Home > Integrated Products > VxBlock 1000 and 3-Tier Platform Reference Architectures > Guides > 3-Tier Platform Design Guide > Disaster recovery
Dell Integrated Data Protection provides disaster recovery services through RecoverPoint for Virtual Machines and related technologies.
RecoverPoint for Virtual Machines software protects VMs residing in a VMware vSphere environment. The product provides local and remote replication capabilities with virtual machine-level granularity.
Note: VxBlock systems with secure boot enabled support RecoverPoint for Virtual Machines 5.3.2 on installations of VMware vSphere 7.0.
No version of RecoverPoint for Virtual Machines currently supports VxBlock systems that run vSphere 8.0.
RecoverPoint for Virtual Machines and RecoverPoint are different products. RecoverPoint for Virtual Machines refers to the VMware-related product. RecoverPoint refers to the hardware-based product. The following table shows the differences:
Feature | RecoverPoint for Virtual Machines | RecoverPoint |
Uses physical RecoverPoint Appliances (RPA) | No | Yes |
Uses virtual RecoverPoint Appliances (vRPA) | Yes | Yes Note: vRPA is not supported on integrated data protection solutions. |
Target user group | VMware administrators | Storage administrators |
RecoverPoint for Virtual Machines vRPAs are installed in the VMware vSphere environment and provide the plug-in into the VMware vSphere web client.
VMware vRPAs use the IP protocol to communicate with the VMware vSphere data store. Each vSphere ESXi host that participates in protecting virtual machines requires the RecoverPoint for Virtual Machines installed splitter.
VMware administrators use the vSphere web client to actively protect and recover virtual machines to any point in time using integrated orchestration and automation capabilities. RecoverPoint for Virtual Machines fully supports the following standard RecoverPoint operations:
Because RecoverPoint for Virtual Machines provides automation and orchestration capabilities, VMware Site Recovery Manager (SRM) is not required. Use VMware SRM only with RecoverPoint Classic.
Several RecoverPoint for Virtual Machines configurations are supported on converged systems, as shown in the following table:
Table 67. Supported RecoverPoint for Virtual Machines configurations on converged systems
RecoverPoint for Virtual Machines configurations | Supported options |
Host converged systems | VxBlock System 1000 |
Data protection configurations |
|
Replication types |
|
The RecoverPoint for Virtual Machines system consists of:
Note: Although you can use a single vRPA to create a RecoverPoint for Virtual Machines cluster, a minimum of two vRPAs is preferred for converged systems.
The splitter separates the write coming from the host and sends it to the vRPA and the virtual machine disk format (VMDK). The vRPAs handle all traffic to the journals and replicas as in a physical RecoverPoint system. Storage traffic between the vRPAs and the vSphere datastores uses the IP protocol.
This plug-in is the UI for managing the RecoverPoint for Virtual Machines system. The plug-in communicates directly with the vRPA clusters.
This plug-in communicates with the vRPA clusters through the HTML5 plug-in server.
Note: Starting from vSphere 6.7, VMware deprecated the vSphere Flex plug-in. Dell Technologies recommends using the vSphere HTML5 plug-in as the primary client and the Flex plug-in for features that the HTML5 plug-in does not currently support.
The following figure shows the RecoverPoint for Virtual Machines system architecture with the vSphere HTML5 plug-in:
Figure 16. RecoverPoint for Virtual Machines architecture with the vSphere HTML5 plug-in
This dedicated plug-in server provides replication management for one or more RecoverPoint for Virtual Machines systems and communicates through the REST API.
The server deploys from an OVA and runs on SUSE Linux 12.5. The plug-in server hosts the HTML5 plug-in and the UI logic. It serves as a single endpoint for the new REST API, through which it manages all RecoverPoint for Virtual Machines systems running 5.3 or later on the vCenter server. A single HTML5 plug-in server can manage one or more vRPA clusters per vCenter Server. Every vCenter server and HTML5 plug-in server supports a maximum of 50 vRPA clusters.
The plug-in server communicates securely with every registered vCenter Server and with every vRPA cluster that is registered with a vCenter Server.
Note: All vRPA clusters registered to the same plug-in server require the same admin password.
Environments running vCenter in Embedded Linked Mode can install one of the following servers:
A Dell-certified specialist carries out a sizing analysis with the customer using the following considerations:
RecoverPoint for Virtual Machines enables a single cluster to replicate to multiple clusters, or multiple clusters to replicate to a single cluster.
RecoverPoint for Virtual Machines supports the following multisite designs:
Note: For fan-in topologies, one remote copy per CG can be synchronous and the other can be asynchronous. Each link is independent, so you can access different points in time in different locations.
In addition to these multisite options, RecoverPoint for Virtual Machines supports a fully connected system where all sites are connected with each other.
RecoverPoint for Virtual Machines provides the vAdmin with integrated automation and orchestration capabilities to simplify the recovery of virtual machines. The vAdmin accesses these capabilities using the vSphere web client snap-in.
The following table shows the automation capabilities and orchestration capabilities that are available with RecoverPoint for Virtual Machines:
Table 68. RecoverPoint for Virtual Machines automation and orchestration capabilities
Group | Capability | Description |
Automation | VMDK manageability |
|
Replication of VM hardware changes | VM version, MAC address, CPU, memory, resource reservations, network adapter status, and network adapter type are replicated to all copy VMs in the CG. Note: When a VMDK is removed from a protected virtual machine, the corresponding copy VMDK is not removed. This option protects against accidental changes. When a protected VM is deleted, the corresponding copy VMs are not removed. This option protects against accidental changes. Replication of the SR-IOV NIC type is not supported. If the ESXi at a copy does not support the production VM version, no hardware resources are replicated. | |
MAC address replication | MAC addresses of remote copy VMs on a different vCenter are automatically replicated. | |
Application-consistent bookmarks | The RecoverPoint for Virtual Machines KVSS utility supports application-consistent bookmarks for Microsoft Windows. | |
Orchestration | Start-up Sequence | Install VM Tools on VMs that require protection by RecoverPoint for Virtual Machines. Both CGs and group sets can use the Start-up Sequence feature to define the startup order (priority) for the VMs in the CGs and the CGs in the group sets. |
User prompts | To provide the vAdmin with configurable messages at certain points in the workflow, add user prompts in the Start-up Sequence for a CG for each VM. If a timeout is defined, the prompt is automatically dismissed when the time-out period elapses. If no time-out is defined, the start-up sequence does not continue until the prompt is dismissed. | |
User scripts |
| |
Networking enhancements |
For information about specific operating systems, see the RecoverPoint for Virtual Machines Administrators Guide on the Dell Technologies Support website. |
RecoverPoint for Virtual Machines systems provide additional configuration settings to optimize the 3-Tier Platform and allow for maximum growth based on the analyzed data. Here are the key areas that require careful planning for converged systems.
During installation, replace the default admin user password with a unique password. This password is also the password for the root user across all vRPAs in the system.
The predefined admin user is granted all permissions for managing the system, including system engineer (SE) permissions. Starting from release 5.2.0.2 of RecoverPoint for Virtual Machines, the admin account is the only predefined user. For upgrades from RecoverPoint for Virtual Machines 5.1.1.4, the other predefined users remain as they were before the upgrade.
Root access is disabled by default for remote and local access. Access can be enabled or disabled from the Boxmgmt CLI.
RecoverPoint for Virtual Machines appliances use the following Federal Information Processing Standard (FIPS) 140-2 validated cryptographic modules:
All the modules are installed in accordance with the applicable security policies.
All encrypted network connections to and from RecoverPoint for Virtual Machines appliances use only the previously mentioned FIPS 140-2 validated cryptographic modules. On new installations, the vRPA communication security level is set by default to Authenticated and Encrypted.
To make the RecoverPoint for VMs system FIPS-140-2 compliant, verify that the vRPA communication security level is set to Authenticated and Encrypted on all vRPAs. To do this, log on to Boxmgmt as an admin and run the following CLI command: get_security_settings.
RecoverPoint for Virtual Machines supports Message Passing Interface (MPI) security for communication between vRPAs, between vRPA clusters, with storage, and with VMware vCenter servers. MPI security is applied to vRPA communications in the cluster and communications between clusters over WAN (IP). The following table describes the vRPA communication security levels:
Table 69. vRPA communication security levels
vRPA communication security level | Description |
Not authenticated, not encrypted | Communication between vRPA clusters is not authenticated or encrypted. However, vRPA clusters can communicate with each other only by adhering to the RecoverPoint for Virtual Machines proprietary protocol. |
Authenticated and encrypted (default) | vRPA clusters use certificates to authenticate one another before communicating. All communication between VRPA clusters is also encrypted using Advanced Encryption Standard (Rijndael) with 256-bit keys. |
Note: The splitter on each ESXi server communicates with the vRPA using the IP protocol.
The following table shows important scale limitations on RecoverPoint for Virtual Machines. For the complete list of limitations, see the RecoverPoint for Virtual Machines 5.x Scale and Performance Guide on the Dell Technologies Support website.
Table 70. RecoverPoint for Virtual Machines scale limitations
Parameter | Limit |
vRPA clusters per RecoverPoint for Virtual Machines system | 5 |
VMs protected per RecoverPoint for Virtual Machines system | 1,024 |
ESXi clusters connected to a vRPA cluster | 8 |
ESXi hosts with a splitter that can be attached to a vRPA cluster | 128 |
vRPA clusters connected to a vCenter Server | 50 |
vRPA clusters registered to an ESXi cluster | 50 |
vCenter Servers connected to a vRPA cluster | 5 |
Linked vCenter servers | 7 |
When configuring RecoverPoint for Virtual Machines solutions, follow the guidelines in the corresponding Security Guide. To obtain the guide:
A CG is a group of virtual machines and their disks that are replicated together in a way that ensures write-order consistency.
The CG is the basic building block where most replication operations occur. Recovering production or enabling Image access is all done per CG. Virtual machines are the entities that are protected, and they reside inside the CG.
CGs ensure write-order consistency on multiple disks in a single virtual machine, but also across multiple virtual machines that reside in the CG. For example, the system can ensure consistency between the application and database servers that reside in the same CG for any point in time. Newly created CGs are load-balanced across the vRPAs in the cluster by the number of CGs per vRPA. For converged systems, after the CG has been replicated for at least a week, check the I/O load on all vRPAs and manually rebalance the CGs across the vRPAs in the cluster.
Unlike RecoverPoint, RecoverPoint for Virtual Machines does not use the concept of distributed CGs. A single CG runs on a single vRPA and is limited by the resources of the vRPA.
Careful planning is required to create CGs and assign virtual machines to each. Review the following guidelines:
If you require write-order consistency between these two CGs, place them together in a group set on which parallel bookmarking is enabled.
Group sets with parallel bookmarking enabled have the following limitations:
RecoverPoint for VMs supports both VMFS and vVols datastores when used in a VxBlock System 1000.
Journals are crucial to the performance of RecoverPoint for Virtual Machines systems. Two types of journals are required for any CG:
Note: For VMware datastores that support RecoverPoint for Virtual Machines journals, choose a RAID 5 or (better) RAID 1/0 RAID group.
Use the values in the following table as a starting point for journal sizing.
Note: A certified specialist must perform journal performance and capacity sizing.
Table 71. Guidelines for journal sizing
Application writes | Protection window (journal size in GB) | ||||||
Minimum journal size | 1 hour | 8 hours | 24 hours | 3 days | 7 days | 30 days | |
1 KB | 10 | 10 | 10 | 10 | 10 | 10 | 10 |
10 KB | 10 | 10 | 10 | 10 | 10 | 20 | 40 |
100 KB | 10 | 10 | 10 | 20 | 40 | 90 | 380 |
1 | 10 | 10 | 50 | 130 | 380 | 870 | 3,710 |
2 | 10 | 20 | 90 | 250 | 750 | 1,740 | 7,420 |
3 | 10 | 20 | 130 | 380 | 1,120 | 2,600 | 11,130 |
4 | 10 | 30 | 170 | 500 | 1,490 | 3,470 | 14,830 |
5 | 10 | 30 | 210 | 620 | 1,860 | 4,330 | 18,540 |
10 | 10 | 60 | 420 | 1,240 | 3,710 | 8,660 | 37,070 |
15 | 10 | 80 | 620 | 1,860 | 5,570 | 1,2980 | 55,600 |
20 | 10 | 110 | 830 | 2,480 | 7,420 | 1,7300 | 74,140 |
25 | 10 | 140 | 1,040 | 3,100 | 9,270 | 2,1630 | 92,670 |
30 | 10 | 160 | 1,240 | 3,710 | 11,130 | 2,5950 | 111,200 |
35 | 10 | 190 | 1,450 | 4,330 | 12,980 | 3,0280 | 129,740 |
40 | 10 | 210 | 1,650 | 4,950 | 14,830 | 34,600 | 148,270 |
60 | 10 | 320 | 2,480 | 7,420 | 22,250 | 51,900 | 222,400 |
80 | 10 | 420 | 3,300 | 9,890 | 29,660 | 69,200 | 296,530 |
100 | 10 | 520 | 4,120 | 12,360 | 37,070 | 86,490 | 370,660 |
120 | 10 | 620 | 4,950 | 14,830 | 44,490 | 103,790 | 444,790 |
150 | 10 | 780 | 6,180 | 18,540 | 55,600 | 129,740 | 555,990 |
To start sizing:
Like RecoverPoint, RecoverPoint for Virtual Machines has a limit on the minimum and maximum number of vRPAs that are deployable in a single vRPA cluster. The minimum is one, and the maximum is eight.
Note: Even though a single vRPA can be used to create a RecoverPoint for Virtual Machines cluster, the best practice for converged systems is to deploy at least two vRPAs.
vRPAs can have three different virtual hardware specifications or configuration profiles. The supported vRPA configuration profiles are:
In VMware vCenter, the OVA deployment process automatically reserves all the memory that is assigned to the virtual machines and reserves 3,400 MHz for the CPUs. Adhere to the following guidelines:
Caution: Never place vRPAs on the VMware ESXi host on which the VM that the vRPA is replicating resides. This prevents the vRPA and the VM from competing for ESXi resources, especially at peak times. If there is a VMware ESXi host failure, VMware vCenter HA restarts the VM and the vRPA on a different ESXi host. This might move the VM CG to another vRPA to continue VM protection, potentially triggering a full sweep and a longer period where the VM is unprotected. It does not mean that other vRPAs should not share ESXi resources with the production VM.
The following table shows vRPA configurations for different replication use cases:
Table 72. vRPA configuration details for replication use cases
vRPA configuration | Supported replication use case |
2 CPUs, 8 GB RAM (Bronze +) | Up to 128 CGs per vRPA Up to 512 VMs per vRPA Total VMs’ write throughput of up to 70 MB/sec Asynchronous replication only |
4 CPUs, 8 GB RAM (Silver) | Total VMs’ write throughput of up to 200 MB/sec Asynchronous replication only |
8 CPUs, 8 GB RAM (Gold) | Total VMs’write throughput of up to 350 MB/sec (for asynchronous) Synchronous and asynchronous replication Enabling deduplication |
Caution: Upgrading VMware tools on the vRPAs is not supported and may lead to unwanted results.
The following table provides a starting point for deciding how many vRPAs are required. The calculations are based on the vRPA Configuration Profile 4 vCPU and 4 GB RAM. A certified specialist must perform the official sizing.
Table 73. vRPA configuration sizing
Protected virtual machines | Total IOPs | Total writes | Number of vRPAs | Read latency (milliseconds) | Write latency (milliseconds) |
25 | 21,250 | 17,000 | 1 | 0.29 | 0.78 |
50 | 42,500 | 34,000 | 1 | 0.31 | 1.44 |
50 | 42,500 | 34,000 | 2 | 0.28 | 0.94 |
64 | 63,750 | 51,000 | 3 | 0.40 | 1.02 |
All vRPA traffic moves across the IP network, making the reliability and performance of the network increasingly important. The following diagram shows the write path from a VM:
Figure 17. vRPA write path
The vRPA write path shown in the preceding figure follows this sequence of events:
Implement the following best practices:
The Dell 3-Tier engineering team obtained the performance data based on the following parameters:
Table 73. Performance data
vRPA | Asynchronous replication by a single vRPA with (WAN and journal compression) | Synchronous replication by a single vRPA | Latency 1 CG (WAN and journal compression) | ||||||
| I/O size | CGs | Result | I/O size | CGs | Result | I/O size | Speed | Result |
8 vRPA, 8 GB RAM | 8K | 1 | 25K IOPS | 8K | 1 | 14K IOPS | 8K | 15K IOPS | 1.17 milliseconds |
8 vRPA, 8 GB RAM | 8K | 64 | 30K IOPS | 8K | 64 | 12K IOPS | - | - | - |
8 vRPA, 8 GB RAM | 64K | 1 | 250 MB/s | 64K | 1 | 200 MB/s | - | - | - |
8 vRPA, 8 GB RAM | 64K | 64 | 250 MB/s | 64K | 64 | 200 MB/s | 64K | 150 MB/s | 1.65 milliseconds |
4 vRPA, 8 GB RAM | 8K | 1 | 18K IOPS | - | - | - | 8K | 12K IOPS | 2.70 milliseconds |
4 vRPA, 8 GB RAM | 8K | 64 | 18K IOPS | - | - | - | - | - | - |
4 vRPA, 8 GB RAM | 64K | 1 | 200 MB/s | - | - | - | - | - | - |
4 vRPA, 8 GB RAM | 64K | 64 | 200 MB/s | - | - | - | 64K | 150 MB/s | 2.26 millisecond |
The following table shows the performance of the RecoverPoint for Virtual Machines splitter on a single VMware ESXi host:
Table 74. Splitter performance on a VMware ESXi host
ESXi splitter performance (asynchronous replication with WAN/Journal compression) | |||
vRPA | I/O size | CGs | Result |
2 x 8 vRPA, 8 GB RAM | 8K | 64 | 50K IOPS |
2 x 8 vRPA, 8 GB RAM | 64K | 64 | 500 MB/S |
For more information, see the RecoverPoint for Virtual Machines Product Guide and the RecoverPoint for Virtual Machines Administrator’s Guide on the Dell Technologies Support website.