Skip to main content

Setting Up Zerto Virtual Replication between Two OVHcloud Datacenters

Stephanie R.
Updated

Learn how to set up Zerto Virtual Replication between your Hosted Private Cloud platforms.

This guide will present the concepts and steps required to set up Zerto Virtual Replication between two OVHcloud datacenters.

For instructions about cross-platform setup, please see our guide on How to Set Up a VPN for Your OVHcloud Zerto Disaster Recovery Plan.

 

Requirements

  • two Private Cloud platforms in two different datacenters
  • a free public IP must be available in each of the datacenters

 

Zerto Virtual Replication Concepts

Zerto Virtual Replication is a disaster recovery solution for vSphere. It enables replication of virtual machines between Private Cloud platforms by capturing and transmitting all disk operations to a secondary site. It allows automation and orchestration of actual failover, or failover tests, between sites.

 

Virtual Replication Appliance (VRA)

Zerto works by deploying specific virtual machines on each hypervisor called Virtual Replication Appliance. They have a predefined configuration:

  • vCPU: 1
  • RAM: 2 GB
  • Stockage: 36 GB

All VRA are stored on a specific datastore, provided by OVHcloud.

 

Sites

During deployment, VRAs are deployed on source and destination sites and then are paired together to start replication. Since Zerto does not encrypt the dialog between VRA, OVHcloud automatically deploys a VPN tunnel between the VRA through the L2VPN appliance, to protect in-flight data.

 

Virtual Protection Group (VPG)

Before starting the replication, VMs must be grouped in a logical container called Virtual Protection Group, on which all replication parameters will be defined. It allows consistent application of parameters across a group of VMs that share the same replication requirements (typically VMs that belong to the same function or application),

VPGs can be prioritized to make the most efficient usage of available bandwidth.

 

Instructions

Service activation

From OVHcloud dashboard

From your OVHcloud Control Panel, go to Hosted Private Cloud in the upper navigation menu. Under the VMware heading, select your datacenter from the dropdown menus. Then, click the Disaster Recovery Plan (DRP) tab.

zerto01.png

 

Select Between two OVHcloud Private Cloud solutions then click Enable Zerto DRP.

zerto02.png

Selection of the primary Private Cloud and datacenter is done automatically and depends on where you are connecting from. 

From the drop-down menu, select a free public IP from the IP range attached to the Private Cloud. It will be used to set up the VPN tunnel between the two platforms. Click Next.

zerto03.png

Select a secondary Private Cloud from the drop-down menu. Please note that the list will show only Private Clouds meeting all the following requirements:

  • located in another geographical area.
  • not already involved in a Zerto replication.

Select a secondary datacenter from the list in the drop-down menu. Then, select an unused IP address from the public IP range attached to the secondary Private Cloud. It will be used for the secondary VPN endpoint.

Click Install.

zerto04.png

Deployment can take up to one hour if all provided information is correct (for example, if the IPs given in the wizard are already in use, the activation will fail).

Once the activation has successfully completed, you will receive an email summary of the configuration and the links to the Zerto interface of both sites.

Dear Customer,

You have just enabled the Zerto DRP solution between 2 of your Dedicated Cloud solutions.

You can log in to the primary website via the following address:
  • URL: https://zerto.pcc-x-x-x-x.ovh.us/
You can log in to the secondary website via the following address:
  • URL: https://zerto.pcc-x-x-x-x.ovh.us/

You can authenticate with your administrator accounts, the same way as you do for vSphere.

 

Zerto Replication Interface

The interface is reachable both from primary and secondary platforms through:

  • https://zerto.pcc-x-x-x-x.ovh.us/ (replace with the PCC URL)
NOTE: As indicated in the summary email, you can log in with your PCC account.

Once logged in, you arrive on the Zerto dashboard:

zerto05.png

You will find there:

  • A status of VPG health
  • Key indicators for the Zerto platform
  • Network and IO consumption figures
  • An alerts and messages log

 

Configure a Virtual Protection Group (VPG)

From the side navigation menu, select the VPGs section, then select the + button for a New VPG.

zerto06.png

In the General section:

  • VPG Type: leave as "Remote DR and Continuous Backup"
  • VPG Name: enter a name for the new VPG
  • Priority: leave as "Medium," except for specific requirements
  • VPG Description: optional

Click NEXT.

zerto07.png

In the VMs section:

You need to select the VMs that will be in the VPG. You can filter the VMs by name through the Search dialog box.

NOTE: A VM can only belong to a single VPG.
  • Tick the box of every VM to be added
  • Click on the arrow pointing to the right to place VMs in the VPG

Click NEXT.

zerto08.png

In the Replication section:

  • Recovery Site: select the remote site (the primary site will be tagged as (Local)).
  • Hosts: select a vSphere Resource Pool, a DRS Cluster, or a specific host in it (Cluster1 in our example).
  • Datastore: likewise you can select a specific datastore or datastore cluster in the drop-down list.
  • The other values are present for backward compatibility but will trigger an error message if selected.

You can keep the default values for the other settings. Click NEXT.

zerto09.png

In the Storage section:

You have the option to edit the Recovery Volume Location and Volume Sync Type for specific VMs.

If it is not necessary, you can click NEXT.

zerto10.png

In the Recovery section:

You need to define the default network to use during test failovers and actual failovers.

  • Failover/Move Network: choose the default vSphere portgroup for an actual failover.
  • Failover Test Network: choose the default vSphere portgroup for a test failover.
  • Recovery Folder: if you want to regroup the failover VMs on the secondary site, you can select a folder or just "/" to place the VMs at the root of the vSphere inventory.
Pre-recovery Script and Post-recovery Script are locked down, these features are not enabled.

Click NEXT.

zerto11.png

In the NICs section:

You have the option to override the default recovery networks for each VM and specify the IP addresses to use in case of a test or an actual failover.

NOTE: The modification of the IP address during failover is only possible for supported OSes with functioning VMware Tools

Click NEXT.

zerto12.png

In the Extended Journal section:

Click NEXT.

zerto13.png

The Summary section will show the settings for the new VPG. If everything is OK, click Done.

zerto14.png

 

On the dashboard, you will see the new VPG with the status "Initializing."

zerto15.png

 

Test a failover

After having configured your VPG and once the initial replication has been completed, you can now test Zerto failover features.

NOTE: A failover test has NO impact on the production site, you only need to make sure that the VMs that are being failed-over are starting in an isolated network and/or different IPs to avoid network conflicts. All the VMs used during the failover test are fully managed by Zerto. You should not remove or modify them; they will be removed automatically at the end of the failover test. The replication keeps running during the failover tests and is not impacted in any way.

From the interface, click the Failover button in the lower left corner. From there, select Test.

zerto16.png

The failover wizard appears with eligible VPGs, their replication direction (in or out), destination site, and service level status (Meeting SLA).

You have two options:

  1. Select the VPGs itself to perform the test, failing over all the VMs within.
  2. Click on the square icon on the left of the VPG name to display all the VMs in the VPG. You can then choose to failover only the selected VMs within the VPG.

Click NEXT.

zerto17.png

In this case, we have chosen to do a full VPG failover.

You can now check the settings for the failovers:

  • Replication direction
  • Remote site
  • Boot order (locked down)
  • Pre/Post scripts (locked down)

Click NEXT.

zerto18.png

The summary screen is displayed. If everything is OK, you can start the test by clicking START FAILOVER TEST. You can log in on the remote site vCenter, see the VMs starting, and check if everything is working correctly on the remote site.

zerto19.png

When all checks have been performed, you can stop the test by clicking on the "stop" icon next to Testing Failover.

zerto20.png

At this stage, you can add a result of the test for future reference.

Confirm the end of the test by clicking Stop.

zerto21.png

Clean-up operations are launched right away on the remote site.

 

Launch an actual failover

You can launch a full failover from the secondary site, in case the primary site has been rendered unusable by a disaster.

NOTE: If you trigger an actual failover when the primary site is still available, you can properly shut down the VMs on the primary site.
If not, be careful with the network configuration to make sure to prevent IP conflicts between primary and secondary instances of VMs.
Please note that contrary to what happens during a test failover, replication operations are stopped during an actual failover.

To start a complete failover, click Failover in the bottom left corner of the screen. Then select Live. The failover wizard has a red design as a warning that going further may have an impact on your VMs.

zerto22.png

A screen will appear indicating the available VPGs, the direction of replication, the destination site, and if the level of protection is correct (Meeting SLA). You can decide on the failover parameters, just like during a test failover: which VPGs to failover, the replication direction, VPGs status (Meeting SLA).

  1. You can select one or several VPGs
  2. If you want to partially migrate some VPGs, you can click on the square icon and select which VMs to failover.

Click NEXT.

zerto23.png

We have decided to failover a single VPG.

We have a summary of the failover parameters:

  • Replication direction
  • Remote site
  • The checkpoint to use: What version should use Zerto to restart from? Usually, the latest version will minimize the data loss and improve RPO.
  • What commit policy to use: there are three commit policy settings
    • Auto-Rollback: If no action is taken, the rollback starts automatically after the timer has elapsed.
    • Auto-Commit: If no action is taken, data changed on the secondary site is now committed on VMs, and to be able to fail back, a reverse replication needs to be set up.
    • None: Rollback or Commit have to be launched manually.

zerto24.png zerto25.png

  • VM Shutdown: what Zerto should do with the VMs on the primary site if they are still running, leave them running, shut down, or force shutdown.
  • Reverse Protection: after the failover, should the replication be enabled again to allow a failback or be left as-is.

For all automatic actions, the default timer is 60 minutes.

Click NEXT.

zerto26.png

 

The summary screen is displayed. If everything is OK, you can start the test by clicking START FAILOVER.

zerto27.png

NOTE: Please read the summary and all associated warnings carefully.

If you have selected an Automatic Policy, you will receive a warning about its impact.

Confirm with START FAILOVER.

zerto28.png

Failover starts and you can follow the actions from the secondary vCenter, allowing you to validate the successful start of VMs on a secondary platform.

After the failover has been completed, you will see a pending task as long as you have not committed or failed back the operation (through the small icons near the VPG name).

zerto29.png

When you commit the data on the secondary site, you can automatically set up the protection (Reverse Protection).

Validate with COMMIT.

zerto30.png

 

If you check the VPG, you will see that the replication direction has changed.

zerto31.png

 

Prepare and trigger the failback

Depending on failover options, the failback (if needed) may require different steps.

  • If you have selected Reverse Protection during the failover, the failback is just a Failover Live (refer to the relevant part of this guide).
  • If you have not enabled Reverse Protection, you need to create a new VPG, do a full sync, and then do a Failover Live (refer to the relevant part of this guide).

 

Go further

For more information and tutorials, please see our other Hosted Private Cloud support guides or explore the guides for other OVHcloud products and services.

Related articles