Configuring and Using Site Recovery Manager for VMware Identity Manager

You must configure Site Recovery Manager to protect your VMware Identity Manager deployment. Secure this protection by properly installing and configuring Site Recovery Manager.

Prepare the Environment

Before you configure Site Recovery Manager, set up the proper environment.

Confirm that your deployment meets the following prerequisites at each site.

Configure ESXi 6.7 u2 or later on the protected and recovery sites.
Update VMware Tools to the latest version.
Install Site Recovery Manager 8.1 or later on each ESXi host.
For Site Recovery Manager installation instructions, see the respective version of Site Recovery Manager Installation and Configuration.
Verify that the protected and recovery sites are connected over the same VLAN, Layer 2 over Layer 3, or stretched VLAN.
For VMware Identity Manager 19.03 only, perform the steps in the following VMware Knowledge Base article, https://kb.vmware.com/s/article/74709, to improve Elasticsearch full cluster restart.
Verify that you have successfully deployed VMware Identity Manager on the protected site.

Table 1. Disaster Recovery Components Per Site
Site A - Protected	Site B - Recovery
vCenter Server 1	vCenter Server 2
vSphere Replication 1 or array-based replication 1	vSphere Replication 2 or array-based replication 2
Site Recovery Manager 1	Site Recovery Manager 2

Configure VMware Identity Manager at Each Site

Install and configure VMware Identity Manager. To provide high availability within the data center, use multiple VMware Identity Manager service nodes. Three service nodes is a common deployment. However, you can configure a single service node for small, non-mission critical deployments. You deploy the components at the protected site and replicate the deployment to the recovery site.

The following example is of a deployment with three-service nodes, two external connectors, and an external database.

Architecture of disaster recovery with VMware Site Recovery Manager

Table 2. Typical VMware Identity Manager Cluster Deployment at Protected Site
Site A - Protected Site VMware Identity Manager Deployment
External Database
Service Node 1
Service Node 2
Service Node 3
Connector 1
Connector 2

If you are using the SQL Server Always On capability, you do not need to protect SQL using Site Recovery Manager, which reduces the Site Recovery Manager protection groups to only VMware Identity Manager virtual machines.

Key tasks you must perform to configure and use Site Recovery Manager for VMware Identity Manager include the following.

Configure a replication-technology type, vSphere Replication or array-based replication. See the appropriate documentation, such as Site Recovery Manager Administration and, if you use vSphere Replication, also see VMware vSphere Replication Administration.
Create protection groups. See the appropriate documentation, such as Site Recovery Manager Administration, specifically information about creating and managing protection groups based on the replication technology type you use.
Create and edit a recovery plan. See both the Site Recovery Manager Administration guide and the topics that follow in this guide about creating and editing a recovery plan.
Test and Run a Recovery Plan. See both the Test and Run a Recovery Plan topic and the Site Recovery Manager Administration guide.
Perform a Failback. See both the Perform a Failback After a Disaster Recovery or Planned Migration topic and the Site Recovery Manager Administration guide.