In vCloud Availability Cloud-to-Cloud DR 3.0, You install all vCloud Availability for Cloud-to-Cloud DR services by leveraging a single installation OVA package.
In a testing environment, you can choose the “Combined Appliance” deployment type to install all the vCAV 3.0 components in a single VM, but in a production environment, best practice is to install those components separately as illustrated in the following diagram, in the right-hand side, we can install three different VMs all from the same cloud OVA file but to choose different configuration type.
Hardware requirements for different type of components are as below.
vCloud Availability Services Endpoints
This blog is to walk you through the installation and configuration of vCAV 3.0 C2C DR for the cloud side (usually this is in service provider data center with vCloud Director environment).
Before you get started, you need to check the certificate information of your vCloud Director by following the steps described here if you have configured your Load Balancer VIP for vCloud Director public access. (this is from the previous version of vCloud Availability KB, but I found it’s still relevant to 3.0)
You can download the ova here.
Before the installation, you need to meet some requirements list here.
Install Cloud Replication Manager
The “Cloud Replication Management” deployment type will include three vCAV components: Replication Manager, vApp Replication Manager and the Portal.
Normally the Photon VM can not be Ping’ed, you may want to temporary enable the icmp response for a quick network connectivity check.
Configure vCloud Availability Replication Manager
in my case, I have “vcavcrmb” installed as my Replication Manager, so just login to https://vcavcrmb.corp.local:8441/ui/admin
enter the Lookup Service address
Accept the server certificate
Configure vCloud Availability Replication Manager
The vApp Replication Manager is running in the same machine as the Replication Manager, so just login to https://vcavcrmb.corp.local/ui/admin
Click “Run initial setup wizard”
Enter a Site Name and optionally enter a Site Description, and click Next
input lookup service info and input vCD info.
After click “Finish”, system will process and bring back the vCAV Provider portal UI, you can login by using vCD user credentials.
We will use the Tunnel VM to send and receive all the traffic from/to any sites in order to enhance the security and reduce the complexity of opening too many network ports between sites.
login to the Tunnel UI as root and go to the Configuration screen, in my case,
Click the Edit button on the Public API Endpoint. Provide the URL on which the tunnel will be accessible from the remote peer sites, in my case, https://192.168.210.92:8048
Edit the lookup service address
Enable the tunneling service for vCloud Availability communication:
Click the “Edit” button on the Public API Endpoint. Provide the Tunnel URL, https://192.168.210.92:8048. (normally, this VM will sit behind the firewall, we use NAT for 443 to 8048, but here my lab is direct connect, so just use the 8048)
Click Edit on the “Tunnel address”,select the checkbox “Enable tunneling for vCloud Availability communication”, provide the IP of the tunnel service and hit tab to autocomplete the URL.
Accept certificate and go to “System Monitoring” screen and click the Restart Service button, re-login to check the status again.
Configure vCloud Availability Replicator
(you can also perform this step before configuring the Tunneling service)
go to https://Appliance-IP-address:8044/ui/admin, in my case:
We can see the Replicator’s connectivity status is OK
Also we can see from the Replicator side (192.168.210.66), it has the connectivity of Replication Manager (192.168.210.65).
From the Provider Portal, we can check the overall components system healthy status.
Then we need to add new Policy and assign Policy to tenant (Organization).
Assign Policy to tenant.
Now we have successfully setup the vCloud Availability 3.0 cloud side, it’s quite straight forward and very easy to setup. Next we will need to have our remote site setup, it can be another Cloud side setup or SP tenant’s on-premise setup, I’ll introduce this in my next blog.
- Please always check the VMware official documentation for detail steps required during the configuration processes.
If your ESXi hosts have more than one NIC, make sure that vSphere Replication NFC Traffic is enabled. This setting is required for routing the replication traffic. If vSphere Replication NFC Traffic is not enabled, you might get timeout errors during the replication setup or reconfiguration.
You deploy a vCloud Availability vApp Replication Manager in two sites, for example site1 and site2. Each of the sites consists of a vCloud Director installation, for example vCD and a resource vCenter Server with at least one ESXi host.
The vCloud Availability for Cloud-to-Cloud DR services perform a host name certificate verification. Therefore, it is expected that the CommonName or at least one of the entries in the Subject Alternative Name of the vCloud Director certificate matches the vCloud Director address (FQDN or IP) that is used during vCloud Director registration.
When service providers include the vCloud Availability on-premises deployment architecture, it requires vCloud Availability Tunnel service. To deploy the tunneling service, service providers must restart all vCloud Availability services to enable them to work with the tunneling agent.
- Please visit here for firewall rules which are needed to open.