VMware VCF multi-site architectures, workload mobility, and disaster recovery strategies

-

VMware VCF multi-site architectures, workload mobility, and disaster recovery strategies.

 

VMware Cloud Foundation (VCF) provides robust solutions for multi-site architectures, workload mobility, and disaster recovery. Key strategies involve using vSAN Stretched Clusters for high availability within a region, NSX Federation for cross-site networking, and dedicated disaster recovery solutions like VMware Site Recovery Manager (SRM) or VMware Cloud Disaster Recovery (vCDR) for failover between different regions or sites. 

Multi-Site Architecture Design and Implementation

Designing a VCF multi-site architecture involves careful planning of the management and workload domains across different physical locations. 

  • Availability Zones and Regions: VCF architecture formalizes the concept of a "site" or "availability zone" (AZ). A region typically contains multiple AZs.
  • Stretched Clusters: For active-active availability and zero Recovery Point Objective (RPO) within a single region across two AZs, a vSAN stretched cluster is used.
    • Implementation: This requires low-latency (around 5ms RTT) and high-bandwidth (10 Gb/s or greater) connectivity between the AZs. A third availability zone is required to host a vSAN Witness appliance, which acts as a tie-breaker in split-brain scenarios.
    • Benefits: Ensures resilience to a full AZ failure, with vSphere HA automatically restarting VMs on the surviving AZ, providing up to 99.99% availability for the infrastructure.
  • NSX Federation: This is crucial for managing network and security services across multiple locations from a single pane of glass (Global Manager).
    • Implementation: Deploy Global Manager nodes and configure Local Managers in each VCF instance. This enables stretching network segments (Layer 2 extension) and Tier-1 gateways between sites, facilitating seamless workload mobility and consistent security policies. 

Workload Mobility Strategies

Workload mobility in VCF allows virtual machines to move between sites with minimal or no downtime, crucial for maintenance, load balancing, and disaster avoidance. 

  • vMotion within Stretched Clusters: With stretched clusters and stretched Layer 2 networks (via NSX Federation), live vMotion of workloads between the AZs is possible without changing IP addresses.
  • Cross-vCenter Mobility: For moving workloads between different VCF instances (regions) that are not in a stretched cluster configuration, cross-vCenter vMotion can be used, provided the networks are appropriately configured and connected.
  • Layer 2 Extension: NSX plays a key role in extending Layer 2 networks between data centers or AZs, which is essential for seamless mobility without requiring IP re-addressing. 

Disaster Recovery Strategies

Disaster recovery (DR) in VCF focuses on restoring services after a major event impacting an entire site or region, focusing on RPO and Recovery Time Objective (RTO). 

  • VMware Site Recovery Manager (SRM): SRM is a traditional solution used for automated orchestration and testing of failover and failback processes between two distinct VCF sites.
    • Implementation: Requires a paired recovery site, vSphere Replication or array-based replication for data synchronization, and the creation of recovery plans that define boot orders, IP customization, and testing procedures.
  • VMware Cloud Disaster Recovery (vCDR): This is an on-demand DR-as-a-Service (DRaaS) solution that uses a cloud-based orchestrator and target infrastructure in a public cloud (e.g., VMware Cloud on AWS).
    • Implementation: Data is replicated to cost-effective cloud storage. In a disaster, VMs are "live-mounted" and powered on in the cloud SDDC. It simplifies DR testing and reduces costs compared to maintaining a dedicated, idle physical recovery site.
  • Backup and Restore: While primarily a data protection strategy, robust backup solutions (like Veeam) that are integrated with VCF can serve as a long-term DR plan for less critical workloads, with higher RTOs and RPOs. 

Key Design Considerations:

  • Define clear RTOs and RPOs based on business requirements for different application tiers.
  • Ensure proper network connectivity and latency requirements are met, especially for synchronous replication in stretched clusters.
  • Regularly test and update the DR plans to ensure they remain effective and aligned with business needs. 

  

Comments

Post a Comment

Popular posts from this blog

New install of ESXi 6.5 creates VMFS5 datastore instead of VMFS6 !!

-
New install of ESXi 6.5 creates VMFS5 datastore instead of VMFS6 !! To upgrade the ESX boot datastore to VMFS 6 version, please follow below steps !! 1. Note down the NAA ID of the data store. 2. Put ESX host into maintenance mode. 3. Unmount the data store from ESX host. 4. Delete the data store from ESX host.. 5. Go to ESX host and choose New Datastore option and re-add the same data store.  6.Choose type VMFS, give name, choose VMFS 6 version this time and finish the wizard. 7. Successfully upgrade the data store to VMFS 6.
Read more

LDAPs configuration for vCenter Server.

-
Image
Hello there !! I am covering this post for the configuration of LDAPS authentication for vCenter server or Platform Service controller in case of external PSC deployment. Before doing this, let me give you an important update that Microsoft gave advisory that everyone needs to enable the LDAP binding and signing at Active Directory domain controllers for secure LDAP authentication. Below are some KB articles for how to enable LDAP binding and signing at AD level. ·          KB4520412:  2020 LDAP channel binding and LDAP signing requirement for Windows ·          KB4034879:  LDAP channel binding ·          KB935834:  LDAP signing This LDAP change will affect all applications which are using LDAP authentication with AD.  So. Lets begin to change the LDAP configuration on vCenter Server 6.7 in my case here. Step...
Read more

How to setup Cron jobs in ESXi host.

-
Image
 Hi Everyone, This post covers, how to run or schedule a Cron job in ESXi hosts.  However, ESXi does not need to run a cron job, i never seen the cron job uses on ESXi platform as it is heavily use on Linux and Unix systems to automate the scripts. But, few days back, i was getting struggled to one of my ESXi 6.5 host which is getting disconnected from vcenter in every 4-5 hours. It is also stopped to pinging as well. I have to restart the management agents to take back on the network via DCUI. I tried to get the logs but didn't find the actual root cause of this issue. I didn't spend too much time to find the issue as well since it is a developement host running as a standalone. I was thinking to rebuild it as well but several VMs running on this host and since it is development host, so we have a single logical volume which consists ESX footprint as well as VMs footprint. So, i can't rebuild it anymore. Now, I don't want to leave it as it is as well because the Develo...
Read more