Use a checklist to verify that you have fulfilled all the requirements to initiate disaster recovery or planned migration of the SDDC management applications and to complete the configuration of these applications.

Table 1. Checklist for Failover and Failback in an SDDC
Checklist Tasks
Activation and Assessment
  • Verify that the disaster failover or failback is required:
    • For example, an application failure might not be a cause for a failover or failback, while an extended region outage is a valid cause.
  • Plan for business continuity events such as scheduled building maintenance or the probability of a natural disaster.
  • Submit the required documentation for approval to the following roles:
    • IT management staff
    • CTO
    • Business users
    • Other stakeholders
Activation Logistics
  • Verify that all the required facilities and personnel are available for the complete duration of the disaster recovery process.
  • Verify that Site Recovery Manager is available in the recovery region.
  • Verify the replication status of the applications.
  • Verify the state of the NSX Edge nodes in the recovery region:
    • Verify that the NSX Edge nodes are available.
    • Verify that the IP addresses for the VXLAN backed networks are correct.
    • Verify that the application load balancer on the NSX Edge node is correctly configured according to the design.
    • Verify that the firewall on the NSX Edge node is correctly configured according to the design.
Communication, Initiation, and Failover or Failback Validation
  • In case of a planned migration:
    • Notify all stakeholders for the planned outage and the expected duration of the maintenance window.
    • At the scheduled time, initiate the failover or failback process.
  • In case of a failover or failback for disaster recovery:
    • Before initiating a failover or a failback, notify all stakeholders for the event.
  • After completing a failover or a failback:
    • Test applications availability.
    • Notify all stakeholders for the completed event.
Multiple Availability Zones If your environment consists of multiple availability zones, perform additional configuration for failback for disaster recovery:
  • In case of failback for disaster recovery in which Region B remains unavailable, the vSAN witness appliance is not available too. As a result, you might be unable to provision the vRealize Suite virtual machines in Region A according to the active vSAN storage policy. To enable the recovery of the vRealize Suite virtual machines, turn on the force-provisioning option in the storage policy.

  • In case of a planned migration in which Region A and Region B are still operational, the vSAN witness appliance is available and the active storage policy is satisfied.
Configuration After Failover or Failback In case of disaster recovery failover or failback, perform additional configuration:
  • Configure the NSX Controllers and the UDLR control VM to forward events to vRealize Log Insight in the recovery region.
  • Redirect the log data from the failed over or failed back applications to vRealize Log Insight in the recovery region.
  • Complete a post-recovery assessment:
    • Note which items worked and which did not work, and identify improvements that you can include in the recovery plan.