Protecting critical workloads depends on your organization's business requirements. The operational guidance provided in this section aims to provide the framework for a runbook of tasks which can be performed repeatedly based on your organization's needs.

Create Virtual Machine and Template Folder for Folder Mappings for Cloud-Based Workload Protection for VMware Cloud Foundation

Create virtual machine folders in the recovery SDDC for your critical workloads. You later configure folder mappings in VMware Live Cyber Recovery between the protected and the recovery instances.

Procedure

  1. Log in to the VMware Cloud Services console at https://console.cloud.vmware.com/ with a user assigned the VMware Cloud on AWS Administrator and VMware Live Cyber Recovery Protection Admin roles.
  2. On the Services page, locate the VMware Live Recovery tile, and click Launch service.
  3. On the VMware Live Recovery page, for the region where the service is enabled, click Manage region.
  4. On the VMware Live Cyber Recovery page, in the left navigation pane, click Recovery SDDCs to expand the list.

  5. Select the name of your recovery SDDC.

  6. On the Recovery SDDCs page, click Open vCenter.

  7. In the Open vCenter dialog box, copy the [email protected] password and click Open vCenter.

  8. On the Getting Started page, click Launch vSphere client.

  9. Log in to the recovery SDDC vCenter Server with the default [email protected] user.

  10. From the vSphere Client Menu, select Inventory.

  11. In the VMs and templates inventory, expand the vCenter Server tree, right-click the data center, and select New folder > New VM and template folder.

  12. In the New folder dialog box, enter the folder name, and click OK.

Create Resource Pool for Compute Resource Mappings for Cloud-Based Workload Protection for VMware Cloud Foundation

Create resource pools in the recovery SDDC for your critical workloads. You later configure compute resource mappings in VMware Live Cyber Recovery between the protected and recovery instances.

Procedure

  1. Log in to the VMware Cloud Services console at https://console.cloud.vmware.com/ with a user assigned the VMware Cloud on AWS Administrator and VMware Live Cyber Recovery Protection Admin roles.
  2. On the Services page, locate the VMware Live Recovery tile, and click Launch service.
  3. On the VMware Live Recovery page, for the region where the service is enabled, click Manage region.
  4. On the VMware Live Cyber Recovery page, in the left navigation pane, click Recovery SDDCs to expand the list.

  5. Select the name of your recovery SDDC.

  6. On the Recovery SDDCs page, click Open vCenter.

  7. In the Open vCenter dialog box, copy the [email protected] password and click Open vCenter.

  8. On the Getting Started page, click Launch vSphere client.

  9. Log in to the recovery SDDC vCenter Server with the default [email protected] user.

  10. From the vSphere Client Menu, select Inventory.

  11. In the Hosts and clusters inventory, expand the vCenter Server tree, right-click the cluster, and select New resource pool.

  12. In the New resource pool dialog box, enter the resource pool name, and click OK.

Extend Networks for Cloud-Based Workload Protection for VMware Cloud Foundation

Extend networks in the recovery SDDC for your critical workloads using VMware HCX. You later configure virtual network mappings in VMware Live Cyber Recovery between the protected and the recovery instances.

Procedure

  1. Log in to the VI workload domain vCenter Server at https://<vi_workload_domain_vcenter_server_fqdn>/ui by using an account with Administrator privileges.

  2. From the vSphere Client Menu, select HCX.

  3. In the left pane, click Services > Network extension

  4. On the Network extension page, click Create a network extension.

  5. On the Extend networks page, select the network you want to extend and click Next.

  6. From the Destination first hop router drop-down menu, select Compute gateway.

  7. In the Source network to extend section, under Gateway IP address / Prefix length, enter the gateway IP address and the subnet length, and click Submit.

  8. Repeat this procedure for each network you want to extend into the recovery SDDC.

Create a Protection Group for Critical Workloads with Cloud-Based Workload Protection for VMware Cloud Foundation

Create a protection group in VMware Live Cyber Recovery for recurring VM snapshots and replicate them to a cloud file system, so you can later use the snapshots for disaster recovery.

Procedure

  1. Log in to the VMware Cloud Services console at https://console.cloud.vmware.com/ with a user assigned the VMware Live Cyber Recovery Protection Admin role.
  2. On the Services page, locate the VMware Live Recovery tile, and click Launch service.
  3. On the VMware Live Recovery page, for the region where the service is enabled, click Manage region.
  4. On the VMware Live Cyber Recovery page, in the left navigation pane, click Protection groups.

  5. On the Protection groups page, click Create protection group.

  6. In the Create protection group for site dialog box, on the General page, configure the values according to your requirements and click Next.

  7. On the Protection schedules page, configure the values according to your requirements and click Finish.

Create a Recovery Plan for Critical Workloads with Cloud-Based Workload Protection for VMware Cloud Foundation

After you configure a protection group, you create a recovery plan in VMware Live Cyber Recovery to define the configuration and the orchestration steps required for successful disaster recovery.

Procedure

  1. Log in to the VMware Cloud Services console at https://console.cloud.vmware.com/ with a user assigned the VMware Live Cyber Recovery Protection Admin role.
  2. On the Services page, locate the VMware Live Recovery tile, and click Launch service.
  3. On the VMware Live Recovery page, for the region where the service is enabled, click Manage region.

  4. On the VMware Live Cyber Recovery page, in the left navigation pane, click Recovery plans.

  5. Click Create plan.

  6. In the Create plan dialog box, on the General page, configure the values according to your requirements and click Next.

  7. On the Sites page, configure the values according to your requirements and click Next.

  8. On the Groups page, select the protection groups to include as part of the recovery plan, and click Next.

  9. On the vCenters page, click Next.

  10. Map the vCenter Server folders from the protected site to the recovery site.
    1. On the vCenter folders page, click Map folders.

    2. In the vCenter folder mappings dialog box, select the folders for the protected and the recovery sites, click Add, and click OK.

    3. On the vCenter folders page, click Next.

  11. Define which vCenter Server compute resources are used for failover.
    1. On the Compute resources page, click Map compute resources.

    2. In the vCenter compute resource mappings dialog box, select the clusters for the protected and the recovery sites, and click Add.

    3. In the vCenter compute resource mappings dialog box, select the resource pools for the protected and the recovery sites, click Add, and click OK.

    4. On the Compute resources page, click Next.

  12. Run a test on virtual network mapping.

    1. On the Virtual networks page, click the Test Mapping tab, and click Map virtual networks.

    2. In the vCenter virtual network mappings dialog box, select the networks for the protected and the recovery sites, click Add, and click OK.

    3. On the Virtual networks page, click Next.
  13. Map protected site networks to networks on the recovery site.

    1. On the Virtual networks page, click Map virtual networks.

    2. In the vCenter virtual network mappings dialog box, select the networks for the protected and the recovery sites, click Add, and click OK.

    3. On the Virtual networks page, click the Test Mapping tab, and click Map vitual networks.

    4. In the vCenter virtual network mappings dialog box, configure the values according to your requirement, click Add, and click OK.

    5. On the Virtual networks page, click Next.

  14. On the IP addresses page, configure the values according to your requirements and click Next.

  15. On the Script VM page, configure the values according to your requirements and click Next.

  16. On the Recovery steps page, configure the values according to your requirements and click Next.

  17. On the Ransomware page, click Next.

  18. On the Alerts page, configure the values according to your requirements and click Finish.

  19. Click the Recovery plan you created.

  20. On the recovery plan page, in the Continuous compliance tile, click the refresh icon to perform a compliance check and verify the check is successful.

  21. Click Show to view the report and, if the compliance check detects any failure, remediate the issues.

Perform a Recovery Plan Test for Critical Workloads with Cloud-Based Workload Protection for VMware Cloud Foundation

After you create a recovery plan and assign protection groups in VMware Live Cyber Recovery, you must perform a recovery plan test to ensure that everything is configured correctly.

Procedure

  1. Log in to the VMware Cloud Services console at https://console.cloud.vmware.com/ with a user assigned the VMware Live Cyber Recovery Protection Admin role.
  2. On the Services page, locate the VMware Live Recovery tile, and click Launch service.
  3. On the VMware Live Recovery page, for the region where the service is enabled, click Manage region.

  4. On the VMware Live Cyber Recovery page, in the left navigation pane, click Recovery plans.

  5. Click the recovery plan you want to test.

  6. Perform a recovery plan test.

    1. Click DR failover test.

    2. In the Test plan dialog box, on the Snapshots page, keep the latest snapshot and click Next.

    3. On the Runtime settings page, select Stop on every error and click Next.

    4. On the VM storage page, select Run VMs live on cloud file system, and click Next.

    5. On the Preview page, review the steps and click Next.

    6. On the Confirmation page, enter TEST PLAN in the text box and click Run test.

    7. Monitor the progress of the recovery plan test.

  7. Clean up the recovery plan test.

    1. On the recovery plan page, click Clean up.

    2. In the Clean up dialog box, enter CLEAN UP TEST in the text box and click Clean up.

    3. Refresh your browser.

    4. Once the test cleanup is complete, click Acknowledge.

    5. On the Acknowledge dialog box, enter test notes and click Acknowledge.

    6. Refresh your browser.