Not Content: 2018 VMworld€¦ · •Software-Defined Data Center in AWS Cloud powered by VMware Cloud Foundation ... Protection Groups, and Recovery Plans 2018 Content: Not for publication

®

VMworld 2018 Content: Not for publication or distribution

2

™

®

Agenda

™


3

Who are we?

• Bhavin Shah– Technical Product Marketing Manager @ Lenovo

– VMware vExpert™ X 3

– AWS Certified Solutions Architect, SysOps Administrator and Developer Associate.

– Blog: https://datacenterrookie.wordpress.com

– Twitter: https://twitter.com/bhavin04890

• Mike McDermott– Senior Product Manager – VMware @ Lenovo

– Systems Engineer


https://datacenterrookie.wordpress.com/

https://twitter.com/bhavin04890

Disaster Recovery

4


5

Minor Operational Major

Challenges of Disaster Recovery– Lack of DR Expertise

– Reliance on sophisticated, complex technology

– Technology (and data) are deployed to more locations

– Building your own DR solution can be manual and complex

Disaster RecoveryDisaster Recovery (DR) is

about preparing for and

recovering from a disaster!


6

Metrics that Matter

• Recovery Point Objective(RPO): The acceptable amount of data loss measured in time.

• Recovery Time Objective(RTO): The time it takes after a disruption to restore a business process to its service level.

RPO RTO

Lost Data Lost Time

Objective Cost effective lowest RPO / RTOVMworld 2018 Content: Not for publication or distribution

7

Traditional DR Plan

• Primary Site – Routers

– Firewalls

– Network

– Hypervisor

– Servers

– SAN Fabric

– Primary Storage

– Backup

– Archive

• Secondary Site– Manual Update and Patching

– Idle Capacity ($$$)

+– Routers

– Firewalls

– Network

– Hypervisor

– Servers

– SAN Fabric

– Primary Storage

– Backup

– Archive

7


8

On-Demand DR Plan

• Secondary Site– VMware Cloud on

AWS®

– VMware Site Recovery Manager™

– On-Demand Scaling

– Automated Update and Patching

• Primary Site – Routers

– Firewalls

– Network

– Hypervisor

– Servers

– SAN Fabric

– Primary Storage

– Backup

– Archive

• Secondary Site– Manual Update and

Patching

– Idle Capacity ($$$)

+– Routers

– Firewalls

– Network

– Hypervisor

– Servers

– SAN Fabric

– Primary Storage

– Backup

– Archive

8


VMware Cloud® on AWS Architecture

9


10

VMware Cloud® on AWS

• Software-Defined Data Center in AWS Cloud powered by VMware Cloud Foundation™

– VMware vSphere®

– VMware vSAN™

– VMware NSX®

– vCenter Server®

• Running on elastic, bare-metal AWS Infrastructure

• 4 – 16 node configuration– Dual Socket with 18 cores running at 2.3GHz

– 512GB Memory

– Eight NVMe devices for a total of 10TB raw capacity

- Eight drives are distributed across two disk groups with one cache and three capacity drives per disk group.

– RAID 1 by default, but RAID 5 or RAID 6 possible for higher node counts

AWS cloud

ESXi

vSAN

NSX

AWS Infrastructure

vCenter

Server

NSX

Manager

Platform

Services

Controller

VM VM VM VM VM


11

VMware Cloud® on AWS Use Cases

VMware

vCenter®

Content Library

Enables effortless

distribution and

automatic

synchronization of

content – OVAs,

ISOs, etc.

Integration with

AWS services

VMC provides high

bandwidth, low

latency connectivity

to AWS services

like S3, EC2

Compliance

ISO 27001, ISO

27017, ISO 27018,

SOC 1(SSAE18 /

ISAE 3402), SOC 2,

SOC 3, and HIPAA,

and General Data

Protection

Regulation (GDPR)

VMware

vCenter®

Server Hybrid

Linked Mode

Single pane of glass

monitoring for

Hybrid Cloud

management

Workload

Mobility

Live Migration

between On-

Premises and VMC

using vMotion


12

High Level Architecture

Customer Datacenter VMware Cloud®

on AWS

VPN over Public Internet

Direct Connect

AND / OR

Lenovo ThinkAgile™ VX


13

VMware Cloud® on AWS Infrastructure

™

®

VMware Customer Cloud

Administrator


14

On-Premises Infrastructure

• Lenovo ThinkAgile™ VX3320 Appliance– Four ThinkAgile VX3320 Nodes

- VMware vSphere® 6.7

- VMware vSAN™ 6.7

- Lenovo XClarity® Integrator for VMware vCenter®

– VMware NSX® 6.4.1

– VMware vCenter® Server 6.7

– VMware Site Recovery Manager™ 8.1

– VMware vSphere Replication™ Service 8.1

ThinkAgile™ VX Cluster

Customer Datacenter


VMware Site Recovery

15


16

Add-On Feature to VMware Cloud® on

AWS

Built on VMware Site Recovery

Manager™, Native hypervisor-based

replication, VMware vSphere®

Replication.

Protection Configurations:

On-Premises datacenter VMware

Cloud on AWS SDDC

VMware Cloud on AWS SDDC On-

Premises datacenter

VMware Cloud on AWS SDDC

VMware Cloud on AWS SDDC

VMware Site Recovery


17

Features and Benefits

Easy to use DR /

Secondary Site

Application

Agnostic

protection

Low Recovery

times with single

click failover and

failback

Highly predictable

recovery

objectives

Centralized

management of

recovery plans


18

Supported Topologies

Failover scenarios based on customer requirements, constraints, and objectives

Active Production Site running

Applications

Secondary Site sitting idle until

needed for recovery

Active-Passive

Secondary Site running low-

priority test/dev workloads

usually powered off as part of

the recovery plan

Active-Active

Production Applications

operating on both sites

Supports protecting virtual

machines in both directions

Bi-Directional


19

VMware Site Recovery Use Cases

Disaster

Recovery

Unplanned

Failover

Most Critical, but least

frequently used

Disaster

Avoidance

Preventative

Failover

Graceful Shutdown of

VMs, Full Replication of

Data and ordered startup

ensuring app-consistency

and zero data loss

Upgrade

and Patch

Testing

Identical

Environment

Can use the secondary

environment with complete

copies of VMs to test new

updates or patches


20

VMs, Protection Groups & Recovery Plans

Virtual Machines can be a

part of one or more Protection

Groups

Virtual Machines part of the

same Protection Group are

recovered together

Recovery Plan can have one

or more Protection Groups.

Flexibility to test or recover an

individual or a group of appsVMworld 2018 Content: Not for publication or distribution

On-Prem Cloud built using ThinkAgile™ VX

21


22

Why VMware vSAN™ From Lenovo™

Faster access to the innovation, automation of vSAN running on the worlds most reliable hardware

Lower

Risk

Simple and easy installation

Latest innovations to power business

Performance and scalability


23

Building a Lenovo™ vSAN Solution with ThinkAgile

ThinkAgile™ VX

Appliance

ThinkAgile™ VX

Certified Node

XClarity® Management

VX Installer

ThinkAgile™ Advantage Support

Prequalified Components

Lifecycle Managed

Single Point of Contact


24

Reduce Customer Risk

Day 1Day 0Day 2

Easy to Order

No need to check HCL

Only certified firmware

No assembly required

Easy to Install

ThinkAgile™ VX installer

Standardized Deployments

Guaranteed firmware

compatibility

Easy to Manage

Utilize existing management tools

Best recipe firmware releases

Rolling firmware upgrades

With Lenovo ThinkAgile™ VX Appliances and Certified Nodes


Solution Deep Dive

25


26

Day 1Day 0Day 2

AWS cloud

S3 Buckets

Customer AWS environment

Alternate Reality


Customer Datacenter

AWS Storage

Gateway

Manual Deployment

and Management


27

Protected Site Configuration

Lenovo ThinkAgile™ VX

Infrastructure VMs User VMs


28

Recovery Site Configuration

Infrastructure VMs User VMs



29

Network Configuration

AWS cloud


Customer Datacenter

Workload Cluster

Management Cluster

Internet

Internet gateway

Internet

Gateway

CGW

MGW

IPsec VPN

NSX

Edge


®


30

Site Recovery Manager Configuration


31

Day 1Day 0Day 2

Configuration Steps

• Network Configuration– IPsec Tunnel between NSX Edge(On-Prem) to Management Gateway(VMC)

- Used to enable access to vCenter, VM Migrations, Content Libraries

– IPsec Tunnel between NSX Edge(On-Prem) to Compute Gateway(VMC)

- L2VPN used to extend layer 2 networks across the tunnel

- Used to deploy User Virtual Machines and assign public IP addresses

– Firewall Rules

- Ability to define Firewall Rules for both the Management and Compute Networks

• Site Recovery Manager Configuration – Configure the Firewall rules for SRM and vSphere Replication traffic

– Create Site Pair to connect your On-Prem SRM and VMC SRM

– Resource Mapping between the two sites

– Create Replications, Protection Groups, and Recovery PlansVMworld 2018 Content: Not for publication or distribution

32

Best Practices

Design Aspect Best Practices

Software Versions Check the VMware Compatibility matrices before installing the VMware components

Network Services All the components should point to the same DNS and NTP servers to avoid any

configuration drifts

Management Traffic Isolate the Management or System Traffic from the Virtual Machine Network Traffic.

Database Servers Use Separate Database Server instances for vCenter and Site Recovery Manager.

Network Configuration No asymmetric network configurations in your Datacenter.

VPN Tunnel Configuration If your NSX Edge appliance is behind a firewall, you must configure the following firewall

rules to forward IPsec VPN protocol traffic

UDP Port 500 to allow Internet Security Association and Key Management Protocol (ISAKMP) traffic to be

forwarded through the firewall

Set IP protocol ID 50 to allow IPsec Encapsulating Security Protocol (ESP) traffic to be forwarded through the

firewall

Set IP protocol ID 51 to allow Authentication Header (AH) traffic to be forwarded through the firewall

Site Recovery Manager

(SRM) Configuration

After creating the Site Pair between the SRM instances On-Prem and in VMC, create the

resource mapping such that you still have access to the VMC SRM instance and your

applications in case of a disaster.VMworld 2018 Content: Not for publication or distribution

Demonstration

33


34

Day 1Day 0Day 2

Resources

• Disaster Recovery Solution for Lenovo ThinkAgile VX with VMware Cloud on AWS: https://lenovopress.com/LP0947

• ThinkAgile™ VX: https://www.lenovo.com/us/en/data-center/software-defined-infrastructure/ThinkAgile-VX-Series/p/WMD00000340

• VMware Cloud® on AWS: https://docs.vmware.com/en/VMware-Cloud-on-AWS/index.html

• Lenovo Booth: 1326 – Solutions Exchange


https://lenovopress.com/LP0947

https://www.lenovo.com/us/en/data-center/software-defined-infrastructure/ThinkAgile-VX-Series/p/WMD00000340

https://docs.vmware.com/en/VMware-Cloud-on-AWS/index.html



Documents

Not Content: 2018 VMworld€¦ · •Software-Defined Data Center in AWS Cloud powered by VMware Cloud Foundation ... Protection Groups, and Recovery Plans 2018 Content: Not for publication