To protect or migrate vSphere workloads between two vCenter Server sites, deploy two VMware Cloud Director Availability appliances, in each respective vCenter Server instance. Before installing each appliance, verify that each site meets the deployment requirements. Also, allow the network communication within the site and between the sites.
- vSphere DR and migration
- Between two vCenter Server instances, any user that is a member of ADMINISTRATORS, or VRADMINISTRATORS, or VRUSERS can protect or migrate vSphere workloads after pairing the following VMware Cloud Director Availability appliances in each site, deployed and configured by a user member of ADMINISTRATORS. Configuring the appliances with the local vCenter Server Lookup service creates the groups VRADMINISTRATORS and VRUSERS in the local vCenter Server instance.
Appliances Deployment
- To replicate workloads between provider vCenter Server and tenant vCenter Server, deploy and configure the following appliances, then pair them.
- vCenter Replication Management Appliance
-
In the provider
vCenter Server instance, as a
vSphere
administrator user deploy, license, and configure a
vCenter Replication Management Appliance, then add it for metering in VMware vCloud
® Usage Meter.
Optionally, after configuring the vCenter Replication Management Appliance, the provider can add one or more Replicator Appliance instances for scaling the replication performance.
- On-Premises to Cloud vCenter Replication Appliance
- In the tenant vCenter Server instance, as a vSphere administrator user, only deploy and configure an On-Premises to Cloud vCenter Replication Appliance.
- For information about deploying both appliances in each vCenter Server instance, see Deploy both appliances for vSphere DR and migration.
- For information about licensing, configuring, metering, and pairing the appliances, see Configure and pair both appliances for vSphere DR and migration.
- Alternatively, to replicate workloads between provider vCenter Server instances, deploy, license, and configure a vCenter Replication Management Appliance in each provider vCenter Server instance. Then add the appliances for metering in vCloud Usage Meter. Finally, pair both appliances, similarly to the example for pairing a tenant and a provider instance.
Optionally, after configuring the appliances, the provider can add one or more Replicator Appliance instances in each provider site for scaling the replication performance.
The following architecture diagram shows an On-Premises to Cloud vCenter Replication Appliance, a vCenter Replication Management Appliance, and optionally, one or more Replicator Appliance instances, deployed in each respective vCenter Server instance.
Network Requirements
The following diagram shows the network connections and the required network ports for the communication between the vCenter Replication Management Appliance, the On-Premises to Cloud vCenter Replication Appliance, and the disaster recovery infrastructure.
Pairing Prerequisites | Private Network Pairing | Public Network Pairing |
---|---|---|
Destination Network Address Translation (DNAT) | Do not configure DNAT rules. | First, configure a DNAT rule for translating the public Service-Endpoint-IP-address:443 to the private Appliance-IP-address:8048 |
In the New Pairing window enter: | For Service Endpoint, enter Appliance-IP-adress:8048. | For Service Endpoint, enter the public Service-Endpoint-IP-address:443. |
Connectivity Requirements
VMware Cloud Director Availability does not support any TLS terminating products or solutions placed between the appliances, for example, HAProxy, Nginx, Fortinet, and others. If such tools are in place, they must be configured in pass-thru mode, also known as TCP mode, to prevent from interfering with the TLS traffic of VMware Cloud Director Availability.
Hardware Requirements
- 8 vCPUs
- 8 GB RAM
- 10 GB Storage
- vCenter Replication Management Appliance and for Replicator Appliance
- On-Premises to Cloud vCenter Replication Appliance
Deployment Requirements
- Dedicated ESXi replication VMkernel interfaces
-
For production sites, to isolate the replication data traffic in the
ESXi hosts, dedicate a VMkernel interface for that. By default,
ESXi handles the replication data traffic through its management VMkernel interface. Since one VMkernel adapter must handle one traffic type, separate the management traffic from the replication traffic by creating a dedicated replication VMkernel interface.
In every ESXi host that is used as a replication source or as a replication destination, when creating a VMkernel interface dedicated for the replication traffic, use the following tags:
- For replication sources, to configure each ESXi host for the outgoing replication traffic, select vSphere Replication. For more information, see Set Up a VMkernel Adapter for vSphere Replication Traffic on a Source Host in the vSphere Replication documentation.
- For replication destinations, to configure each ESXi host for the incoming replication traffic, select vSphere Replication NFC.
To keep the replication traffic between the ESXi hosts and the appliance instances in the same broadcast domain, configure the dedicated replication VMkernel interface in its own IP subnet and connect each appliance instance to the same virtual port group. As a result, the uncompressed replication traffic avoids crossing a router and saves network bandwidth.