements
Disaster Recovery to Cloud has the same requirements to the environment as vSphere Replication. In
addition, Disaster Recovery to Cloud requires that ports 10000 to 10010 of ESXi hosts are open for outgoing
traffic . The required ports are open automatically when you install a VIB on each supported ESXi host in
the environment where the vSphere Replication appliance is deployed. See “How vSphere Replication
Connects to Cloud,” on page 12.
Product Compatibility
Replications to the cloud require that you run certain versions of VMware products on the source site and
on the target site. Your cloud provider ensures that the target environment is configured for replications to
cloud. You must verify that you run a supported version of the following products on the source site.
Table 2‑1. Compatible Product Versions on the Source Site for Replications to the Cloud
Product Supported Version
vSphere Replication appliance 6.0
ESXi host 5.0, 5.1.x, 5.5.x, and 6.0
vCenter Server 6.0
vSphere Web Client 6.0
Roles and Permissions that Disaster Recovery to Cloud Requires
Replications to the cloud require certain users, roles, and permissions.
vSphere Web Client
On the source vSphere side, you need the same credentials as the ones required for vSphere Replication. See
the topic vSphere Replication Roles Reference in the VMware vSphere Replication Administration document.
VMware, Inc.
9
vSphere Replication for Disaster Recovery to Cloud
vCloud User Credentials
When you create a connection to the target virtual data center, you provide two pairs of credentials.
Connection Credentials
System Monitoring
Credentials
Used for authenticating within the cloud organization, these credentials
initiate a user session with your cloud provider. The privileges for your user
account are managed by your cloud provider.
com.vmware.hcs.{com.vmware.hcs}:ManageRight
n
com.vmware.hcs.{com.vmware.hcs}:ViewRight
n
Organization.View Organization Networks
n
Organization.View Organizations
n
Organization VDC.View Organization VDCs
n
Credentials to the cloud are required for each target site, once per user
session, and not per operation in the vSphere Web Client. When the
authenticated user session to a target site expires, users are prompted to
input their credentials again.
Used at runtime to let the source and the target site communicate. These
credentials are stored in the vSphere Replication appliance on the source site.
The user name that you provide must be assigned the vSphere Replication
role, or the following rights in your cloud organization.
com.vmware.hcs.{com,vmware.hcs}:ManageRight
n
com.vmware.hcs.{com,vmware.hcs}:ViewRight
n
Organization.View Organization Networks
n
Organization.View Organizations
n
Organization VDC.View Organization VDCs
n
Although you can use the same credentials for both connection and system monitoring, a good practice is to
use different pairs of credentials.
10 VMware, Inc.
Installing and Configuring
vSphere Replication to Cloud 3
Before you configure replications to the cloud, you must deploy the vSphere Replication appliance on the
source site and set up your environment to enable connections to the cloud.
This chapter includes the following topics:
“Installing vSphere Replication for Disaster Recovery to Cloud,” on page 11
n
“Upgrading vSphere Replication from Earlier Product Versions,” on page 12
n
“Configure NTP Synchronisation in Your Environment,” on page 12
n
“How vSphere Replication Connects to Cloud,” on page 12
n
“Configuring the Connection to the Cloud,” on page 14
n
Installing vSphere Replication for Disaster Recovery to Cloud
vSphere Replication is distributed as an OVF virtual appliance.
You deploy vSphere Replication by using the vSphere OVF deployment wizard.
Depending on the version of the vCenter Server on which you install vSphere Replication, the deployment
procedure might vary.
Table 3‑1. vSphere Replication Deployment Procedures
vCenter Server Version vSphere Replication Deployment Procedure
vCenter Server 5.5.x See the topic Deploy the vSphere Replication Virtual
Appliance in the vSphere Replication 5.5 Administration
document.
vCenter Server 6.0 See the topic Deploy the vSphere Replication Virtual
Appliance in the vSphere Replication 6.0 Administration
document.
IMPORTANT In these procedures, the steps for installing vSphere Replication on the target site apply to
vCenter Server to vCenter Server replications. If you intend to use vSphere Replication only for replications
to cloud, do not attempt to install vSphere Replication on the target site. Your cloud provider ensures that
the target site is configured for replications to cloud.
After installing the vSphere Replication appliance, you must configure it to synchronize with an external
NTP server. See “Configure NTP Synchronisation in Your Environment,” on page 12.
VMware, Inc.
11
vSphere Replication for Disaster Recovery to Cloud
Upgrading vSphere Replication from Earlier Product Versions
You can upgrade vSphere Replication 5.5.x and 5.8 to vSphere Replication 6.0.
To upgrade a previously installed version of vSphere Replication to vSphere Replication for
Disaster Recovery to Cloud, you must mount the vSphere Replication ISO file on a system in your
environment that is accessible from the vSphere Replication appliance, and apply the update through the
virtual appliance administration interface (VAMI) on port 5480. See Upgrade vSphere Replication by Using
the Downloadable ISO Image.
After upgrading the vSphere Replication appliance, you must configure it to synchronize with an external
NTP server. See “Configure NTP Synchronisation in Your Environment,” on page 12.
Configure NTP Synchronisation in Your Environment
You must synchronize the time on the vSphere Replication appliance in your environment with an NTP
server.
By default, the vSphere Replication appliance is synchronized with the ESXi host on which it resides. You
must disable the NTP synchronization with the host and configure the vSphere Replication appliance and
the vCenter Server to synchronize with an external NTP server.
Procedure
1 Configure NTP synchronization on the vSphere Replication appliance.
a In the vSphere inventory tree, locate the vSphere Replication appliance, right-click and select Edit
Settings.
b On the VM Options tab, click VMware Tools.
c Deselect the Synchronize guest time with host check box.
d In the virtual appliance console, run the command chkconfig ntp on to run NTP synchronization
every time the vSphere Replication appliance starts up.
e To configure the vSphere Replication appliance to synchronize with an NTP server, edit
the /etc/ntp.conf file to enter the address of an NTP server.
Add the following line in the ntp.conf file:
server <your_ntp_server_address>
f Run the service ntp start command.
2 Configure the vCenter Server on the source site to synchronize with the NTP server that you configured
in the vSphere Replication appliance.
How vSphere Replication Connects to Cloud
When you create a connection to the cloud, the vCloud Tunneling Agent in the vSphere Replication
appliance creates a tunnel to secure the transfer of replication data to your cloud Organization.
When a tunnel is created, the vCloud Tunneling Agent opens a port on the vSphere Replication appliance.
ESXi hosts connect to that port to send replication data to a cloud organization. The port is picked randomly
from a configurable range. The default port range is 10000-10010 TCP.
By default, ports 10000-10010 are not open on ESXi hosts. When you power on the vSphere Replication
appliance, a vSphere Installation Bundle (VIB) is installed on all supported ESXi hosts in the vCenter Server
inventory where the appliance is deployed. The VIB creates a firewall rule, Replication-to-Cloud Traffic, that
opens TCP ports 10000 to 10010 for outgoing traffic. The rule is enabled automatically and takes effect
immediately when you power on the vSphere Replication appliance, or when a host is registered or
12 VMware, Inc.
Chapter 3 Installing and Configuring vSphere Replication to Cloud
connected in the vCenter Server. If an administrator removes the VIB from a host, for example by using the
esxcli utility, the vSphere Replication appliance reinstalls the VIB the next time you restart the appliance or
when a host is restarted or reconnected to the inventory. If you do not want ports 10000 to 10010 to be open
on an ESXi host, and if you do not plan to use this host as a replication source, you can disable the
Replication-to-Cloud Traffic rule. See Allow or Deny Access to an ESXi Service or Management Agent with
the vSphere Web Client.
To reduce the number of open ports or to change the ports that are used for communication between ESXi
hosts and the vCloud Tunneling Agent, you can create a custom firewall rule and reconfigure the agent.
Change the Cloud Tunnel Ports on ESXi Hosts
When you power on the vSphere Replication appliance, it automatically configures all ESXi hosts in your
environment to open TCP ports 10000-10010 for outgoing data transfers.
The vCloud Tunneling Agent in the vSphere Replication appliance uses ports 10000-10010 to receive data
from ESXi instances that host replication sources.
If you do not want to have unused open ports on your ESXi hosts, if the number of open ports is insufficient,
or if you want to change which ports are open, you can reconfigure your firewall settings.
To change the default ports that are used to transfer replication data from ESXi hosts to the vCloud
Tunneling Agent, you must configure each ESXi instance that hosts a replication source virtual machine,
and the vCloud Tunneling Agent.
Procedure
1 Disable the default Replication-to-cloud Traffic rule that is created by the vSphere Replication
appliance.
For detailed procedure, see Allow or Deny Access to an ESXi Service or Management Agent with the
vSphere Web Client.
2 Create a custom firewall rule on each ESXi server that hosts replication source machines.
See Creating custom firewall rules in VMware ESXi 5.0 (KB 2008226).
3 Enable the custom firewall rule that you created on each ESXi host.
See Allow or Deny Access to an ESXi Service or Management Agent with the vSphere Web Client.
What to do next
Configure the vCloud Tunneling Agent to use the ports that you configured on ESXi hosts.
Customize the Ports that vSphere Replication Uses for Tunneling
By default, the vCloud Tunneling Agent in the vSphere Replication appliance is configured to use TCP ports
ranging between 10000 and 10010 to create tunnels to the cloud. All ESXi instances that might host
replication source virtual machines must have their firewall configured to allow outgoing traffic on these
ports.
For each tunnel to cloud, the vCloud Tunneling Agent allocates one unique port from the specified range.
You can reconfigure ESXi hosts and the vCloud Tunneling Agent to reduce the number of open ports or to
change the ports that are used to create tunnels to cloud.
After you reconfigure the ESXi hosts to use custom ports, you must configure the vCloud Tunneling Agent
to use the same custom ports.
Prerequisites
Verify that the ports you selected to use for cloud tunnels are open for outgoing traffic on all ESXi
n
servers that host replication sources.
VMware, Inc. 13
vSphere Replication for Disaster Recovery to Cloud
Verify that you know the IP address of the vSphere Replication appliance in your environment. To
n
check the IP address of the vSphere Replication appliance, select the vCenter Server in the inventory
tree, navigate to the Manage tab, click vSphere Replication, and click About.
Verify that you have root user credentials for the vSphere Replication appliance.
n
Verify that TCP port 22 is open on the vSphere Replication appliance, and that SSH connections are
n
enabled. See topic Unable to Establish an SSH Connection to the vSphere Replication Appliance in the
vSphere Replication Administration document.
Procedure
1 Use a TCP client to connect to the vSphere Replication appliance and log in as the root user.
2 Run the following command to configure the ports for tunnel connections.
/opt/vmware/vcta/bin/cell-management-tool
configure-vcta-server -prl LOW -prh HIGH
Where LOW and HIGH define the range of ports to be used for tunnel connections. To use only one
port, type the port number as the value for LOW and HIGH.
For example, the following command configures the vCloud Tunneling Agent to use only port 10001.
/opt/vmware/vcta/bin/cell-management-tool
configure-vcta-server -prl 10001 -prh 10001
NOTE You can designate any free TCP port in your environment for the communication between ESXi
hosts and the vCloud Tunneling Agent, but you must verify that all ESXi hosts and the vCloud
Tunneling Agent are configured to use the same ports.
3 Run the following command to restart the vCloud Tunneling Agent.
service vmware-vcd restart
Configuring the Connection to the Cloud
In addition to installing and configuring the vSphere Replication appliance, you must configure the
connection to your cloud provider.
You can configure a connection to the cloud provider before you start the Configure Replication wizard or
while you configure a replication task.
Connect to a Cloud Provider Site
Before you configure replication tasks to the cloud, you configure the connections between your vSphere
environment and virtual data centers that belong to your cloud organizations.
You can connect a vCenter Server to multiple virtual data centers, and a virtual data center can be connected
to multiple vCenter Server instances. However, you can have only one connection between a source
vCenter Server and a target virtual data center.
Prerequisites
Verify that you have user credentials for a cloud organization in which vCloud Air is enabled. Your cloud
provider enables the Disaster Recovery to Cloud service per your contract.
Procedure
1
On the vSphere Replication tab under Manage, click the cloud connection icon .
The Connect to a Cloud Provider wizard opens.
14 VMware, Inc.
Loading...