To protect or migrate vSphere workloads between two vCenter Server sites, deploy two VMware Cloud Director Availability appliances, in each respective vCenter Server instance. Before installing each appliance, verify that each site meets the deployment requirements. Also, allow the network communication within the site and between the sites.
- vSphere DR and migration
- Between two vCenter Server instances, any user that is a member of ADMINISTRATORS, or VRADMINISTRATORS, or VRUSERS can protect or migrate vSphere workloads after pairing the following VMware Cloud Director Availability appliances in each site, deployed and configured by a user member of ADMINISTRATORS. Deploying the appliances creates the groups VRADMINISTRATORS and VRUSERS in the vCenter Server instance.
- To replicate workloads between provider vCenter Server and tenant vCenter Server, deploy and configure the following two appliances, then pair both appliances.
- vCenter Replication Management Appliance
- In the provider vCenter Server instance, as a vSphere administrator user deploy, license, and configure a vCenter Replication Management Appliance, then add it for metering in VMware vCloud ® Usage Meter.
- On-Premises to Cloud vCenter Replication Appliance
- In the tenant vCenter Server instance, as a vSphere administrator user, only deploy and configure an On-Premises to Cloud vCenter Replication Appliance.
- Alternatively, to replicate workloads between provider vCenter Server instances, deploy, license, and configure a vCenter Replication Management Appliance in each provider vCenter Server instance. Then add the appliances for metering in vCloud Usage Meter. Finally, pair both appliances, similarly to the example for pairing a tenant and a provider instance.
The following architecture diagram shows an On-Premises to Cloud vCenter Replication Appliance and a vCenter Replication Management Appliance, deployed in each respective vCenter Server instance.
The following diagram shows the network connections and the required network ports for the communication between the vCenter Replication Management Appliance, the On-Premises to Cloud vCenter Replication Appliance, and the disaster recovery infrastructure.
|Pairing Prerequisites||Private Network Pairing||Public Network Pairing|
|Destination Network Address Translation (DNAT)||Do not configure DNAT rules.||First, configure a DNAT rule for translating the public Service-Endpoint-IP-address:443 to the private Appliance-IP-address:8048|
|In the New Pairing window enter:||For Service Endpoint, enter Appliance-IP-adress:8048.||For Service Endpoint, enter the public Service-Endpoint-IP-address:443.|
VMware Cloud Director Availability does not support any TLS terminating products or solutions placed between the appliances, for example, HAProxy, Nginx, Fortinet, and others. If such tools are in place, they must be configured in pass-thru mode, also known as TCP mode, to prevent from interfering with the TLS traffic of VMware Cloud Director Availability.
- 8 vCPUs
- 8 GB RAM
- 10 GB Storage
- Dedicated ESXi replication VMkernel interfaces
For production sites, to isolate the replication data traffic in the
ESXi hosts, dedicate a VMkernel interface for that. By default,
ESXi handles the replication data traffic through its management VMkernel interface. Since one VMkernel adapter must handle one traffic type, separate the management traffic from the replication traffic by creating a dedicated replication VMkernel interface.
In every ESXi host that is used as a replication source or as a replication destination, when creating a VMkernel interface dedicated for the replication traffic, use the following tags:
- For replication sources, to configure each ESXi host for the outgoing replication traffic, select vSphere Replication. For more information, see Set Up a VMkernel Adapter for vSphere Replication Traffic on a Source Host in the vSphere Replication documentation.
- For replication destinations, to configure each ESXi host for the incoming replication traffic, select vSphere Replication NFC.
To keep the replication traffic between the ESXi hosts and the appliance instances in the same broadcast domain, configure the dedicated replication VMkernel interface in its own IP subnet and connect each appliance instance to the same virtual port group. As a result, the uncompressed replication traffic avoids crossing a router and saves network bandwidth.