To reestablish the trust with a remote site, repair with the remote site by using the management interface of the appliance.

This procedure applies for the following appliance roles:
  • On-Premises to Cloud Director Replication Appliance, see step 2.
  • On-Premises to Cloud vCenter Replication Appliance, see step 3.

    After upgrading to version 4.5 both the On-Premises to Cloud vCenter Replication Appliance and the vCenter Replication Management Appliance, the tenant must re-pair with the provider site.

    The on-premises appliance no longer requires a public URL and supports a single-step pairing to the provider site. The pairing from on-premises to a provider no longer requires additional steps for confirming the pairing from the provider site.

  • vCenter Replication Management Appliance, see step 3.

Prerequisites

Verify that for vSphere DR and migration, before re-pairing both sites are upgraded to version 4.5 or later.

Procedure

  1. Log in to the management interface of the VMware Cloud Director Availability appliance.
    1. In a Web browser, go to https://Appliance-IP-Address/ui/admin.
    2. Select Appliance login or SSO login and enter the root or the single sign-on user credentials.
    3. Click Login.
  2. To re-pair, depending on the appliance role and the remote site choose the appropriate repair method and complete the pairing step.
    • For vSphere DR and migration, to re-establish the trust between vCenter Server sites skip this step and complete step 3.
    • Alternatively, to re-establish the trust with a cloud site backed by VMware Cloud Director follow this step and skip step 3.
    1. In the left pane, click Settings.
    2. Under Site settings next to Pairing, click Repair then complete the Update Pairing wizard.
    3. On the Site Details page, verify this on-premises site name and description then click Next.
    4. On the Lookup Service page, enter the single sign-on user credentials for the local vCenter Server Lookup service in the on-premises site then click Next.
    5. On the Cloud Service Details page, enter the credentials of the VMware Cloud Directororganization administrator user, and to allow the cloud site permissions, toggle the cloud access and log collection then click Next.
      Option Description
      Public Service Endpoint address

      Enter the address of the cloud site Public Service Endpoint:443 as given by the provider.

      Organization Admin Enter the user name of a VMware Cloud Directororganization administrator user. For example, use admin@org.
      Organization Password Enter the password of the VMware Cloud Directororganization administrator user.
      Allow access from Cloud
      Activated access from the cloud site:
      Allows privileged VMware Cloud Director users like the cloud provider and the organization administrators without authenticating to the on-premises site to perform operations from the VMware Cloud Director Availability Tenant Portal:
      • Browse and discover on-premises workloads to replicate them to the cloud site.
      • Reverse existing replications from the cloud site to the on-premises site.
      • Replicate cloud site workloads to the on-premises site.
      Deactivated cloud site access:
      • Configuring a new replication requires users to explicitly authenticate to the on-premises VMware Cloud Director Availability Tenant Portal.
      • Cannot reverse existing replications to the on-premises site.
      • Allows privileged VMware Cloud Director users to modify existing replications and perform migrate or failover.
      Allow log collection from Cloud
      • To simplify troubleshooting, activate log collection from the cloud site. This allows the cloud provider and the organization administrators without authenticating to each paired on-premises appliance to obtain its logs.
      • Leave cloud site log collection deactivated to require authenticating to the on-premises appliance management interface for downloading the on-premises appliance logs.
      If the cloud site does not use a valid CA-signed certificate, verify the thumbprint and accept the SSL certificate of the Public Service Endpoint.
    6. On the Ready to Complete page, optionally, reconfigure the on-premises local placement, and to complete the wizard click Finish.
      • You can use the existing placement of the on-premises replications by leaving the Configure local placement now toggle deactivated.
      • To reconfigure the cloud to on-premises placement, activate the Configure local placement now toggle then complete the Configure Placement wizard.
  3. Alternatively, to re-establish the trust with the remote vCenter Server site, complete this step.

    On-premises to provider pairing is managed only from the on-premises site.

    1. In the left pane, click Peer Sites.
    2. To re-pair, select the site and click Repair.
    3. In the Update Pairing window, depending on which appliance initiates the repair, enter the following pairing details then click Update.
      • As a tenant, initiate and complete the repair only from the On-Premises to Cloud vCenter Replication Appliance. The On-Premises to Cloud vCenter Replication Appliance does not require a publicly available address.
      Option Description
      Public Service Endpoint
      • Enter the address of the Public Service Endpoint:443 of the vCenter Replication Management Appliance of the provider.
      • Alternatively, enter port 8048 only when both appliances reside in the same network.
      SSO Username Enter the user name of the single-sign-on user from the provider site for the pairing. For example, enter [email protected].

      To pair the on-premises appliance with the provider site it is recommended to use a less-privileged user that belongs to the VRUSERS group in the provider site. Alternatively, you can still use a user member of the VRADMINISTRATORS or the ADMINISTRATORS groups in the provider site. For information about these groups, see Users Roles Rights and Sessions in the Security Guide.

      SSO Password Enter the password of the remote single-sign-on user in the provider site.
      Description Optionally, enter a description for this pair.
      • As a provider, when repairing vCenter Replication Management Appliance with vCenter Replication Management Appliance, initiate the pairing by entering:
      Option Description
      Public Service Endpoint
      • Enter the address of the vCenter Replication Management Appliance:443 in the remote cloud vCenter Server site.
      • Alternatively, enter port 8048 only when both appliances reside in the same network.
      Description Optionally, enter a description for this pair.
      When repairing two vCenter Replication Management Appliance instances, after initiating pairing from the local site, to complete the pairing log in the remote vCenter Replication Management Appliance and repeat this step to also repair the remote site with the local vCenter Replication Management Appliance.
    4. Verify the thumbprint and accept the SSL certificate of the remote appliance.
  4. Verify that the connectivity to the paired site is operational.
    1. In the left pane, click System Health.
    2. Verify that for the site you re-paired, Service connectivity shows a green OK status.

Results

The pairing between the local and the remote site is re-established.