An article by David Piet PhD, VMware Cloud Global Account Specialist SA Lead, and Dhaval Shah, Sr. Solutions Architect, on AWS.
Many organizations revisit disaster recovery (DR) strategies for a variety of reasons, including a dilapidated infrastructure that requires upgrades, renewal of colocation equipment leases, or a broader range of applications requiring a DR strategy.
Businesses appreciate the benefits of migrating to the cloud to meet their core business needs, but the sudden need for additional investments in disaster recovery site upgrades puts more strain on IT budgets and opens up new business opportunities.
An AWS customer at a Fortune 500 company was looking for a new DR solution due to lease expiration and aging infrastructure. We were also looking at ways to cut costs and reduce maintenance and operational management. The production workload ran on VMware vSphere hypervisor and also used NetApp Filer.
In this article, we’ll show you how to leverage VMware Cloud Disaster Recovery (VCDR) solutions and various AWS services to migrate your DR site to AWS with minimal application changes, similar to the clients mentioned above.
This approach offers a gradual learning curve but a high total cost of ownership (TCO) advantage, allowing customers to quickly migrate to AWS. This solution assumes that the customer is currently running the infrastructure on a VMware virtual environment and using shared storage, such as a Common Internet File System (CIFS) share.
The disaster recovery solution shown in Figure 1 consists of three main components.
- VCDR manages failover of on-premises virtual machines (VMs).
- NetApp Cloud Volumes ONTAP (CVO) manages CIFS shares.
- The AWS landing zone manages the connections between the DMZ layer, the storage layer, and various services.
Let’s take a quick look at how each of these components works.
Figure 1 — Solution architecture
Introduction to VCDR
VCDR is a fully integrated disaster recovery solution built natively into VMware Cloud on AWS. An on-demand DR service that provides an easy-to-use Software as a Service (SaaS) solution. With VCDR, you can protect your workload by replicating virtual machines from your on-premises VMware virtual environment to AWS and failing over to VMware Cloud on AWS in the event of a disaster.
To configure VCDR as a DR solution, first deploy the OVA appliance DRaaS connector to your on-premises VMware virtual environment. Virtual machines added to the DR protection group are replicated to the cloud-based VCDR service.
Within the cloud-based service are DRaaS Orchestrator and Scale-out Cloud File System. In a true disaster recovery or DR simulation, the cloud scale-out file system is mounted from the software-defined data center (SDDC) in VMware Cloud on AWS and the workload runs on AWS.
Two models are available for the disaster recovery SDDC in VMware Cloud on AWS:
- The first is sleep mode. This model always has the minimum number of VMware Cloud on AWS hosts running. In the event of a DR failover, the cluster scales automatically using Elastic Distributed Resource Scheduler (EDRS) when the VM comes online. In this operating model, pilot thin hosts are typically associated with subscriptions, and scaled hosts run on demand during failover.
- The second is just-in-time (JIT) deployment mode. That is, provision a new SDDC in case of failure, configure it accordingly, and fail over the workload. This model is relatively inexpensive because no host is operational 24 hours a day. However, deploying a real-time DR environment in the event of a disaster requires additional time and personnel. Provisioned hosts typically run on demand.
Introducing NetApp Cloud Volume ONTAP
NetApp Cloud Volumes ONTAP is a software-only version of Data ONTAP. It is NetApp’s data management operating system used by NetApp physical storage appliances.
Cloud Volumes ONTAP is customized for your operating system to run on Amazon Elastic Compute Cloud (Amazon EC2) instances. With Cloud Volumes ONTAP on AWS, you can launch a new enterprise-class data management system in the cloud in minutes.
Cloud Volumes ONTAP offers multiprotocol SMB and NFS support, local snapshots, storage efficiency with compression and deduplication, and SnapMirror data migration to the cloud while preserving efficiency and snapshots. For more information about CVO features, see the AWS Marketplace page for NetApp Cloud Manager and Cloud Volumes ONTAP for AWS.
Combining each of the above components, the overall solution looks like this: Replication from NetApp virtual machines and volumes keeps them in sync with the DR environment. In the event of a disaster, the VM fails over to VMware Cloud on AWS and uses AWS Transit Gateway for connectivity to mount the CVO volumes directly to their respective file systems.
Figure 2 illustrates traffic flow management using AWS Transit Gateway. This gives you the flexibility to manage and control east-west and north-south network traffic, as well as network scalability that allows you to scale AWS or external services as additional attachments.
Figure 2 — Network route through AWS Transit Gateway
AWS Parameters Workflow
The general workflow for configuring AWS components in a VCDR solution is as follows:
- Create an AWS account and select the region where you want to deploy your DR infrastructure. In this case, the customer selected us-west-2 as the DR site.
- Create AWS Identity Access Management (IAM) users and roles based on your organization’s needs and best practices.
- Deploy core network components such as Amazon Virtual Private Cloud (Amazon VPC), Virtual Private Network (VPN), AWS Transit Gateway, and Transit VPC with firewall appliances.
- Configure routes and security groups in addition to Transit Gateway to connect all components.
Workflow for VCDR settings
The basic workflow is as follows:
- In the VMware Cloud Disaster Recovery portal, deploy the minimum number of clusters that you need. These hosts act as lightweight AWS pilot computing resources in the event of a disaster. As an example, the customer mentioned above deployed a two-node cluster as a pilot light.
- Configure an on-premises VMware virtual environment as a protected site that uses VCDR as the DR target. As part of this process, the DRaaS connector is uploaded to your on-premises environment.
- Once the two sites are paired successfully, all you have to do is create a protection group policy. These policies define the protected virtual machines, their respective recovery point objectives (RPOs), and backup storage level policies (retention periods).
Workflow for CVO settings
The basic workflow is as follows:
- Create an Amazon EC2 instance and configure Cloud Manager and the corresponding root and firewall rules.
- Create an EC2 instance to install NetApp CVO and manage CIFS shares.
- Configure the SnapMirror process to synchronize your on-premises CIFS shares with the AWS side.
Customers have many reasons to rethink their existing disaster recovery strategies, often focusing on familiar solutions and technologies.
With the architecture described in this article, customers currently using VMware vSphere hypervisors and NetApp storage can leverage VCDR and NetApp Cloud Volumes ONTAP on VMware Cloud on AWS and Amazon EC2 to also be on-premises on AWS. -site DR on site all using the same technology as.
Specialist SA Takeda was in charge of the translation. The original text is here.