45
Brock Bruner – Senior Solution Architect vCloud Air Disaster Recovery ® ™
Brock Bruner – Senior Solution Architect
vCloud Air Disaster Recovery
® ™
2
Agenda
1 RaaS Overview
2 BC/DR Challenges
3 vCloud Air Disaster Recovery Overview
4 Architecture
5 Setup and Configuration
6 Considerations
7 Automation Options
Fundamentals of (IT) Disaster Recovery
Disaster Recovery (SNIA Definition):
“The recovery of data, access to data and associated process through a comprehensive process of setting up redundant site (equipment and work space) with recovery of operational data to continue business operations after a loss of use of all or part of a data center”
Last Backup
TIME
Event Data Restored
RPO RTO
Business/mission critical data and
systems need to be recoverable
within well-defined limits in the
event of disaster or disruption
Business Requirements
• Replication
• Backup and Restore
• Archiving/Long-term
preservation
Traditional Methodologies
3
Today’s DR Options
RaaSTraditional Disaster
Recovery with a
Service Provider
In-House DR
solution (secondary
site)
4
Business Continuity and Disaster Recovery Challenges
5
Why Wouldn’t You Protect Your Data Center?
6
Source: Forrsights Budgets And Priorities Tracker Survey, Q2 2012, Forrester Research, Inc, 2012VMware market segment definition: SMB: 1-999 employees, Commercial: 1000-4999 employees, Enterprise: 5000+
High degree of pain for orgs of all sizes
Q. Which of the following initiatives are likely to be your IT
organization top technology priorities over the next 12 months?
0% 50% 100%
IaaS
Implement or expandcollaboration
Consolidate app
Mobile/tablet apps
Maintain or implementvirtualization and…
Consolidate ITinfrastructure
Upgrade our security
Upgrade BC/DRcapabilities
SMB
Commercial
Enterprise
% critical or
high priority
7
Challenges in Selecting a BC/DR Solution
8
Types of Providers
10%
Variances from provider to provider
Customer criteria
BC/DR Solution
VMware vCloud Air Disaster Recovery
® ™
9
vCloud Air Disaster Recovery
VMware vSphere
VMware
vCenter Server
vSphere
Replication
Site A (Primary)
Servers
vCloud Air, Site B (Recovery)
US East Region
US West Region
1Dependent on available bandwidth
Simple and secure asynchronous replication and failover for vSphere
• Warm standby capacity on vCloud Air
• Self-service protection, failover and failback workflows per VM
• 15 min1 – 24 hr. recovery point objective (RPO)
• Initial data seeding by shipping a disk
• Includes:
• 2x 7-day DR tests per year
• 30 days of recovered VM run time
10
Disaster Recovery – New Core Class of Service
Minimum size:
10GHz vCPU
20GB vRAM
Starts at
1 TB
10 Mbps allocated
2 Public IPs
2 Tests*
Term Lengths:
1m, 12m, 24m, 36m subscriptions
Dedicated Cloud
InstanceVirtual Private
Cloud Instance
vCloud Air Standard Servicer Tiers
New Instance
Type as DR
Service Tier
DR-VDC Instance
Disaster Recovery Add-On Options
Standard Storage, Support, Bandwidth
Compute (subscription)
Compute (one time)
IP Address
Offline Data Transfer
Direct Connect
Additional Failover test
VMware vCloud
Air – Disaster Recovery
vSphere Provides The Best Foundation For Disaster Recovery in the Cloud
Encapsulation: Simple Application Protection
• Entire system – including application, OS, and data – is stored as virtual machine files
• Entire system can be protected with data protection tools
Hardware-Independence: Flexible Infrastructure
• Eliminate the need for SAN or array-based replication
• Enable consistent recovery throughout data center lifecycle changes
Hybrid Aware: Seamless Integration with vCloud Air
• Reduced costs by leveraging the cloud for DR
• Scale your protection capacity to meet variable demand
13
Fully integrated with vSphere Web Client
Consistent management and operational best practices…
• Single interface and common management
• Designed to integrate with vCloud Air
• Doesn’t require “console hopping”
14
Disaster Recovery and Site Recovery Manager
Disaster Recovery as a complementary DR solution to traditional SRM deployments
Seeking DR
Solution?
SRM in scope?
Pass
vCloud Air - DR
Internal/DIYHosted Solution
On Premise
Co-existence
Yes
No
No
YesCo-existence
Yes Yes
(Default)
(Partner service contract)
True Multi-Tenancy & Multi-Site Storage agnostic support
Support for different vSphere versions
Shared cloud infrastructure
Simplified management
• UI embedded in vSphere (v5.1+)
• Protect VMs with a couple of clicks
• Failover and testing through API
• Installable in current environment
Administration via vCloud Air console and API*
RaaS Alternative
vCloud Air US-East vCloud Air US-West vCloud Air EUR-UK
VMware vSphere
customers
15
Disaster Recovery Architecture
Disaster Recovery Service Architecture (50k Foot View)
Disaster Recovery Subscriber
DR appliance
DR appliance
vRMS
Components & Architecture
vCenter
ESXESX
ESXi
Datastore Datastore
Tenant
(On-Premises Data Center)
Provider
(vCloud Air Cloud)
vCTA vCenter
ESXESX
ESXi
Datastore Datastore
vCD-sp
vRMS
vR
vRCS
Cloud Proxy
Hybrid DR
Services
vRS
A
B
C
Existing Components
Updated Components
New Components
vSphere UI
vRMS Plugin
vCD Admin
UI
vCloud Air
Portal
vSM
18
vSphere Replication Architecture Across Sites
19
vCenter Web Client
Primary Data Center vCloud Air
VRA vCloud Director
vSphere
vCloud Air
Networking & Security
DR-VDC VPC
vCloud Air Console
Storage
(VMDK2)(VMDK1)
vSphere
Storage
(VMDK2)(VMDK1)
vSphere
VRA
WAN
VRS
VM Replication
Disaster Recovery Scale Out
CONFIDENTIAL 20
VMware vSphere
VMware
vCenter Server A
vSphere
Replication A
500 VMs
Primary Data Center
1,000 VMs
1,500 VMs
VMware vSphere
VMware
vCenter Server B
vSphere
Replication B
VMware vSphere
VMware
vCenter Server C
vSphere
Replication C
vCloud Air
VM Replication
VM Replication
VM Replication
DR-VDC A
DR-VDC B
DR-VDC C
Disaster Recovery Encryption
CONFIDENTIAL 21
Encryption of replication traffic (in-flight) is provided between the following
endpoints in vCloud Air – Disaster Recovery.
ESXiVR
Appliance(vCloud
Tunneling)
Public Internet or Direct Connect PLC
vCloud Air(Cloud Proxy)
Host Based Replication
(HBR)
WebSocket (SSL) Encryption
ESXi
Disaster Recovery System Requirements
Primary Data Center
• VMware vSphere 5.1 or above
– vSphere Essentials Plus
– vSphere Standard
– vSphere Enterprise
– vSphere Enterprise Plus
• VMware vCenter 5.1 or above
– Includes vSphere Web Client
• vSphere Replication Appliance 5.6
– 1:1 mapping with vCenter*
• Public internet connectivity
vCloud Air
• DR subscription
CONFIDENTIAL 22
(DR Virtual Data Center instance)
© 2014 VMware Inc. All rights reserved.
Disaster Recovery Setup and Configuration
vSphere Replication Appliance
New version for Disaster Recovery than SRM
– Includes encryption components
– Encryption requires ESXi Firewall rules
• VIB will be provided
– Register per vCenter
– Manage in the vSphere Web Client
Disaster Recovery Enabled Virtual Data Center
Configure for Cloud Disaster Recovery
Disaster Recovery Configure Target Networks
Two Networks Available
– Recovery
– Test
You can configure more on Edge Gateway
– Manual assignment after failover
Disaster Recovery Configure Virtual Machine Replication
Disaster Recovery Configure Virtual Machine Replication
Monitor Disaster Recovery Replication
Configure
Pause
Test
Failover
Stop
Disaster Recovery Considerations
Considerations for Failover
• Self-service failover driven by customer action
• Commensurate bandwidth to support data volume and change rate
• Cloud (“DR-VDC”) pre-configuration required to streamline failover operations and aide in faster recovery times – example settings below:
Infrastructure• Active Directory
• DNS
Networking• DHCP / IP
Re-addressing
• L4-L7 services
redirect
Storage• Resource
allocation
changes
Management• RBAC
Running “Pilot Light” VM’s With Physical Sites
IPSec VPN
(192.168.109.0/24)
EDGE
GATEWAY
(192.168.205.0/24)
IPSec VPN
RaaS Cloud (East Coast)
AD/DNS in VPC
On Prem
Gateway
Internet
Corp HQ (East Coast)
Corp HQ West Coast
vSphere
Replication
Running “Pilot Light” VM’s With Cross Connect
RaaS Cloud (East Coast)
1 or 10 Gbps Direct Connect Traffic
DMZ Network
(192.168.52.0/24)
Private Network
(192.168.50.0/24)
Private Network
(192.168.110.0/24)
CUSTOMER CAGE
Direct Connect Line
Note:Storage connection must be In-Guest based connectivity with NFS or Software iSCSI Initiator
AD/DNS in Cage
EDGE GATEWAY
RaaS Cloud
Running “Pilot Light” VM’s With Separate VPC
Cloud to Cloud
VPN
(192.168.109.0/24)
EDGE
GATEWAY
(192.168.205.0/24)
Cloud to Cloud
VPN
Virtual Private Cloud RaaS Cloud
AD/DNS in VPC
EDGE
GATEWAY
Internet
HEADQUARTERS
PRIMARY AD/DNS
VPN or Direct Connect
vSphere
Replication
Disaster RecoveryAutomation Options
Only basic automation for:
Disaster Recovery Automation Options
Tools for automation
– vCO/vCAC
– Puppet or 3rd party solutions
- Failover &
testing
- Not failback
vCloud API’s
- vCloud Air
Extensions
- RaaS
Extensions
Manual runbook Managing VM changes
- Additional
networks
- IP Changes
Disaster Recovery Process Examples
Attach Disaster
Recovery Site Configure
Networks
Configure
Replication
Initial Sync
• Seeded
Test Failover*
Full
Failover*
Power off
vCloud Air VM* Delete Original
vSphere VM*
vCC Copy
from vCloud
Air
to vSphere
Re-Configure
VM As Needed*
Power On*
Restart
Replication
Setup & Configuration Failback Process
© 2014 VMware Inc. All rights reserved.
Additional Service Details
39
vCloud Air Data Center Locations
vCloud Government Service
vCloud Air
Kitakyushu
Phoenix
Santa Clara
Las Vegas
Dallas
New Jersey
Sterling
Dulles
Slough
Chessington
40
Compliance Examination & Security Certifications
ISO 27001:2005 SOC 1 Type 2 (SSAE 16)
SOC 2 Type 2HIPAA/HITECH
AT101 Reports available with a Signed NDA
41
Need Help with Your Cloud? It’s One Support Call
VMware Global Support Services
One support number.
One My VMware account.
vSphere &
vCloud
vCloud
Hybrid Service
42
CONFIDENTIAL 43
Questions?
Next Steps and Resources
Learn more about vCloud Air
http://vcloud.vmware.com
http://vcloud.vmware.com/Tutorials
Experience vCloud Air Hands-On
http://www.vmware.com/go/testdrive
Keep up with the Latest Activity
http://blogs.vmware.com/vcloud
vCloud Air Customer Stories
http://vcloud.vmware.com/uses/our_customers
Thank You
