Hi again everyone!
In my previous posts (here and here), I introduced you to the BlueXP® disaster recovery (BlueXP DR) service and described how it protects your on-premises ONTAP® hosted VMware VMs using either an AWS VMware Cloud hosted SDDC using FSx for NetApp® ONTAP, or to a second on-premises vSphere cluster using ONTAP hosted datastores. Today, I want to discuss how BlueXP DR integrates with VMware to allow us to do what we do…orchestrate the replication and fail over of VMware datastores and VMs.
One of the great benefits of BlueXP DR is that you are managing the replication of the workload…in our initial use case, VMware VMs…rather than having to manage the storage and application failover separately. I think it is pretty obvious that BlueXP DR would – and should – easily manage ONTAP storage and leverage all of the greatness that ONTAP provides such as storage-efficient data replication using SnapMirror® technology, but what may not be as obvious is that VMware makes it relatively easy for us to integrate and orchestrate the VMware environment as well. BlueXP DR simply uses the VMware published application programming interface (API) to perform all the VMware processes needed to get the VMs back up and running on the DR site.
To do this, we need access to each VMware vCenter cluster, and we gain this through a VMware user account. This account needs to have a minimum set of VMware privileges to successfully do what we need to do. Of course, you could simply provide BlueXP DR with the full administrator user account and we would have all of the privileges we need…but we would also have the privileges to do a lot more than required…and many probably don’t want to give us that full access – not that we would ever go beyond the privileges we do need – to your vCenters…and I would not blame you if you don’t want to provide us with that master administrator login 😁.
So, we recommend creating a dedicated account for BlueXP DR…something like BlueXPDR-Manager@vsphere.local…and give that account the minimum set of privileges we require. So, what privileges do we need?
Here is the full list:
Type
|
Privilege Name
|
Datastore
|
Datastore.Configure datastore
|
Datastore.Remove datastore
|
Virtual Machine
|
Virtual machine.Configuration.Change Settings
|
Virtual machine.Configuration.Modify device settings
|
Virtual machine.Configuration.Reload from path
|
Virtual machine.Configuration.Rename
|
Virtual machine.Configuration.Reset guest information
|
Virtual machine.Configuration.Change Memory
|
Virtual machine.Configuration.Change CPU count
|
Virtual Machine Guest
|
Virtual machine.Guest Operations.Guest Operation Modifications
|
Virtual Machine Interaction
|
Virtual machine.Interaction.Power Off
|
Virtual machine.Interaction.Power On
|
Virtual machine.Interaction.VMware Tools install
|
Virtual Machine Inventory
|
Virtual machine.Inventory.Create new
|
Virtual machine.Inventory.Register
|
Virtual machine.Inventory.Unregister
|
Virtual Machine State
|
Virtual machine.Snapshot management.Create snapshot
|
Virtual machine.Snapshot management.Remove Snapshot
|
Virtual machine.Snapshot management.Revert to snapshot
|
Once you add all your vCenters clusters to BlueXP DR, we take care of the rest. As a BlueXP DR user, you create DR plans by selecting VMs you want to protect. BlueXP DR will query vCenter as to where these VMs reside and from there, we can trace this back to the ONTAP volumes we need to replicate. When you need to perform a failover, we can activate those ONTAP DR volumes and instruct the DR vCenter clusters to mount those ONTAP volumes as datastores, perform any VM reconfiguration that is defined in the replication plan, and restart those VMs as quickly as possible.
For the super technical readers, here is what this looks like in a high-level flow chart:
Everything in the grey box is what BlueXP DR is instructing vCenter to do on our behalf via the VMware API. As you can see, we can potentially do a lot of different pre- and post-VM start operations. In future blog entries, I will address many of these different steps to help you understand more about how BlueXP works and how valuable it can be as your go-to DR solution for VMware infrastructure.
If you want to learn more, check out the following resources:
If you have any questions, please let me know in the comments below or contact your NetApp sales representative. We are here to help in any way we can.
BlueXP DR Blog Index:
- Disaster recovery as a service for your hybrid-cloud VMware infrastructure using BlueXP
- BlueXP disaster recovery: How it protects your VMware virtual machines
- Announcing-new-NetApp-Lab-on-Demand-Getting-started-with-BlueXP-disaster
- How BlueXP disaster recovery integrates with VMware (This Blog)