To replace or restore a failing Tunnel Appliance, power it off, deploy a new instance of the appliance and enable tunneling to the new appliance.

If a backup of the Tunnel Appliance exists, follow the procedure in Restore the appliances in the cloud instead of the procedure below. To generate a backup in VMware Cloud Director Availability, see Back up all the appliances in the cloud.

Prerequisites

  • Verify that VMware Cloud Director Availability is deployed in the cloud site.
  • Verify that the existing Tunnel Appliance is powered off or that it is disconnected from the port group.

Procedure

  1. Deploy a new Tunnel Appliance.
    1. Use the same host name, IP address, and the remaining settings as the original Tunnel Appliance.
    2. Power on the new Tunnel Appliance.
  2. Log in to the Tunnel Service management interface.
    1. In a Web browser, go to https://Tunnel-IP-or-FQDN:8442.
    2. Select Appliance login and enter the root user password that you set during the OVA deployment.
    3. Click Login.
  3. If you log in to the appliance for the first time, you must change the initial root user password.
    1. Enter the initial root user password that you set during the OVA deployment.
    2. Enter and confirm a new password.
      The password that you enter must be a secured password with a minimum of eight characters and it must consist of:
      • At least one lowercase letter.
      • At least one uppercase letter.
      • At least one number.
      • At least one special character, such as & # %.
    3. Click Apply.
      The Getting Started tab opens.
  4. (Optional) To log in to the Tunnel Service by using vCenter Single Sign-On credentials, you can register the new Tunnel Appliance with the vCenter Server Lookup service.
    1. In the Configuration page, under Service endpoints, next to Lookup Service Address, click Edit.
    2. In the Lookup Service Details window, enter the Lookup Service Address.
      Pressing Tab autocompletes the vCenter Server Lookup service address to https://Lookup-Service-IP-Address:443/lookupservice/sdk.
    3. Click Apply.
    4. Verify the thumbprint and accept the certificate of the vCenter Server Lookup service.
  5. Log in to the management interface of the Cloud Director Replication Management Appliance.
    1. In a Web browser, go to https://Appliance-IP-Address/ui/admin.
    2. Select Appliance login or SSO login and enter the root or the single sign-on user credentials.
    3. Click Login.
  6. Enable tunneling to the new Tunnel Appliance instance.
    1. In the left pane under Configuration, click Settings.
    2. Under Tunnel settings, next to Primary Tunnel Service address click Edit.
    3. In the Tunnel Service Settings window, enter the root user password.
      The Appliance user is already set to root.
    4. Click Apply.
    5. Verify the thumbprint and accept the certificate of the new Tunnel Service instance.

Results

The new Tunnel Appliance starts tunneling for the VMware Cloud Director Availability services communication.

  • For the paired cloud sites, you do not need to perform additional operations. In a few minutes, the pairing reports a green status and the replications proceed according to their RPO.
  • For the paired on-premises sites, the Cloud Service reports a red status for all the pairings incoming from on-premises and outgoing to on-premises. The paired On-Premises to Cloud Director Replication Appliance instances continue to report a green status for pairing to cloud and the replications from on-premises to cloud proceed according to their RPO. To restore the replications from cloud to on-premises, you can restart the On-Premises to Cloud Director Replication Appliance instances or you can repair all on-premises sites with the cloud site.

What to do next

You can verify that all services are running correctly. For more information, see Verify uptime and local and remote connectivity in the Cloud site.