VMware Site Recovery Manager 8.8

8.8 8.7 8.6
简体中文 Deutsch Español Français Italiano 日本語 한국어 繁體中文 English

How do I connect a Site Recovery Manager instance on an
Oracle Cloud VMware Solution
 SDDC to a
VMware Site Recovery
 instance on a VMware Cloud on AWS SDDC

This use case provides instructions for connecting a
Site Recovery Manager
 instance on an
Oracle Cloud VMware Solution
 SDDC site to a
VMware Site Recovery
 instance on a
VMware Cloud on AWS
 SDDC. You must use a VPN connection to access
VMware Site Recovery
 on
VMware Cloud on AWS
 and the
Site Recovery Manager
 instance on
Oracle Cloud VMware Solution
.
Verify that you have deployed
Site Recovery Manager
 and
vSphere Replication
 on
Oracle Cloud VMware Solution
. See Setting Up Site Recovery Manager on Oracle Cloud VMware Solution.

Activate
VMware Site Recovery

To use your
Site Recovery Manager
 instance on an
Oracle Cloud VMware Solution
 SDDC with a
VMware Site Recovery
 service, you must activate the
VMware Site Recovery
 service on a
VMware Cloud
 on AWS SDDC.
  • Verify that you have deployed a Software-Defined Data Center (SDDC) on
    VMware Cloud
     on AWS.
  1. Log in to the
    VMware Cloud on AWS
     Console at https://vmc.vmware.com.
  2. Click your SDDC, and then click
    Integrated Services
    .
  3. Select Site Recovery and click
    Activate
    .
  4. Read the information on the Activate Site Recovery page and click
    Activate
    .

Set the
NSX-T
Edge Management Gateway Firewall Rules for
VMware Site Recovery

To enable
VMware Site Recovery
 on your SDDC environment that uses
VMware NSX-T
®, you must create firewall rules between your
VMware Cloud on AWS
 SDDC and the Management Gateway. After the initial firewall rules configuration, you can add, edit or delete any rules as needed.
  1. Log in to the
    VMware Cloud on AWS
     Console at https://vmc.vmware.com.
  2. Select
    Networking & Security
    Gateway Firewall
    Management Gateway
    .
  3. Click
    Add New Rule
    .
  4. Enter the management gateway rule parameters.
    Management gateway controls management traffic that flows in and out of the SDDC.
    Option
    Description
    Name
    Enter a descriptive name for the rule.
    Source
    Click
    Set Source
     and enter or select one of the following options:
    • Select
      Any
       to allow traffic from any source address or address range.
      Although you can select
      Any
       as the source address in a firewall rule, using
      Any
       as the source address in this firewall rule can enable attacks on your SDDC and might lead to compromise of your SDDC. As a best practice, configure this firewall rule to allow access only from trusted source addresses. See VMware Knowledge Base article 84154.
    • Select
      System Defined Groups
      and select one of the following source options.
      • vCenter
         to allow traffic from your SDDC's
        vCenter Server
      • Site Recovery Manager
         to allow traffic from your SDDC's
        Site Recovery Manager
        .
      • vSphere Replication
         to allow traffic from your SDDC's
        vSphere Replication
        .
    • Select
      User Defined Groups
       to enter the name and CIDR IP range of a remote network.
    Destination
    Click
    Set Destination
     and enter or select one of the following options:
    • Select
      Any
       to allow traffic to any destination address or address range.
    • Select
      System Defined Groups
      and select one of the following destination options.
      • vCenter
         to allow traffic to your SDDC's
        vCenter Server
        .
      • Site Recovery Manager
         to allow traffic to your SDDC's
        Site Recovery Manager
        .
      • vSphere Replication
         to allow traffic to your SDDC's
        vSphere Replication
        .
    • Select
      User Defined Groups
       to enter the name and CIDR IP range of a remote network.
    Service
    Select one of the services to apply the rule to.
    • HTTPS (TCP 443) applies to
      vCenter Server
       and
      vSphere Replication
       as destinations.
    • VMware Site Recovery
       SRM applies only to
      Site Recovery Manager
       as a destination.
    • VMware Site Recovery
      vSphere Replication
       applies only to
      vSphere Replication
       as a destination.
    Action
    The only action available for management gateway firewall rules is
    Allow
    .
  5. Repeat the previous step to apply the following firewall rules for
    VMware Site Recovery
    .
    Name
    Source
    Destination
    Service
    Action
    Remote SRM to
    vCenter Server
    User-Defined Group that includes the remote
    Site Recovery Manager
     IP address.
    vCenter
    HTTPS (TCP 443)
    Allow
    Remote VR to
    vCenter Server
    User-Defined Group that includes the remote
    vSphere Replication
     IP address.
    vCenter
    HTTPS (TCP 443)
    Allow
    Remote network to
    SRM
     (SRM Server Management)
    User-Defined Group that includes the remote
    Site Recovery Manager
     and
    vSphere Replication
     IP addresses.
    Site Recovery Manager
    VMware Site Recovery SRM
    Allow
    Remote network to
    VR
     (VM Replication)
    User-Defined Group that includes the remote
    ESXi
     hosts IP addresses.
    vSphere Replication
    VMware Site Recovery vSphere Replication
    Allow
    Remote network to
    VR
     (VR Server Management)
    or User-Defined Group that includes the remote
    Site Recovery Manager
     and
    vSphere Replication
     IP addresses.
    vSphere Replication
    VMware Site Recovery vSphere Replication
    Allow
    Remote network to
    VR
     (UI and API)
    User-Defined Group that includes the remote browser IP address.
    vSphere Replication
    VMware Site Recovery vSphere Replication
    Allow
    SRM
     (HTTPS) to remote network
    Site Recovery Manager
    Any or User-Defined Group that includes the remote
    Platform Services Controller
     and
    vCenter Server
     IP addresses.
    Any
    Allow
    VR
     (HTTPS) to remote network
    vSphere Replication
    Any or User-Defined Group that includes the remote
    Platform Services Controller
     and
    vCenter Server
     IP addresses.
    Any
    Allow
    SRM
     (SRM Server Management) to remote network
    Site Recovery Manager
    Any or User-Defined Group that includes the remote
    Site Recovery Manager
     IP address.
    Any
    Allow
    VR
     (SRM Server Management) to remote network
    vSphere Replication
    Any or User-Defined Group that includes the remote
    Site Recovery Manager
     IP address.
    Any
    Allow
    ESXi
     (VM Replication) to remote network
    ESXi
    Any or User-Defined Group that includes the remote
    vSphere Replication
     IP addresses (combined
    vSphere Replication
     appliance and any add-on
    vSphere Replication
     appliances).
    Any
    Allow
    SRM
     (VR Server Management) to remote network
    Site Recovery Manager
    Any or User-Defined Group that includes the remote
    vSphere Replication
     IP address.
    Any
    Allow
    VR
     (VR Server Management) to remote network
    vSphere Replication
    Any or User-Defined Group that includes the remote
    vSphere Replication
     IP address.
    Any
    Allow
  6. Click
    Publish
    .
After the firewall rules are created, they are shown in the Management Gateway Edge Firewall list.

Connect the
Site Recovery Manager Server
 instances on the
Oracle Cloud VMware Solution
 SDDC and the
VMware Cloud on AWS
 SDDC

Before you can protect your virtual machines between an
Oracle Cloud VMware Solution
 SDDC and a
VMware Cloud on AWS
 SDDC and the reverse, you must connect the
Site Recovery Manager Server
 and
vSphere Replication
 instances on the protected and the recovery sites. This procedure is known as site pairing.
  1. In the
    vSphere Client
    , click
    Site Recovery
    Open Site Recovery
    .
  2. Click the
    New Site Pair
     button.
  3. Select the first site from the list. Enter the address of the
    Platform Services Controller
     for the
    Site Recovery Manager Server
     on the
    VMware Cloud on AWS
     site, provide the user name and password, and click
    Next
    .
  4. Select the
    vCenter Server
     and the services you want to pair, and click
    Next
    .
  5. On the
    Ready to complete
     page, review the pairing settings, and click
    Finish
    .
The protected and the recovery sites are connected. The pair appears under
Site Pairs
 on the
Site Recovery
 Home tab.

Content feedback and comments