- Connecting the Protected and Recovery Site SRMs
- Configuring Inventory Mappings
- Assigning Placeholder Datastores
- Configuring Array Managers: An Introduction
- Creating Protection Groups
- Failure to Protect a Virtual Machine
- Summary
This chapter is from the book
This chapter is from the book
This chapter is from the book
Configuring Array Managers: An Introduction
The next essential part of SRM post-configuration involves enabling the array manager's piece of the product. The array manager is often just a graphical front end for supplying variables to the SRA. Of course I'm assuming you have a storage array which is supported for use with SRM. It may be that you don't, and you would prefer to use VMware's vSphere Replication (VR) instead.
If you do you have a storage array, it's in the Array Manager pane that you inform SRM what engine you are using to replicate your virtual machines from the Protected to the Recovery Site. In this process, SRA interrogates the array to discover which LUNs are being replicated, and enables the Recovery Site SRM to "mirror" your virtual machines to the recovery array. You must configure each array at the Protected Site that will take part in the replication of virtual machines. If a new array is added at a later stage it must be configured here. The array manager will not show every LUN/volume replicated on the storage array—just the ones used by your ESX hosts. The SRA works this out by looking at the files that make up the VM and only reporting LUNs/volumes which are in use by VMs on ESX hosts. This is why it's useful once you have set up the replication part of the puzzle to populate LUNs/volumes with VMs.
Clearly, the configuration of each array manager will vary from one vendor to the next. As much as I would like to be vendor-neutral at all times, it's not possible for me to validate every array manager configuration because that would be cost- and time-prohibitive. However, if you look closely at the screen grabs for each SRA that I've included in this book you can see that they all share two main points. First, you must provide an IP address or URL to communicate with the storage array, and second, you must provide user credentials to authenticate with it. Most SRAs will have two fields for two IP addresses; this is usually for the first and second storage controllers which offer redundant connections into the array, whether it is based on Fibre Channel, iSCSI, or NFS. Sometimes you will be asked to provide a single IP address because your storage vendor has assumed that you have teamed your NIC interfaces together for load balancing and network redundancy. Different vendors label these storage controllers differently, so if you're familiar with NetApp perhaps the term storage heads is what you are used to, or if it's EMC CLARiiON you use the term storage processor. Clearly, for the SRA to work there must be a configured IP address for these storage controllers and it must be accessible to the SRM server.
As I stated in Chapter 7, Installing VMware SRM, there is no need now to restart the core SRM service (vmware-dr) when you install or upgrade an SRA. Of course, your environment can and will change over time, and there is room for mistakes. Perhaps, for instance, in your haste you installed the SRA into the Protected Site SRM server, but forgot to perform the same task at the Recovery Site. For this reason, VMware has added a Reload SRAs link, shown in Figure 9.17, under the SRAs tab in the Array Manager pane. If you do install or update an SRA it's worth clicking this button to make sure the system has the latest information.
Figure 9.17 With the Reload SRAs link, the SRM administrator doesn't have to restart the core vmware-dr service for changes to take effect.
Before beginning with the array manager configuration, it is worthwhile to check if there are any warnings or alerts in either the Summary tab or the SRAs tab, as this can prevent you from wasting time trying to configure the feature where it would never be successful. For example, if there is a mismatch between the SRAs installed at either the Protected or the Recovery Site you would receive a warning status on the affected SRA, as shown in Figure 9.18. This information displayed in the SRAs tab of the affected system can also tell you information about supported arrays and firmware.
)
Figure 9.18 To avoid false alarms, ensure that the SRA is installed on all the SRM servers before reloading the SRAs.
Similarly, if your SRA has specific post-configuration requirements, and you subsequently fail to complete them, this can cause another status error message. For example, the message "The server fault 'DrStorageFaultCannotLoadAdapter" was caused by my installation of the IMB SystemStorage SRA and not completing the configuration with the IBMSVCRAutil.exe program. The moral of the story is to not unnecessarily install SRAs that you don't need. I did because I'm a curious fellow; however, that curiosity often leads to learning something new that I can pass on to my customers and colleagues.
Most SRAs work the same way: You supply IP information and user authentication details to the wizard. By supplying to the Protected and Recovery Sites details regarding both IP address and authentication, you allow SRM to automate processes that would normally require the interaction of the storage management team or interaction with the storage management system. This is used specifically in SRM when a Recovery Plan is tested as the ESX host's HBAs in the recovery location are rescanned, and the SRA from the storage vendor allows them access to the replicated LUNs/volumes to allow the test to proceed. However, this functionality does vary from one storage array vendor to another. For example, these privileges in some arrays would allow for the dynamic creation and destruction of temporary snapshots, as is the case with EMC Celerra or NetApp filers. With other vendors someone on the storage team would have to grant access to the LUN and snapshot for this to be successful, as is the case with the EMC CLARiiON.
You might think that allowing this level of access to the storage layer would be deeply political; indeed, it could well be. However, in my discussions with VMware and those people who were among the first to try out SRM, this hasn't always been the case. In fact, many storage teams are more than happy to give up this control if it means fewer requests for manual intervention from the server or virtualization teams. You see, many storage guys get understandably irritated if people like us are forever ringing them up to ask them to carry out mundane tasks such as creating a snapshot and then presenting it to a number of ESX hosts. The fact that we as SRM administrators can do that safely and automatically without their help takes this burden away from the storage team so that they can have time for other tasks. Unfortunately, for some companies this still might be a difficult pill for the storage team to swallow without fully explaining this to them before the remit of SRA. If there has been any annoyance for the storage team it has often been in the poor and hard-to-find documentation from the storage vendors. That has left some SRM administrators and storage teams struggling to work out the requirements to make the vendor's SRA function correctly.
Anyway, what follows is a blow-by-blow description of how to configure the array manager for the main storage vendors. If I were you, I would skip to the section heading that relates to the specific array vendor that you are configuring, because as I've said before, one array manager wizard is very similar to another. Array manager configuration starts with the same process, regardless of the array vendor.
- Log on with the vSphere client to the Protected Site's vCenter—in my case, this is vcnyc.corp.com.
- Click the Site Recovery icon.
- Click the Array Managers icon.
- Click the Add Array Manager button, as shown in Figure 9.19.
)
Figure 9.19 The Add Array Manager button that allows you to input your configuration specific to your SRA
Once the array manager configuration has been completed and enabled, you will see in the Recent Tasks pane that it carries out four main tasks for each vCenter that is affected (see Figure 9.20).
)
Figure 9.20 Updating the array manager configuration or refreshing it will trigger events at both the Protected and Recovery Sites.
Configuring Array Managers: Dell EqualLogic
To configure the array manager for the Dell EqualLogic, resume with these steps.
- In the Add Array Manager dialog box, enter a friendly name for this manager, such as "Dell Array Manager for Protected Site".
Select Dell EqualLogic PS Series SRA as the SRA Type, as shown in Figure 9.21.
Figure 9.21 Dell uses the concept of groups as collections of array members. You may wish to use a naming convention reflecting these group names.
- Enter the IP address of the group at the Protected Site in the IP Address field; in my case, this is my New York EqualLogic system with the IP address of 172.168.3.69.
- Supply the username and password for the Dell EqualLogic Group Manager.
Complete this configuration for the Partner Group; in my case, this is 172.168.4.69, the IP address of the Group Manager in New Jersey, as shown in Figure 9.22.
Figure 9.22 Configuration of the Protected Site (local group connection parameters) and Recovery Site (partner group replication parameters)
These dialog boxes occasionally require you to scroll down in order to see all the fields.
Click Next and then Finish. Once the array manager configuration for the Protected Site is added, it should also add the array manager configuration for the Recovery Site, as shown in Figure 9.23.
Figure 9.23 The array manager configuration for both sites. You may want to use a naming convention reflecting the Dell EqualLogic group names.
The next step is to enable the configuration. If you have used SRM before you will recognize this is a new step in the array manager configuration. It's designed to give the SRM administrator more control over the array pairs than was previously possible. If you do not enable the pairing you will be unable to successfully create Protection Groups.
- To enable the configuration select the Array Pairs tab on the array configuration object and click the Enable link under the Actions column (see Figure 9.24).
)
)
)
)
Figure 9.24 Enabling the configuration of the Dell EqualLogic
Occasionally, I've had to click Enable twice. This appears to be an issue with the way SRM refreshes this page. Once the array manager configuration is in use by Protection Groups it cannot be disabled. Similarly, once a Protection Group is being used by a Recovery Plan it cannot be removed until it is not referenced in a Recovery Plan.
This will complete the Remote Array Manager column with the name of the array configuration for the Recovery Site. If you look under the Devices tab you should see the volumes you are replicating to the Recovery Site. Notice in Figure 9.25 how the device or volume is local to the New York Site. Also notice how the blue arrow indicates the volume is being replicated to the remote location of New Jersey. This arrow changes direction when you carry out an automated failback process, with the Reprotect button inverting the replication direction.
)
Figure 9.25 SRM's new interface shows the replication direction, and is useful when monitoring failover and failback procedures.
Configuring Array Managers: EMC Celerra
EMC has one SRA that covers both the Unisphere range of arrays and the newer VMX series of systems together with "enabler" software for particular types of replication. So, regardless of the generation you possess, you should be able to install and configure it. Installing the EMC SRA VNX Replicator is a relatively simple affair. In this section, I will walk you through the configuration of the EMC Celerra with VMware SRM.
With EMC Celerra systems the SRM server will communicate to the Celerra at the Protected Site (New York) to collect volume information. It's therefore necessary to configure a valid IP address for the SRM to allow this to occur or allow routing/intra-VLAN communication if your SRM and VSA reside on different networks. This is one of the challenges of installing your SRM and vCenter on the same instance of Windows. Another workaround is to give your SRM two network cards: one used for general communication and the other used specifically for communication to the Celerra. If you have no communication between the SRA and the Celerra you will receive an error message. Before you begin it's a good idea to confirm that you can ping both the Protected Site array and the Recovery Site array with the Celerra Control Station IP from the Protected Site (New York) SRM server.
To configure the array manager for the EMC Celerra, resume with these steps.
- In the Add Array Manager dialog box, enter a friendly name for this manager, such as "EMC Celerra for Protected Site".
Select EmcSra as the SRA Type (see Figure 9.26).
Figure 9.26 If you have many Celerra systems you may want to develop a naming convention that allows you to uniquely identify them.
Enter the IP address of the Control Station at the Protected Site in the IP Address field—in my case, this is my New York Celerra system with the IP address of 172.168.3.77.
If you are unsure of the IP address of the Control Station for your system, you can locate it in the Unisphere management pages under System Information, as shown in Figure 9.27.
Figure 9.27 Selecting the Celerra from the pull-down list and clicking the System button will show you the Control Station IP address.
Supply the username and password for the Control Station (see Figure 9.28).
Figure 9.28 If you have NFS mount points as well as iSCSI these may be listening on different IP ports.
These dialog boxes occasionally require you to scroll down in order to see all the fields.
Click Next and then Finish. Once the array manager configuration for the Protected Site is added, you should also add the array manager configuration for the Recovery Site, as shown in Figure 9.29.
Figure 9.29 Although some array managers ask for the Recovery Site's IP and authentication details, you still must configure the Recovery Site SRA.
The next step is to enable the configuration, as shown in Figure 9.30. If you have used SRM before you will recognize this is a new step in the array manager configuration. It's designed to give the SRM administrator more control over the array pairs than was previously possible. If you do not enable the pairing you will be unable to successfully create Protection Groups.
Figure 9.30 Enabling the configuration of the EMC Celerra
- To enable the configuration select the Array Pairs tab on the array configuration object and click the Enable link under the Actions column.
)
)
)
)
Occasionally, I've had to click Enable twice. This appears to be an issue with the way SRM refreshes this page. Once the array manager configuration is in use by Protection Groups it cannot be disabled.
This will complete the Remote Array Manager column with the name of the array configuration for the Recovery Site. If you look under the Devices tab you should see the volumes you are replicating to the Recovery Site. Notice how the device or volume is local to the New York Site. Also notice how the blue arrow indicates the volume is being replicated to the remote location of New Jersey. This arrow changes direction when you carry out an automated failback process, with the Reprotect button inverting the replication direction (see Figure 9.31).
)
Figure 9.31 The SRM interface shows the replication direction, and is useful when monitoring failover and failback procedures.
Configuring Array Managers: EMC CLARiiON
EMC has one SRA that covers both the Unisphere range of arrays and the newer VMX series of systems together with "enabler" software for particular types of replication. So, regardless of the generation you possess, you should be able to install and configure it. Installing the EMC SRA VNX Replicator is a relatively simple affair. In this section, I will walk you through the configuration of the EMC CLARiiON with VMware SRM.
With EMC CLARiiON systems the SRM server will communicate to the CLARiiON at the Protected Site (New York) to collect volume information. It's therefore necessary to configure a valid IP address for the SRM to allow this to occur or allow routing/intra-VLAN communication if your SRM and VSA reside on different networks. This is one of the challenges of installing your SRM and vCenter on the same instance of Windows. Another workaround is to give your SRM two network cards: one used for general communication and the other used specifically for communication to the CLARiiON. If you have no communication between the SRA and the CLARiiON you will receive an error message. Before you begin, it's a good idea to confirm that you can ping both the Protected Site array and the Recovery Site array with the CLARiiON SP A and SP B ports' IP address from the Protected Site (New York) SRM server.
To configure the array manager for the EMC CLARiiON, resume with these steps.
- In the Add Array Manager dialog box, enter a friendly name for this manager, such as "EMC Clariion for Protected Site".
Select EMC Unified SRA as the SRA Type, as shown in Figure 9.32.
Figure 9.32 If you have many CLARiiON systems you might want to develop a naming convention that allows you to uniquely identify them.
- Enter the IP address of the storage processors (SPA and SPB) at the Protected Site in the IP Address field—in my case, this is my New York CLARiiON system with the IP addresses 172.168.3.79 and 172.168.3.78.
If you are unsure of the IP address of the storage processors for your system, you can locate it in the Unisphere management pages under System Information.
Supply the username and password for the CLARiiON together with the IP address for the SPA and SPB (see Figure 9.33).
Figure 9.33 The IP address for SPA and SPB on the New York CLARiiON
These dialog boxes occasionally require you to scroll down in order to see all the fields.
- Click Next and then Finish. Once the array manager configuration for the Protected Site is added, you should also add the array manager configuration for the Recovery Site, as shown in Figure 9.34.
Figure 9.34 Although some array managers ask for the Recovery Site's IP and authentication details, you must configure the Recovery Site SRA.
The next step is to enable the configuration, as shown in Figure 9.35. If you have used SRM before you will recognize this is a new step in the array manager configuration. It's designed to give the SRM administrator more control over the array pairs than was previously possible. If you do not enable the pairing you will be unable to successfully create Protection Groups.
Figure 9.35 Enabling the configuration on the EMC CLARiiON
- To enable the configuration select the Array Pairs tab on the array configuration object and click the Enable link under the Actions column.
)
)
)
Occasionally, I've had to click Enable twice. This appears to be an issue with the way SRM refreshes this page. Once the array manager configuration is in use by Protection Groups it cannot be disabled.
This will complete the Remote Array Manager column with the name of the array configuration for the Recovery Site. If you look under the Devices tab you should see the volumes you are replicating to the Recovery Site. Notice how the device or volume is local to the New York Site. Also notice how the blue arrow indicates the volume is being replicated to the remote location of New Jersey. This arrow changes direction when you carry out an automated failback process, with the Reprotect button inverting the replication direction (see Figure 9.36).
)
Figure 9.36 SRM can show the replication direction, and is useful when monitoring failover and failback procedures.
Configuring Array Managers: NetApp FSA
To configure the array manager for the NetApp FSA, resume with these steps.
- In the Add Array Manager dialog box, enter a friendly name for this manager, such as "NetApp Array Manager for Protected Site".
Select NetApp Storage Replication Adapter as the SRA Type, as shown in Figure 9.37.
Figure 9.37 The NetApp SRA uses signal configuration for all its supported storage protocols.
- Enter the IP address of the group at the Protected Site in the IP Address field—in my case, this is my New York NetApp system with the IP address of 172.168.3.89 (see Figure 9.38). I used the same IP address for the system as the NFS IP filter for NAS. This may not be the case in larger production systems where the management traffic is placed on separate network interfaces.
Figure 9.38 Entering the IP address of the group at the Protected Site
Supply the username and password for the NetApp filer.
These dialog boxes occasionally require you to scroll down in order to see all the fields.
Most customers like to have separate networks for management and data traffic. This is mainly for security reasons, but performance can also be a concern. Many storage admins will use the management network to copy their own data around, such as software packages, service packs, and firmware updates. When the SRA interrogates the NetApp system, it may find a bunch of interfaces using various address ranges. And when SRM interrogates vCenter, it may find a bunch of ESX VMkernel interfaces using various address ranges. So it's entirely possible that when SRM needs to mount an NFS datastore (either the SnapMirror destination volume in a real failover, or a FlexClone of that volume in a test failover), it may choose to use an IP address range such as, for example, the management network. NetApp added the NFS filter to ensure that the SRA only reports the desired addresses back to SRM, which would mean that SRM can only choose the IP network you specify. You can actually specify multiple IP addresses if you need to; just separate them with a comma—for example, 192.168.3.88,192.168.3.87. In my case, I have a much simpler configuration where my management network and my NFS network are the same set of team NICs in the filer.
Click Next and then Finish. Once the array manager configuration for the Protected Site is added, you should also add the array manager configuration for the Recovery Site (see Figure 9.39).
Figure 9.39 If you have multiple arrays, consider a naming convention that allows you to uniquely identify each system.
The next step is to enable the configuration. If you have used SRM before you will recognize this is a new step in the array manager configuration. It's designed to give the SRM administrator more control over the array pairs than was previously possible. If you do not enable the pairing you will be unable to successfully create Protection Groups.
- To enable the configuration select the Array Pairs tab on the array configuration object and click the Enable link under the Actions column (see Figure 9.40).
)
)
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
){kind=link}
)
Figure 9.40 Enabling the configuration in NetApp FSA
Occasionally, I've had to click Enable twice. This appears to be an issue with the way SRM refreshes this page. Once the array manager configuration is in use by Protection Groups it cannot be disabled.
This will complete the Remote Array Manager column with the name of the array configuration for the Recovery Site. If you look under the Devices tab you should see the volumes you are replicating to the Recovery Site. Notice how the device or volume is local to the New York Site. Also notice how the blue arrow indicates the volume is being replicated to the remote location of New Jersey. This arrow changes direction when you carry out an automated failback process, with the Reprotect button inverting the replication direction (see Figure 9.41).
){kind=link}
)
Figure 9.41 SRM can show the replication direction, and is useful when monitoring failover and failback procedures.