To reestablish the trust with a remote site, repair with the remote site by using the management interface of the appliance.

This procedure applies for the following appliance roles:
  • On-Premises to Cloud Director Replication Appliance, see step 2.
  • On-Premises to Cloud vCenter Replication Appliance, see step 3.
  • vCenter Replication Management Appliance, see step 3.

Prerequisites

Verify that for vSphere DR and migration, before re-pairing both sites are upgraded to version 4.5 or later.

Procedure

  1. Log in to the management interface of the VMware Cloud Director Availability appliance.
    1. In a Web browser, go to https://Appliance-IP-Address/ui/admin.
    2. Select Appliance login or SSO login and enter the root or the single sign-on user credentials.
    3. Click Login.
  2. To re-pair, depending on the appliance role and the remote site choose the appropriate repair method and complete the pairing step.
    • For vSphere DR and migration, to re-establish the trust between vCenter Server sites skip this step and complete step 3.
    • Alternatively, to re-establish the trust with a cloud site backed by VMware Cloud Director follow this step and skip step 3.
    1. In the left pane, click Settings.
    2. Under Site settings next to Pairing, click Repair then complete the Update Pairing wizard.
    3. On the Site Details page, verify this on-premises site name and description then click Next.
    4. On the Lookup Service page, enter the single sign-on user credentials for the local vCenter Server Lookup service in the on-premises site then click Next.
    5. On the Cloud Service Details page, configure the following details then click Next.
      Option Description
      Public Service Endpoint address

      Enter the address of the cloud site Public Service Endpoint:443 as given by the provider.
      Authorization type When using token authentication for VMware Cloud Director, select VCD API Token. Alternatively, when using local users in VMware Cloud Director, select VCD Local User (DEPRECIATED)
      In the Organization text box, enter the name of the organization. In the Organization Admin text box, enter the user name of a VMware Cloud Director organization administrator user. For example, enter admin1@org.
      In the VCD API Token text box, paste the token from VMware Cloud Director. Once used for pairing, the token is not stored and can be revoked at any time. For more information, see Generate an API access token for pairing from VMware Cloud Director. In the Organization Password text box, enter the password of the VMware Cloud Director organization administrator user.
      Allow access from Cloud
      Activated access from the cloud site:
      Allows privileged VMware Cloud Director users like the cloud provider and the organization administrators without authenticating to the on-premises site to perform operations from the VMware Cloud Director Availability Tenant Portal:
      • Browse and discover on-premises workloads to replicate them to the cloud site.
      • Reverse existing replications from the cloud site to the on-premises site.
      • Replicate cloud site workloads to the on-premises site.
      Deactivated cloud site access:
      • Configuring a new replication requires users to explicitly authenticate to the on-premises VMware Cloud Director Availability Tenant Portal.
      • Cannot reverse existing replications to the on-premises site.
      • Allows privileged VMware Cloud Director users to modify existing replications and perform migrate or failover.
      Allow log collection from Cloud
      • To simplify troubleshooting, activate log collection from the cloud site. This allows the cloud provider and the organization administrators without authenticating to each paired on-premises appliance to obtain its logs.
      • Leave cloud site log collection deactivated to require authenticating to the on-premises appliance management interface for downloading the on-premises appliance logs.
      If the cloud site does not use a valid CA-signed certificate, verify the thumbprint and accept the SSL certificate of the Public Service Endpoint.
    6. On the Ready to Complete page, optionally, reconfigure the on-premises local placement, and to complete the wizard click Finish.
      • You can use the existing placement of the on-premises replications by leaving the Configure local placement now toggle deactivated.
      • To reconfigure the cloud to on-premises placement, activate the Configure local placement now toggle then complete the Configure Placement wizard.
  3. Alternatively, to re-establish the trust with the remote vCenter Server site, complete this step.

    On-premises to provider pairing is managed only from the on-premises site.

    1. In the left pane, click Peer Sites.
    2. To re-pair, select the site and click Repair.
    3. In the Update Pairing window, depending on which appliance initiates the repair, enter the following pairing details then click Update.
      • As a tenant, initiate and complete the repair only from the On-Premises to Cloud vCenter Replication Appliance. The On-Premises to Cloud vCenter Replication Appliance does not require a publicly available address.
      Option Description
      Public Service Endpoint
      • Enter the address of the Public Service Endpoint:443 of the vCenter Replication Management Appliance of the provider.
      • Alternatively, enter port 8048 only when both appliances reside in the same network.
      SSO Username Enter the user name of the single-sign-on user from the provider site for the pairing. For example, enter [email protected].

      To pair the on-premises appliance with the provider site it is recommended to use a less-privileged user that belongs to the VRUSERS group in the provider site. Alternatively, you can still use a user member of the VRADMINISTRATORS or the ADMINISTRATORS groups in the provider site. For information about these groups, see Users Roles Rights and Sessions in the Security Guide.
      SSO Password Enter the password of the remote single-sign-on user in the provider site.
      Description Optionally, enter a description for this pair.
      • As a provider, when repairing vCenter Replication Management Appliance with vCenter Replication Management Appliance, initiate the pairing by entering:
      Option Description
      Public Service Endpoint
      • Enter the address of the vCenter Replication Management Appliance:443 in the remote cloud vCenter Server site.
      • Alternatively, enter port 8048 only when both appliances reside in the same network.
      Description Optionally, enter a description for this pair.
      When repairing two vCenter Replication Management Appliance instances, after initiating pairing from the local site, to complete the pairing log in the remote vCenter Replication Management Appliance and repeat this step to also repair the remote site with the local vCenter Replication Management Appliance.
    4. Verify the thumbprint and accept the SSL certificate of the remote appliance.
  4. Verify that the connectivity to the paired site is operational.
    1. In the left pane, click System Health.
    2. Verify that for the site you re-paired, Service connectivity shows a green OK status.

Results

The pairing between the local and the remote site is re-established.