Implementation of Site Protection and Disaster Recovery for VMware Cloud Foundation

To provide site protection and disaster recovery of management components within VMware Cloud Foundation, you deploy Site Recovery Manager and vSphere Replication. Then, you configure replication and a recovery plan.

To implement and configure site protection and disaster recovery for the management applications of the SDDC, two alternative methods exist: by using the user interface of each component in the solution or by using PowerShell cmdlets. You can directly reuse the PowerShell commands by replacing the provided sample values with values from your VMware Cloud Foundation Planning and Preparation Workbook.

You implement disaster recovery for the clustered Workspace ONE Access instance, vRealize Automation, vRealize Suite Lifecycle Manager, and vRealize Operations Manager. Before you implement the Site Protection and Disaster Recovery for VMware Cloud Foundation validated solution, your environment must meet certain requirements for deployment and networking.

When you prepare for disaster recovery, you must determine which of your two VMware Cloud Foundation instances functions as the protected site and which one as the recovery site.

The protected site hosts the business-critical SDDC services and the vRealize products, including vRealize Operations Manager, vRealize Suite Lifecycle Manager and vRealize Automation, along with the clustered Workspace ONE Access instance, with failover that is activated in the event of a disaster.

The recovery site is an alternative location to which these vRealize applications migrate to in the event of a disaster.

In this guide, the protected site is referred to as the protected VMware Cloud Foundation instance and the recovery site is referred to as the recovery VMware Cloud Foundation instance.

Prerequisites

To complete the implementation of Site Protection and Disaster Recovery for VMware Cloud Foundation validated solution, verify that your system fulfills the following prerequisites.

Table 1. Prerequisites for Implementation of Site Protection and Disaster Recovery for VMware Cloud Foundation
Category	Prerequisite
Environment	Verify that your VMware Cloud Foundation version is listed in the Support Matrix for this solution. Verify that you configure your environment according to Before You Apply This Guidance. Verify that you capture all parameters for the Site Protection and Disaster Recovery tab of the VMware Cloud Foundation Planning and Preparation Workbook. Verify that your VMware Cloud Foundation instance is healthy and fully operational.
Network	Verify that you have NSX overlay-backed segments in place for the vRealize Suite of products. Verify that your VMware Cloud Foundation instances have connectivity between each other and that the connection supports jumbo frames and Layer 3 routing. Verify that you configure NSX Federation between the protected and recovery VMware Cloud Foundation instances. See Working with NSX Federation in VMware Cloud Foundation Verify that all uplinks, port channels, and VLANs that carry overlay and vSphere Replication traffic are configured for jumbo frames. Verify that your environment supports the maximum supported latency between VMware Cloud Foundation instances, which is 150 ms. Verify that there is sufficient bandwidth available for replication traffic. See the vSphere Replication Calculator at http://www.vmware.com/vrcalculator.
Software	Download the Site Recovery Manager .iso image and mount it on the machine that you use to access the vSphere Client. Download the vSphere Replication .iso image and mount it on the machine that you use to access the vSphere Client.
License	Verify that you have obtained a Site Recovery Manager license with a quantity that fulfills the requirements of your design.
Active Directory	Verify that Active Directory Domain Controllers are available in the environment. Verify that the required service accounts are created in Active Directory. Verify that the required security groups are created in Active Directory.
Certificate Authority	Verify that a Microsoft Certificate Authority is available for the environment. Verify that you download the CertGenVVS utility and it is available for generating certificates. See Certificate Generation Utility for VMware Validated Solutions

If you want to use the infrastructure-as-code method for the implementation and configuration of the Site Protection and Disaster Recovery for VMware Cloud Foundation validated solution, verify that your system fulfills the following prerequisites.

Table 2. Prerequisites for CLI Implementation of Site Protection and Disaster Recovery for VMware Cloud Foundation
CLI Method	Prerequisite
PowerShell	Verify that your system has Microsoft PowerShell 5.1 installed. See Microsoft PowerShell. Verify that your system has VMware OVF Tool version 4.3.0 or higher installed to the default path (C:\Program Files\VMware\VMware OVF Tool\). Verify that your system has OpenSSL version 1.0.2g or higher installed and added to the Windows PATH system variable. Install the PowerValidatedSolutions PowerShell module together with the supporting modules from the PowerShell Gallery by running the following commands. Install-Module -Name VMware.PowerCLI -MinimumVersion 12.7.0 Install-Module -Name VMware.vSphere.SsoAdmin -MinimumVersion 1.3.8 Install-Module -Name ImportExcel -MinimumVersion 7.1.1 Install-Module -Name PowerVCF -MinimumVersion 2.2.0 Install-Module -Name PowerValidatedSolutions -MinimumVersion 2.0.0 Import the PowerValidatedSolutions and the PowerCLI PowerShell modules by running the following commands. Import-Module -Name VMware.PowerCLI -MinimumVersion 12.7.0 Import-Module -Name PowerValidatedSolutions -MinimumVersion 2.0.0