Backup and Restore - VMware Validated Design 5 · backup and restore is a more granular method than...

Backup and Restore03 SEP 2019

VMware Validated Design 5.1VMware Validated Design for Software-Defined Data Center 5.1

You can find the most up-to-date technical documentation on the VMware website at:

https://docs.vmware.com/

VMware, Inc.3401 Hillview Ave.Palo Alto, CA 94304www.vmware.com

Copyright ©

2018-2019 VMware, Inc. All rights reserved. Copyright and trademark information.

Backup and Restore

VMware, Inc. 2

https://docs.vmware.com/

http://pubs.vmware.com/copyright-trademark.html

Contents

1 About VMware Validated Design Backup and Restore 5

2 Data Protection Backup Jobs per Component 7

3 Prerequisites for Backing Up the Software-Defined Data Center 10Prerequisites for Backing Up the Virtual Infrastructure Layer 10

Prerequisites for Backing Up the Operations Management Layer 10

Prerequisites for Backing Up the Cloud Management Layer 11

4 Prerequisites for Restoring the Software-Defined Data Center 12

5 Back Up the Management SDDC Components 13Create Image-Based Backup Jobs by Using a VADP-Compatible Backup Solution 14

Create File-Based Backup Jobs for the Platform Services Controller and vCenter Server Instances 16

Create an Application-Level Backup Job for the Microsoft SQL Server 18

Export the NSX Firewall Configuration 18

Export the Service Composer Configuration 20

Export the Configurations of the Distributed Switches 21

Back Up Site Recovery Manager 22

6 SDDC Startup and Shutdown 25Shutdown Order of the Management Virtual Machines 25

Startup Order of the Management Virtual Machines 28

7 Restoring the SDDC Management Components 31Restoring the SDDC from Logical Failures 31

Restore All Failed Platform Service Controller Instances 32

Rebuild a Failed Platform Services Controller Instance 34

Recover a vCenter Server Instance 38

Restore a Failed NSX Manager Instance 39

Redeploy Other NSX Appliances 40

Import the NSX Firewall Configuration 42

Import a Security Composer Configuration 43

Restore the Configuration of a Distributed Switch 44

Restore the Remaining SDDC Components 45

Restore Site Recovery Manager 46

Restoring the SDDC from Physical Failures 47

VMware, Inc. 3

Restore the SDDC Management Components after Physical Failures 47

Backup and Restore

VMware, Inc. 4

About VMware Validated Design Backup and Restore 1VMware Validated Design Backup and Restore provides guidance on the use of a vSphere Storage API - Data Protection (VADP) solution for performing backup and restore of the management components in the Software-Defined Data Center (SDDC).

After you deploy the VMware Validated Design™ for Software-Defined Data Center, backing up management components ensures that you can keep your environment operational if a data loss or failure occurs. You implement scheduled backups to prepare for:

n A critical failure of any management component

n An upgrade of any management component

n Updating the certificate of any management component

Intended Audience

VMware Validated Design Backup and Restore is intended for cloud architects, infrastructure administrators, cloud administrators, and cloud operators who are familiar with and want to use VMware software to deploy and manage an SDDC that meets the requirements for capacity, scalability, backup and restore, and extensibility for disaster recovery support.

Required Software

In addition to the VMware Validated Design SDDC deployment, you must download and install a tool for backing up and restoring your SDDC. When choosing your backup tool, verify that the tool includes the following features:

n vSphere Storage API - Data Protection (VADP) compliance

n Availability of file-level backup agents

n Availability of a SQL Server backup agent.

n Ability to restore directly to a VMware ESXi™ host when the VMware vCenter Server®

instance is unavailable

n Compatibility with the software versions deployed in your SDDC. See VMware Validated Design Release Notes.

VMware, Inc. 5

Before You Apply This Guidance

The sequence of the documentation of VMware Validated Design follows the stages for implementing and maintaining an SDDC. See the Guided Documentation Map.

To use VMware Validated Design Backup and Restore, you must be acquainted with the following guidance:

n Introducing VMware Validated Designs

n VMware Validated Design Architecture and Design

n VMware Validated Design Planning and Preparation

n If you perform a clean deployment:

n VMware Validated Design Deployment of Region A

n VMware Validated Design Deployment of Region B

n Optionally VMware Validated Design Deployment of Multiple Availability Zones

n If you upgrade from an older version of VMware Validated Design, VMware Validated Design Upgrade

Backup and Restore

VMware, Inc. 6

https://docs.vmware.com/en/VMware-Validated-Design/index.html

Data Protection Backup Jobs per Component 2You can configure backup jobs for each SDDC management component separately, because different components require different types of backup jobs. For this scenario, there is no requirement to back up the entire SDDC, and this design does not imply such an operation. Some products can perform internal configuration backups, that is, application-level backups, and therefore do not require a full component backup. Use the application-level backups in addition to the image-level component backups as appropriate.

Create a single backup job for each component group in each region. The application-level backup and restore is a more granular method than the image-level method for backup and restore. An application-level backup method can be native to the application or a part of your backup tool.

Table 2-1. Backup Jobs in Region A

Component Group Image-Level Backup Job Application-Level Backup Job

ESXi n/a -

Platform Services Controller™

Part of the vCenter Server backup job -

vCenter Server n Management Job

n sfo01m01vc01.sfo01.rainpole.local

n sfo01m01psc01.sfo01.rainpole.local

n Compute Job

n sfo01w01vc01.sfo01.rainpole.local

n sfo01w01psc01.sfo01.rainpole.local

-

VMware NSX® Data Center for vSphere®

- n sfo01m01nsx01.sfo01.rainpole.local

n sfo01w01nsx01.sfo01.rainpole.local

VMware, Inc. 7

Table 2-1. Backup Jobs in Region A (continued)

Component Group Image-Level Backup Job Application-Level Backup Job

VMware vRealize®

Automation™n vra01mssql01.rainpole.local

n vrb01svr01.rainpole.local

n sfo01vrbc01.sfo01.rainpole.local

n vra01svr01a.rainpole.local

n vra01svr01b.rainpole.local

n vra01svr01c.rainpole.local

n vra01iws01a.rainpole.local

n vra01iws01b.rainpole.local

n vra01ims01a.rainpole.local

n vra01ims01b.rainpole.local

n vra01dem01a.rainpole.local

n vra01dem01b.rainpole.local

n sfo01ias01a.sfo01.rainpole.local

n sfo01ias01b.sfo01.rainpole.local

vra01mssql01.rainpole.local

VMware vRealize® Log Insight™

n sfo01vrli01a.sfo01.rainpole.local

n sfo01vrli01b.sfo01.rainpole.local

n sfo01vrli01c.sfo01.rainpole.local

-

VMware vRealize®

Operations Manager™n vrops01svr01a.rainpole.local

n vrops01svr01b.rainpole.local

n vrops01svr01c.rainpole.local

n sfo01vropsc01a.sfo01.rainpole.local

n sfo01vropsc01b.sfo01.rainpole.local

-

n vRealize Business Server

n vRealize Business Data Collector

Part of the vRealize Automation backup job -

VMware vSphere® Update Manager™ Download Service (UMDS)

n sfo01umds01.sfo01.rainpole.local -

VMware vRealize® Suite Lifecycle Manager™

n vrslcm01svr01a.rainpole.local -

Skyline Collector n sfo01sky01.sfo01.rainpole.local -

VMware Site Recovery Manager™

n sfo01m01srm01.sfo01.rainpole.local -

VMware vSphere®

Replication™n sfo01m01vrms01.sfo01.rainpole.local -

Note The backup jobs in Region B are not applicable to a single-region SDDC implementation.

Table 2-2. Backup Jobs in Region B

Product Image-LevelBackup Jobs Application Backup Jobs

ESXi n/a -

Platform Services Controller Part of the vCenter Server backup job -

Backup and Restore

VMware, Inc. 8

Table 2-2. Backup Jobs in Region B (continued)

Product Image-LevelBackup Jobs Application Backup Jobs

vCenter Server n Management Job

n lax01m01vc01.lax01.rainpole.local

n lax01m01psc01.lax01.rainpole.local

n Compute Job

n lax01w01vc01.lax01.rainpole.local

n lax01w01psc01.lax01.rainpole.local

-

NSX for vSphere - n lax01m01nsx01.lax01.rainpole.local

n lax01m01nsx01.lax01.rainpole.local

vRealize Automation n lax01ias01a.lax01.rainpole.local

n lax01ias01b.lax01.rainpole.local

n lax01vrbc01.lax01.rainpole.local

-

vRealize Log Insight n lax01vrli01a.lax01.rainpole.local

n lax01vrli01b.lax01.rainpole.local

n lax01vrli01c.lax01.rainpole.local

-

vRealize Operations Manager n lax01vropsc01a.lax01.rainpole.local

n lax01vropsc01b.lax01.rainpole.local

-

vRealize Business Data Collector

Part of the vRealize Automation backup job -

vSphere Update Manager Download Service (UMDS)

n lax01umds01.lax01.rainpole.local -

VMware Skyline Collector n lax01sky01.lax01.rainpole.local -

VMware Site Recovery Manager

n lax01m01srm01.lax01.rainpole.local -

VMware vSphere Replication n lax01m01vrms01.lax01.rainpole.local -

Backup and Restore

VMware, Inc. 9

Prerequisites for Backing Up the Software-Defined Data Center 3Before implementing a backup strategy for the Software-Defined Data Center, ensure that your environment meets the requirements for the different layers.

n Prerequisites for Backing Up the Virtual Infrastructure Layer

Before backing up the virtual infrastructure layer, follow these guidelines.

n Prerequisites for Backing Up the Operations Management Layer

Before backing up the operations management layer, follow these guidelines.

n Prerequisites for Backing Up the Cloud Management Layer

Before backing up the cloud management layer, follow these guidelines.

Prerequisites for Backing Up the Virtual Infrastructure Layer

Before backing up the virtual infrastructure layer, follow these guidelines.

Before you back up the Platform Services Controller, vCenter Server, and NSX Manager instances, and the virtual infrastructure configurations, such as NSX Distributed Firewalls and vSphere Distributed Switches, verify that:

n There are no configuration issues on the source and target sites.

n All nodes use host names and IP addresses that are resolvable in DNS.

n All nodes are powered on and accessible

Prerequisites for Backing Up the Operations Management Layer

Before backing up the operations management layer, follow these guidelines.

vRealize Operations Manager Backup Prerequisites

Before you back up the vRealize Operations Manager nodes, verify that:

n There are no configuration issues on the source and target sites.

n All nodes use host names and static IP address that are resolvable in DNS.

n All nodes are powered on and accessible.

VMware, Inc. 10

n Quiesced snapshots are disabled, because vRealize Operations Manager does not support them.

Note For information about disabling quiescing, see vRealize Operations Manager Preparations for Backing Up in vRealize Suite 2017 Backup and Restore.

n The backup job is for the entire virtual machine (VM). You back up all VMDK files that are part of the virtual appliance.

n The state of the cluster is not changed while the backups are in progress .

vRealize Log Insight Backup Prerequisites

Before you back up the vRealize Log Insight nodes, verify that:

n There are no configuration problems on the source and target sites.

n All nodes use host names and static IP address that are resolvable in DNS.

n Quiesced snapshots are disabled, because vRealize Log Insight does not support them.

Note For information about disabling quiescing, see vRealize Operations Manager Preparations for Backing Up in vRealize Suite 2017 Backup and Restore.

Prerequisites for Backing Up the Cloud Management Layer

Before backing up the cloud management layer, follow these guidelines.

vRealize Business for Cloud Backup Prerequisites

Before you back up a vRealize Business node, verify that:


n vRealize Business uses a host name that is resolvable in DNS.

n vRealize Business is running and vRealize Automation is registered with it.

n vRealize Business is calculating the correct cost of the virtual machines.

vRealize Automation Backup Prerequisites

Before you back up the vRealize Automation nodes, verify that:


n All nodes use host names and static IP addresses that are resolvable in DNS.

n If backing up a complete system, all instances of the vRealize Automation appliance and databases are backed up simultaneously.

n Use a maintenance period if possible, or a time window with minimized active transaction. Schedule your regular backup during a time of low system load.

Backup and Restore

VMware, Inc. 11

Prerequisites for Restoring the Software-Defined Data Center 4Before restoring the SDDC, follow these guidelines.

n Remove any snapshots from the VMs that you plan to restore.

n Verify that the nodes to be restored are in a powered-off state.

VMware, Inc. 12

Back Up the Management SDDC Components 5As part of the SDDC deployment, Cloud Builder configures and schedules backup jobs only for the NSX Manager instances. You must back up the rest of the managements SDDC components manually.

Table 5-1. NSX Manager FTP Backup Configuration

Setting Value

Backup location, protocol, and credentials See the NSX Manager FTP backup configuration in the Deployment Parameters XLS file for the region.

File name prefix n sfo_NSX_Mgmt for the NSX Manager instance for the management cluster

n sfo_NSX_Comp for the NSX Manager instance for the shared edge and compute cluster

Backup Frequency Hourly

Procedure

1 Create Image-Based Backup Jobs by Using a VADP-Compatible Backup Solution

To back up the components of the Software-Defined Data Center in Region A and Region B, you can create full virtual machine image-level backup jobs by using a VADP-compatible backup solution.

2 Create File-Based Backup Jobs for the Platform Services Controller and vCenter Server Instances

As an alternative or as an optional addition to the image-level backups, you can configure file-based backups of the Platform Services Controller and vCenter Server instances. The restore procedures are different for imaged-based and file-based backups.

3 Create an Application-Level Backup Job for the Microsoft SQL Server

You can configure a backup agent on the Microsoft SQL Server that is used in the cloud management layer, after which you can create a scheduled job to back up the SQL server by using your VADP-compatible backup solution.

VMware, Inc. 13

4 Export the NSX Firewall Configuration

As part of the SDDC deployment, Cloud Builder configures and schedules a backup of the entire NSX Manager instance. To have a backup only of the firewall rules in an NSX Manager instance, you export an XML configuration file. If you want to recover the rules configuration only, you can import this configuration file to the NSX Manager instance.

5 Export the Service Composer Configuration

As part of the SDDC deployment, Cloud Builder configures and schedules a backup of the entire NSX Manager instance. To have a backup only of the service composer configuration of the security policies in an NSX Manager instance, you export a configuration file, which also includes the security groups that are mapped to the security policies. If you want to recover only the service composer configuration, you can import this configuration file to the NSX Manager instance.

6 Export the Configurations of the Distributed Switches

The vCenter Server backup includes the configurations of the entire vCenter Server instance. To have a backup only of the vSphere Distributed Switch and distributed port group configurations, you export a configuration file that includes the validated network configurations. If you want to recover the Distribute Switch only, you can import this configuration file to the vCenter Server instance.

7 Back Up Site Recovery Manager

To back up the Site Recovery Manager configuration data, you use the standalone VMware Site Recovery Manager Configuration Import/Export Tool.

Create Image-Based Backup Jobs by Using a VADP-Compatible Backup Solution

To back up the components of the Software-Defined Data Center in Region A and Region B, you can create full virtual machine image-level backup jobs by using a VADP-compatible backup solution.

To ensure that all management components are backed up correctly, you must create a series of backup jobs that capture the state of a set of related components at a common point in time. Simultaneous backups ensure that the components can be restored to a state where they are logically consistent with each other.

Note As an alternative or as an optional addition, you can back up the Platform Services Controller and vCenter Server instances by using their native file-based backup solution. See Create File-Based Backup Jobs for the Platform Services Controller and vCenter Server Instances.

Procedure

1 Log in to your VADP-compatible backup solution by using a set of credentials with permissions to create backup jobs.

Backup and Restore

VMware, Inc. 14

2 Create the following individual backup jobs for the related components.


Order Product

Virtual Appliance in Region A

Virtual Appliance in Region B Backup Job Name

1 vCenter Server and Platform Services Controller

n sfo01m01psc01

n sfo01m01vc01

n sfo01w01psc01

n sfo01w01vc01

n lax01m01psc01

n lax01m01vc01

n lax01w01psc01

n lax01w01vc01

Management and Compute vCenter Server Backups

2 vRealize Suite Lifecycle Manager

n vrslcm01svr01a - vRealize Suite Lifecycle Manager Backups

3 vRealize Operations Manager

n vrops01svr01a

n vrops01svr01b

n vrops01svr01c

n sfo01vropsc01a

n sfo01vropsc01b

n lax01vropsc01a

n lax01vropsc01b

vRealize Operations Manager Backups

4 vRealize Log Insight n sfo01vrli01a

n sfo01vrli01b

n sfo01vrli01c

n lax01vrli01a

n lax01vrli01b

n lax01vrli01c

vRealize Log Insight Backups

5 Cloud Management Platform

n vra01svr01a

n vra01svr01b

n vra01svr01c

n vra01ims01a

n vra01ims01b

n vra01iws01a

n vra01iws01b

n vra01mssql01

n sfo01ias01a

n sfo01ias01b

n vra01dem01a

n vra01dem01b

n vrb01svr01

n sfo01vrbc01

n lax01ias01a

n lax01ias01b

n lax01vrbc01

Cloud Management Platform Backups

6 vSphere Update Manager Download Service

n sfo01umds01 n lax01umds01 vSphere Update Manager Download Service Backups

7 VMware Skyline Collector

n sfo01sky01 n lax01sky01 VMware Skyline Collector Backups

Backup and Restore

VMware, Inc. 15

Order Product

Virtual Appliance in Region A

Virtual Appliance in Region B Backup Job Name

8 VMware Site Recovery Manager Appliance

n sfo01m01srm01 n lax01m01srm01 VMware Site Recovery Manager Appliance Backups

9 VMware vSphere Replication Manager

n sfo01m01vrms01 n lax01m01vrms01 VMware vSphere Replication Manager Backups

3 Schedule the backups to run on a daily basis.

4 Retain each backup for three days.

What to do next

Confirm that each backup job is created successfully.

Create File-Based Backup Jobs for the Platform Services Controller and vCenter Server Instances

As an alternative or as an optional addition to the image-level backups, you can configure file-based backups of the Platform Services Controller and vCenter Server instances. The restore procedures are different for imaged-based and file-based backups.

You perform the file-based backups by using the appliance management interface (VAMI) of the Platform Services Controller and vCenter Server instances.

Table 5-2. VAMI URLs of the Platform Services Controller and vCenter Server Instances

Component Region A URL Region B URL

Management Platform Services Controller instance

https://sfo01m01psc01.sfo01.rainpole.local:5480

https://lax01m01psc01.lax01.rainpole.local:5480

Compute Platform Services Controller instance

https://sfo01w01psc01.sfo01.rainpole.local:5480

https://lax01w01psc01.lax01.rainpole.local:5480

Management vCenter Server instance https://sfo01m01vc01.sfo01.rainpole.local:5480

https://lax01m01vc01.lax01.rainpole.local:5480

Compute vCenter Server instance https://sfo01w01vc01.sfo01.rainpole.local:5480

https://lax01w01vc01.lax01.rainpole.local:5480


Prerequisites

n Verify that you have an FTP, FTPS, HTTP, HTTPS, SFTP, NFS, or SMB server on the network to serve as a backup target.

Backup and Restore

VMware, Inc. 16

n Verify that the backup target has sufficient disk space to store the backups.

Procedure

1 In a Web browser, log in to the Platform Services Controller by using the Virtual Appliance Management Interface (VAMI).

Setting Value

URL https://sfo01m01psc01.sfo01.rainpole.local:5480

User name root

Password psc_root_password

2 Click Backup and click Configure.

3 Enter the backup location details.

Setting Value

Backup location The backup location, including the protocol to use to connect to your backup server, the port, the server address, and backup folder to store the backup files.

For FTP, FTPS, HTTP, or HTTPS the path is relative to the home directory configured for the service.

Backup server credentials A user name and password of a user with write privileges on the backup server.

4 Set the schedule recurrence and time for the backup.

The recurrence can be set daily, weekly, or you can customize the schedule to run the backup on a specific day or days of the week. You can configure the time of day to run the backup. The default time is 11:59pm.

5 (Optional) To encrypt your backup file, enter an encryption password.

If you encrypt the backup data, you must use the encryption password for the restore procedure.

6 Select Retain all backups or enter the number of backups to retain.

The retention information provides the number of backups to retain for a given vCenter Server instance.

7 (Optional) To back up additional historical data from the database, select Stats, Events, and Tasks

8 Click Create.

The backup schedule information is populated in the Backup page.

9 Repeat the procedure for each Platform Services Controller or vCenter Server instance.

Backup and Restore

VMware, Inc. 17

What to do next

Verify that the file-based backup jobs are created successfully and that any complete and in-progress backups are listed under Activity.

Create an Application-Level Backup Job for the Microsoft SQL Server

You can configure a backup agent on the Microsoft SQL Server that is used in the cloud management layer, after which you can create a scheduled job to back up the SQL server by using your VADP-compatible backup solution.

vRealize Automation uses a Microsoft SQL Server for its IaaS database. To back up this database, you must use a SQL-based backup agent. With the backup agent, you can restore the database independently of the Microsoft SQL server instance, which is key if the server is not dedicated to the SDDC instance, or if a clustered Microsoft SQL server instance is used.

Note As an alternative, the Microsoft SQL Server can be backed up as part of a whole or partial server backup depending on whether the server is a shared SQL Server instance or not.

Procedure

1 Install the backup agent on the Microsoft SQL Server machine.

2 Create a scheduled backup job for the Microsoft SQL server.

Repeat Create Image-Based Backup Jobs by Using a VADP-Compatible Backup Solution by using the following details.

Setting Value

Backup Job Name Cloud Management Platform MSSQL Server Backups

Time The same as time as for the image-level backup job named Cloud Management Platform Backups.

What to do next

Confirm that the SQL Server backup job is created successfully.

Export the NSX Firewall Configuration

As part of the SDDC deployment, Cloud Builder configures and schedules a backup of the entire NSX Manager instance. To have a backup only of the firewall rules in an NSX Manager instance, you export an XML configuration file. If you want to recover the rules configuration only, you can import this configuration file to the NSX Manager instance.

You export the NSX firewall configuration from each NSX Manager instance in each region.

Backup and Restore

VMware, Inc. 18

Table 5-3. NSX Manager Nodes in the SDDC

Region NSX Manager Instance NSX Manager IP Address vSphere Client URL

Region A Primary NSX Manager for the management cluster

172.16.11.65 https://sfo01m01vc01.sfo01.rainpole.local/ui

Region A Primary NSX Manager for the shared edge and compute cluster

172.16.11.66 https://sfo01w01vc01.sfo01.rainpole.local/ui

Region B Secondary NSX Manager for the management cluster

172.17.11.65 https://lax01m01vc01.lax01.rainpole.local/ui

Region B Secondary NSX Manager for the shared edge and compute cluster

172.17.11.66 https://lax01w01vc01.lax01.rainpole.local/ui

Note

The NSX Manager instances in Region B are not applicable to a single-region SDDC implementation.

Procedure

1 In a Web browser, log in to vCenter Server by using the vSphere Client.

Setting Value

URL https://sfo01m01vc01.sfo01.rainpole.local/ui

User name [email protected]

Password vsphere_admin_password

2 Click the Networking & Security inventory.

3 In the navigation pane, under Security, click Firewall.

4 From the NSX Manager drop-down menu, select 172.16.11.65 | Primary.

5 In the top right corner, click the More drop-down menu and select Export Current Configuration.

6 On the Export Current Configuration dialog box, click Export and save the exported firewall configuration file.

7 Copy the backup file to a secure location which can be retrieved and used if a failure of the appliance occurs.

8 Repeat the steps for each NSX Manager instance in the SDDC.

Backup and Restore

VMware, Inc. 19

Export the Service Composer Configuration

As part of the SDDC deployment, Cloud Builder configures and schedules a backup of the entire NSX Manager instance. To have a backup only of the service composer configuration of the security policies in an NSX Manager instance, you export a configuration file, which also includes the security groups that are mapped to the security policies. If you want to recover only the service composer configuration, you can import this configuration file to the NSX Manager instance.


Region NSX Manager Instance NSX Manager IP Address vSphere Client URL


172.16.11.65 https://sfo01m01vc01.sfo01.rainpole.local/ui


172.16.11.66 https://sfo01w01vc01.sfo01.rainpole.local/ui


172.17.11.65 https://lax01m01vc01.lax01.rainpole.local/ui


172.17.11.66 https://lax01w01vc01.lax01.rainpole.local/ui

Note

The NSX Manager instances in Region B are not applicable to a single-region SDDC implementation.

Procedure


Setting Value




2 Click the Networking & Security inventory.

3 In the navigation pane, under Security, click Service Composer.

4 Click the Security Policies tab.

5 From the NSX Manager drop-down menu, select 172.16.11.65 | Primary.

6 Select the security policy to export and click More > Export Configuration.

The Export Services Composer Configuration wizard opens.

Backup and Restore

VMware, Inc. 20

7 On the Name and Description page, enter a name, description, and prefix for the backup, and click Next.

The prefix is added to the exported security policies and security groups. Setting a prefix makes the names of the exported security policies unique.

8 On the Select Security Policies page, select the security policies to export and click Next.

9 On the Preview Selection page, review the security policies and associated objects, click Finish, and save the exported service composer configuration file.


11 Repeat the steps for each NSX Manager instance in the SDDC.

Export the Configurations of the Distributed Switches

The vCenter Server backup includes the configurations of the entire vCenter Server instance. To have a backup only of the vSphere Distributed Switch and distributed port group configurations, you export a configuration file that includes the validated network configurations. If you want to recover the Distribute Switch only, you can import this configuration file to the vCenter Server instance.

You can use the exported file to create multiple copies of the distributed switch configuration on an existing deployment, or overwrite the settings of existing distributed switches and port groups.

Table 5-5. Distributed Switches in the SDDC

Region Distributed Switch vCenter Server

Region A sfo01-m01-vds01 sfo01m01vc01.sfo01.rainpole.local

Region A sfo01-w01-vds01 sfo01w01vc01.sfo01.rainpole.local

Region B lax01-m01-vds01 lax01m01vc01.lax01.rainpole.local

Region B lax01-w01-vds01 lax01w01vc01.lax01.rainpole.local

Note

The Distributed Switch instances in Region B are not applicable to a single-region SDDC implementation.

Backup and Restore

VMware, Inc. 21

Procedure


Setting Value




2 From the Networking inventory, expand the sfo01m01vc01.sfo01.rainpole.local tree, and locate the sfo01-m01-vds01 distributed switch.

3 Right-click the distributed switch and select Settings > Export Configuration.

4 In the Export Configuration dialog box, select Distributed switch and all port groups and click OK.

5 After the configuration is generated, click Yes to save the configuration file.


7 Repeat the steps for each Distributed Switch instance in the SDDC.

Back Up Site Recovery Manager

To back up the Site Recovery Manager configuration data, you use the standalone VMware Site Recovery Manager Configuration Import/Export Tool.

Prerequisites

n Verify that you have Java 1.8.x or later installed on the Site Recovery Manager host machine.

n Verify that you have a site pair with Site Recovery Manager running on both the protected and the recovery site.

Procedure

1 Create the srm_configuration.properties with the following data:

Parameter Description

lookup.service.address The Platform Services Controller address. Can be an IP address or FQDN.

local.vc.username The user name for the local vCenter Server.

local.vc.password The password for the local vCenter Server.

local.srm.name The name of the local Site Recovery Manager Server.

remote.vc.username The user name for the remote vCenter Server. Required if your environment is not federated.

remote.vc.password The password of the user for the remote vCenter Server. Required if your environment is not federated.

Backup and Restore

VMware, Inc. 22

Parameter Description

array.manager.n.name The name of the array manager, where n is a number. All array managers must be defined at least by a name and a skip flag. Required field for import, if your environment contains any array managers.

array.manager.n.skip Set whether the array manager must be imported or skipped. The default value is false. Required if array.manager.n.name is present.

array.manager.n.username The user name for the array manager. Required if array.manager.n.name is present and array.manager.n.skip value is set to false.

array.manager.n.password The password for the array manager. Required if array.manager.n.name is present and array.manager.n.skip value is set to false.

port Optional. The port number for the Lookup Service. The default value is 443.

continue.after.array.manager.errors Optional. If you set the value to true, the tool does not fail when an array manager is missing or there is an array-based error. The default value is false.

Below is a sample of the srm_configuration.properties file formatting.

lookup.service.address=my.psc.address.com

port=443

local.vc.username=localAdmin

local.vc.password=localAdminSecretPass

local.srm.name=My local SRM

remote.vc.username=remoteAdmin

remote.vc.password=remoteAdminSecretPass

continue.after.array.manager.errors=false

array.manager.1.name=am_1

array.manager.1.skip=false

array.manager.1.username=am1AdminUserName

array.manager.1.password=am1AdminSecretPass


array.manager.2.skip=true





2 Download the VMware Site Recovery Manager Configuration Import/Export Tool in a directory on the Site Recovery Manager virtual machine.

3 Open a command shell, navigate to the download folder, and run the following command:

java -jar import-export-tool-8.2.0-<build_number>.jar --export --format --properties

Path_to_properties_file

4 Use the cron tool on the appliance to schedule the command to run on a daily basis.

Backup and Restore

VMware, Inc. 23


6 Repeat this procedure for all Site Recovery Manager instances across all SDDC regions.

Backup and Restore

VMware, Inc. 24

SDDC Startup and Shutdown 6When you perform a patch, an upgrade, a recovery, or a failover operation for the SDDC management applications, ensure that you shut down and start up the management virtual machines according to a predefined order.

n Shutdown Order of the Management Virtual Machines

Follow a strict order to shut down the virtual machines of the SDDC management stack to avoid data loss and faults in the components.

n Startup Order of the Management Virtual Machines

Follow a strict order to start up the virtual machines of the SDDC management stack to maintain the components integration and avoid operations fault.

Shutdown Order of the Management Virtual Machines

Follow a strict order to shut down the virtual machines of the SDDC management stack to avoid data loss and faults in the components.

Before you begin:

n Verify that the virtual machines are not running on snapshots.

n Verify that you have complete backups of all management components.

n If a vSphere Storage APIs for Data Protection (VADP) based backup solution is running on the management clusters, verify that the solution is properly shut down following the vendor guidance.

Shutting down the ESXi hosts in the vSAN clusters:

n Refer to VMware Knowledge Base article 2142676 for information on preparing and shutting down ESXi hosts in vSAN clusters.

Shutting down the management virtual machines:

n Shut down the virtual machines of the SDDC management stack in the shutdown order provided in the following table.

VMware, Inc. 25

https://kb.vmware.com/s/article/2142676

n Verify that the virtual machine console and that the virtual machine services shut down has completed before you proceed with the next virtual machine.

Important Virtual Machines within groups with the same Sequence ID can be shutdown simultaneously. You should wait until one group has completed before stopping the next group as there are dependencies between groups.

Virtual Machine Name in Region A

Virtual Machine Name in Region B Group ID Sequence ID

vRealize Suite Lifecycle Manager

Number of VMs (1)


Number of VMs (0)

1

vrslcm01svr01a - 1

VMware VMware Skyline

Number of VMs (1)


Number of VMs (1)

2

sfo01sky01 lax01sky01 1

vRealize Operations Manager

Number of VMs (5)


Number of VMs (2)

3

sfo01vropsc01b lax01vropsc01b 1

sfo01vropsc01a lax01vropsc01a 1

vrops01svr01c - 2

vrops01svr01b - 3

vrops01svr01a - 4

vRealize Log Insight

Number of VMs (3)


Number of VMs (3)

4

sfo01vrli01c lax01vrli01c 1

sfo01vrli01b lax01vrli01b 1

sfo01vrli01a lax01vrli01a 2

vRealize Business for Cloud

Number of VMs (2)

Realize Business for Cloud

Number of VMs (1)

5

sfo01vrbc01 lax01vrbc01 1

vrb01svr01 - 2

vRealize Automation

Number of VMs (12)

vRealize Automation

Number of VMs (2)

6

vra01dem01b - 1

vra01dem01a - 1

sfo01ias01b lax01ias01b 1

sfo01ias01a lax01ias01a 1

vra01ims01b - 2

Backup and Restore

VMware, Inc. 26



vra01ims01a - 2

vra01iws01b - 3

vra01iws01a - 4

vra01svr01c - 5

vra01svr01b - 5

vra01svr01a - 5

vra01mssql01 - 6

Site Recovery Manager and vSphere Replication

Number of VMs (2)


Number of VMs (2)

7

sfo01m01vrms01 lax01m01vrms01 1

sfo01m01srm01 lax01m01srm01 2

Update Manager Download Service

Number of VMs (1)


Number of VMs (1)

8

sfo01umds01 lax01umds01 1

Core Stack

Number of VMs (26)

Core Stack

Number of VMs (16)

9

sfo01m01lb01 (0,1) lax01m01lb01 (0,1) 1

sfo01m01udlr01 (0,1) - 1

sfo01m01esg01 lax01m01esg01 1


sfo01w01udlr01 (0,1) - 1

sfo01w01dlr01 (0,1) lax01w01dlr01 (0,1) 1

sfo01w01esg01 lax01w01esg01 1


sfo01m01nsx01 lax01m01nsx01 2

sfo01w01nsx01 lax01w01nsx01 2

sfo01m01nsxc01 - 3

sfo01m01nsxc02 - 3

sfo01m01nsxc03 - 3

sfo01w01nsxc01 - 3

sfo01w01nsxc02 - 3

sfo01w01nsxc03 - 3

sfo01m01vc01 lax01m01vc01 4

sfo01w01vc01 lax01w01vc01 4

Backup and Restore

VMware, Inc. 27



sfo01w01psc01 lax01w01psc01 5

sfo01m01psc01 lax01m01psc01 5

sfo01psc01 (0,1) lax01psc01 (0,1) 6

Startup Order of the Management Virtual Machines

Follow a strict order to start up the virtual machines of the SDDC management stack to maintain the components integration and avoid operations fault.

Before you begin:

n Verify that external services for the SDDC, such as Active Directory, DNS, NTP, SMTP, and FTP/SFTP are available.

Starting up the ESXi hosts in the vSAN clusters:

n If the vSAN clusters are shut down, refer to VMware Knowledge Base article 2142676 for information on starting up hosts and exiting maintenance mode.

Starting up the management virtual machines:

n Start up the virtual machines in the startup order provided in the following table.

n Verify that the virtual machine console is available and that the virtual machine services are up, before you proceed with the next virtual machine.

n Refer to VMware Knowledge Base article 2142676 for information on verifying the health of the vSAN clusters, before you start up tenant workloads.

n If a vSphere Storage APIs for Data Protection (VADP) based backup solution is deployed on the management cluster, verify that the solution is properly started and operational, following the vendor guidance.

Important Virtual Machines within groups with the same Sequence ID can be started simultaneously. You should wait until one group has completed before starting the next group as there are dependencies between groups.

Virtual Machine in Region AVirtual Machine in Region B Group ID Sequence ID

Core Stack

Number of VMs (26)

Core Stack

Number of VMs (16)

1

sfo01psc01 (0,1) lax01psc01 (0,1) 1

sfo01m01psc01 lax01m01psc01 2

sfo01w01psc01 lax01w01psc01 2

sfo01m01vc01 lax01m01vc01 3

sfo01w01vc01 lax01w01vc01 3

Backup and Restore

VMware, Inc. 28




sfo01m01nsx01 lax01m01nsx01 4

sfo01w01nsx01 lax01w01nsx01 4

sfo01m01nsxc01 - 5

sfo01m01nsxc02 - 5

sfo01m01nsxc03 - 5

sfo01w01nsxc01 - 5

sfo01w01nsxc02 - 5

sfo01w01nsxc03 - 5

sfo01m01lb01 (0,1) lax01m01lb01 (0,1) 6

sfo01m01udlr01 (0,1) - 6



sfo01w01udlr01 (0,1) - 6

sfo01w01dlr01 (0,1) lax01w01dlr01 (0,1) 6




Number of VMs (1)


Number of VMs (1)

2

sfo01umds01 lax01umds01 1


Number of VMs (2)


Number of VMs (2)

3

sfo01m01vrms01 lax01m01vrms01 1

sfo01m01srm01 lax01m01srm01 1

vRealize Automation

Number of VMs (12)

vRealize Automation

Number of VMs (2)

4

vra01mssql01 - 1

vra01svr01a - 2

vra01svr01b - 2

vra01svr01c - 2

vra01iws01a - 3

vra01iws01b - 4

vra01ims01a - 5

vra01ims01b - 6

sfo01ias01a lax01ias01b 7

Backup and Restore

VMware, Inc. 29


sfo01ias01b lax01ias01a 7

vra01dem01a - 7

vra01dem01b - 7


Number of VMs (2)


Number of VMs (1)

5

vrb01svr01 - 1

sfo01vrbc01 lax01vrbc01 2


Number of VMs (3)


Number of VMs (3)

6

sfo01vrli01a lax01vrli01a 1

sfo01vrli01b lax01vrli01b 2

sfo01vrli01c lax01vrli01c 2


Number of VMs (5)


Number of VMs (2)

7

vrops01svr01a - 1

vrops01svr01b - 2

vrops01svr01c - 3

sfo01vropsc01a lax01vropsc01a 4

sfo01vropsc01b lax01vropsc01b 4


Number of VMs (1)


Number of VMs (1)

8

sfo01sky01 lax01sky01 1


Number of VMs (1)


Number of VMs (0)

9

vrslcm01svr01a - 1

Backup and Restore

VMware, Inc. 30

Restoring the SDDC Management Components 7This section describes how to recover the working state of your SDDC system by using a combination of the following manual build procedures, NSX Manager restores, and restores by using your VADP-compatible backup solution.

Use the following guidance as appropriate based on the exact nature of the failure encountered within your environment. Sometimes, you can recover localized logical failures by restoring individual components. In more severe cases, such as a complete and irretrievable hardware failure, to restore the operational status of your SDDC, a more complex set of manual build and restore sequences is required.

Note You can restore the virtual machines to the same host, to a different host on the same data center, or to a different host on a target data center, depending on your VADP-compatible backup solution.

n Restoring the SDDC from Logical Failures

This section describes how to recover the SDDC when one or more components failed due to a logical corruption, failed upgrade, or accidental misconfiguration.

n Restoring the SDDC from Physical Failures

The following section addresses the scenarios where one or more components failed due to underlying physical hardware failures. The extent of the failure and the appropriate response might vary by failure scenario.

Restoring the SDDC from Logical Failures

This section describes how to recover the SDDC when one or more components failed due to a logical corruption, failed upgrade, or accidental misconfiguration.

n Restore All Failed Platform Service Controller Instances

If all Platform Service Controller instances fail simultaneously, you can restore these instances from their image-based or file-based backups.

n Rebuild a Failed Platform Services Controller Instance

VMware Validated Design uses a load-balanced Platform Services Controller configuration. Therefore, it is important to rebuild rather than restore failed Platform Services Controller instances if there is at least one operational Platform Services Controller instance.

VMware, Inc. 31

n Recover a vCenter Server Instance

If a vCenter Server instance fails, you can restore that instance from its image-based or file-based backup.

n Restore a Failed NSX Manager Instance

When you restore NSX Manager from a backup, you deploy a new NSX Manager appliance on which you restore the backup. Restoring to an existing NSX Manager instance is not supported.

n Redeploy Other NSX Appliances

Your can recreate inaccessible NSX appliances, such as NSX Controller, NXS Edge, NSX Distributed Logical Router (DLR), or NSX Universal Distributed Logical Router (UDLR) instances.

n Import the NSX Firewall Configuration

You can import a configuration XML file that you previously exported from the NSX Manager instance. The imported configuration overwrites the existing rules in the firewall table.

n Import a Security Composer Configuration

To restore a misconfigured policy, you can import a saved security policies configuration file to an NSX Manager instance. The imported configuration also contains the security groups to which the security policies are mapped.

n Restore the Configuration of a Distributed Switch

To reset the configuration of a distributed switch, you can restore the settings exported in a configuration file.

n Restore the Remaining SDDC Components

This section describes the general steps for restoring the remaining individual components if failed.

n Restore Site Recovery Manager

You can use the standalone VMware Site Recovery Manager Configuration Import/Export Tool to import Site Recovery Manager configuration data from a previously exported XML file.

Restore All Failed Platform Service Controller Instances

If all Platform Service Controller instances fail simultaneously, you can restore these instances from their image-based or file-based backups.

Backup and Restore

VMware, Inc. 32

This procedure applies to restoring all Platform Services Controller instances when there are no operational Platform Services Controller instance in the vCneter Single Sign-On domain. If there is at least one operational Platform Services Controller instance, see Rebuild a Failed Platform Services Controller Instance

Important If the vCenter Server and Platform Services Controller instances fail at the same time, you must first restore the Platform Services Controller instances, and then restore the vCenter Server instances.

You perform either an image-based or file-based restore of each of the Platform Services Controller instances based on your backup method.

Table 7-1. Platform Services Controller Instances in the SDDC

Component Region A Region B

Management Platform Services Controller Instance

sfo01m01psc01.sfo01.rainpole.local lax01m01psc01.lax01.rainpole.local

Workload Platform Services Controller Instance

sfo01w01psc01.sfo01.rainpole.local lax01w01psc01.lax01.rainpole.local

Prerequisites

n Verify that you have valid image-based or file-based backups of all Platform Services Controller instances.

n Power off all vCenter Server instances that are registered with the Platform Services Controller instances.

Procedure

1 Restore one Platform Services Controller instance.

n To restore from an image-based backup, perform the following steps:

a Restore the Platform Services Controller instance by using your VADP-compatible backup tool.

b Power on the Platform Services Controller virtual machine.

n To restore from a file-based backup, perform the following steps:

a Power off and remove the Platform Services Controller instance from the inventory.

b Deploy a new Platform Services Controller instance and transfer the backup data by using the vCenter Server Appliance GUI installer. See Deploy a New Appliance and Transfer Data to the Newly Deployed Appliance.

2 After the restored Platform Services Controller instance turns on, use the VM console to log in to the Platform Services Controller appliance shell as root.

3 Run the command to verify that all the services are running.

service-control --status --all

Backup and Restore

VMware, Inc. 33

https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vcenter.install.doc/GUID-1E39EF05-1DD7-4E9B-B9FE-6F373AA81862.html

https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vcenter.install.doc/GUID-67C7D3ED-2A52-4960-95EC-03C4EE3F5E34.html

4 Repeat the steps for each Platform Services Controller instance in the SDDC.

5 Power on the vCenter Server virtual machines.

What to do next

Verify that the Platform Services Controller and vCenter Server instances are operational. For information about validating Platform Services Controller and vCenter Server, see VMware Validated Design Operational Verification Guide.

Rebuild a Failed Platform Services Controller Instance

VMware Validated Design uses a load-balanced Platform Services Controller configuration. Therefore, it is important to rebuild rather than restore failed Platform Services Controller instances if there is at least one operational Platform Services Controller instance.

This procedure applies to restoring one or more Platform Services Controller instances when you have at least one operational Platform Services Controller instance in the vCenter Single Sign-On domain. If all Platform Services Controller instances are failed, see Restore All Failed Platform Service Controller Instances.

Table 7-2. Platform Services Controller Instances in the SDDC

RegionPlatform Services Controller FQDN vSphere Client URL NSX Edge Replication Partners

Region A sfo01m01psc01.sfo01.rainpole.local

n https://sfo01m01vc01.sfo01.rainpole.local/ui

n https://sfo01w01vc01.sfo01.rainpole.local/ui

sfo01psc01 n sfo01w01psc01.sfo01.rainpole.local


sfo01w01psc01.sfo01.rainpole.local

n sfo01m01psc01.sfo01.rainpole.local


Region B lax01m01psc01.lax01.rainpole.local

n https://lax01m01vc01.lax01.rainpole.local/ui

n https://lax01w01vc01.lax01.rainpole.local/ui

lax01psc01 n sfo01m01psc01.sfo01.rainpole.local


lax01w01psc01.lax01.rainpole.local

n sfo01w01psc01.sfo01.rainpole.local


Prerequisites

n Verify that there is at least one operational Platform Services Controller instance in the vCenter Single Sign-On domain.

n Verify that the original signed certificates files are available or generate new valid certificates for the installation.

Backup and Restore

VMware, Inc. 34

Procedure

1 Power off the failed Platform Services Controller instance.

2 If you have an operational Platform Services Controller instance in the region, disable the failed Platform Services Controller instance in the NSX Load Balancer.

a Log in to an operational vCenter Server instance in the region by using the vSphere Client.

b In the Networking and security inventory, click NSX Edges.

c Double-click the NSX Edge that load balances the failed Platform Services Controller instances in that region.

d Click the Load Balancer tab and click Pools.

e For each pool, click its radio button, click Edit and, click the Members tab.

f Select the failed Platform Services Controller instance that you want to disable, click Edit, change the state to Disable, click OK, and click Save.

3 Remove the failed Platform Services Controller instance from the replication topology on each of its replication partners.

a Log in as root to the first replication partner by using an SSH client.

b To enter the Bash shell, run the shell command .

c Navigate to the bin folder.

cd /usr/lib/vmware-vmdir/bin

d Run the command to view all current replication partners and enter the vCenter Single Sign-On password.

./vdcrepadmin -f showservers -h localhost -u administrator

e Unregister the failed instance.

cmsso-util unregister --node-pnid failed_PSC_FQDN_hostname --username 'SSO_username' --passwd

'SSO_password' --debug

f To verify that the failed instance is successfully unregistered, run the command to view the current replication partners again.

./vdcrepadmin -f showservers -h localhost -u administrator

g Repeat the steps for the other replication partner.

Backup and Restore

VMware, Inc. 35

4 Deploy a new Platform Services Controller instance by using the same configuration details as the failed tPlatform Services Controller instance.

Table 7-3. Platform Services Controller Deployment Parameters

Setting Value

Appliance Target Target mgmt-vcenter-fqdn

Port 443

Username [email protected]

Password sso-admin-password

Appliance VM VM Name psc-vmname

Password psc-root-password

Datastore mgmt-vsan-datastore

Network Network mgmt-portgroup

IP version IPV4

IP Assignment Selected

Static System Name psc-fqdn

IP Address psc-ip

Subnet Mask mgmt-mask

Gateway mgmt-gateway

DNS dns-server

Appliance Configuration NTP ntp-ip

SSO Configuration Join an Existing Domain Selected

PSC partner-psc-fqdn

Port 443

SSO Domain vsphere.local

SSO Password sso-admin-password

5 Join the newly deployed Platform Services Controller instance to the Active Directory Domain.

a Log in to an operational vCenter Server instance in the SDDC by using the vSphere Client.

b From the navigation pane, click Administration.

c Under Single Sign-On, click Configuration.

d Click the Active Directory Domain tab.

e Click the radio button next to the newly deployed Platform Services Controller instance, and click Join AD.

f Enter the domain name, user name, and password for the region, and click Join.

Backup and Restore

VMware, Inc. 36

6 Install signed-certificates on the Platform Services Controller instance

a Log in to the Platform Services Controller instance by using an SSH client SSH.

b Verify that Bash is set as the default shell:

shell chsh -s "/bin/bash" root

c Create a folder for certificates.

mkdir -p /root/certs

d Copy the certificates psc-hostname.1.cer, psc-hostname.key, and Root64.cer to the /root/certs folder.

You can use an scp software like WinSCP.

e Install the certificates.

1 Run the vSphere Certificate Manager utility.

/usr/lib/vmware-vmca/bin/certificate-manager

2 Select Option 1 and enter the default vCenter Single Sign-On user name [email protected] and the vsphere_admin password.

3 Select Option 2 and enter the paths to the custom certificate /root/certs/psc-hostname.1.cer, the custom key /root/certs/psc-hostname.key, and the signing certificate /root/certs/Root64.cer.

4 Enter y to continue.

f Restart services on the Platform Services Controller instance.

service vami-lighttp restart

7 Update the vCenter Single Sign-On configuration.

a Log in to the Platform Services Controller instance by using an SSH client.

b Navigate to the bin folder.

cd /usr/lib/vmware-sso/bin/

c Run the command to update the vCenter Single Sign-On configuration.

python updateSSOConfig.py --lb-fqdn=psc-lb-virtual-fqdn

8 If you disabled the failed Platform Services Controller instance in the NSX Load Balancer earlier in the procedure, re-enable it.

a Log in to an operational vCenter Server instance by using the vSphere Client.

b In the Networking and security inventory, click NSX Edges.

Backup and Restore

VMware, Inc. 37

c Double-click the NSX Edge that load balances the Platform Services Controller instance in that region.

d Click the Load Balancer tab and click Pools.

e For each pool, click its radio button, click Edit and, click the Members tab.

f Select the Platform Services Controller instance that you want to re-enable, click Edit, change the state to Enable, click OK, and click Save.

What to do next

Verify that the Platform Services Controller and vCenter Server instances are operational. For information about validating Platform Services Controller and vCenter Server, see VMware Validated Design Operational Verification Guide.

Recover a vCenter Server Instance

If a vCenter Server instance fails, you can restore that instance from its image-based or file-based backup.

Important If the vCenter Server and Platform Services Controller instances fail at the same time, you must first restore the Platform Services Controller instances, and then restore the vCenter Server instances.

Prerequisites

n Power off the failed vCenter Server instance.

n Verify that you have a valid image-based or file-based backup of the failed vCenter Server instance.

Procedure

1 Restore the vCenter Server instance.

n To restore from an image-level backup, perform the following steps:

a Restore the vCenter Server instance by using your VADP-compatible backup solution.

b Power on the vCenter Server instance.

n To restore from a file-based backup, deploy a new vCenter Server instance and transfer the backup data by using the vCenter Server Appliance GUI installer. See Deploy a New Appliance and Transfer Data to the Newly Deployed Appliance.

2 After the restored vCenter Server instance turns on, use the VM console to log in to the vCenter Server Appliance shell as root.

3 Run the command to verify that all the services are running.

service-control --status --all

Backup and Restore

VMware, Inc. 38



https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vcenter.install.doc/GUID-67C7D3ED-2A52-4960-95EC-03C4EE3F5E34.html

4 If the services are not running, run the vcenter-restore script.

vcenter-restore -u [email protected] -p vsphere_admin_password

What to do next

Verify that the vCenter Server instance is operational. For information about validating Platform Services Controller and vCenter Server, see VMware Validated Design Operational Verification Guide.

Restore a Failed NSX Manager Instance

When you restore NSX Manager from a backup, you deploy a new NSX Manager appliance on which you restore the backup. Restoring to an existing NSX Manager instance is not supported.

Prerequisites

n Verify that the FTP server storing the backup data is running.

n Deploy an NSX Manager appliance of the same version and configuration as the NSX Manager appliance from which the backup is taken. For information about deploying the NSX Manager appliance, see NSX Installation Guide. For information about the NSX Manager configuration in the SDDC, see your Deployment Parameter XML file for the region.

NSX ManagerNSX Manager Administration Interface in Region A

NSX Manager Administration Interface in Region B

NSX Manager for the management cluster

https://sfo01m01nsx01.sfo01.rainpole.local

https://lax01m01nsx01.lax01.rainpole.local

NSX Manager for the shared edge and compute cluster

https://sfo01w01nsx01.sfo01.rainpole.local

https://lax01w01nsx01.lax01.rainpole.local

Procedure

1 In a Web browser, log in to the NSX Manager administration interface.

2 Click Backup & Restore.

3 To set a storage location for the backup job, in the FTP Server Settings row, click Change.

4 In the Backup Location dialog box, configure the settings for the backup location on the FTP server, and click OK.

The backup configuration must be the same as the configuration of the original NSX Manager. See also your Deployment Parameter XML file for the region.

Table 7-4. NSX Manager FTP Backup Configuration

Setting Value

IP/Host name FQDN of the FTP Server

Transfer protocol Select the protocol from the drop-down menu

Port Server port for FTP or SFTP requests

Backup and Restore

VMware, Inc. 39

Table 7-4. NSX Manager FTP Backup Configuration (continued)

Setting Value

User name User name on the FTP server

Password Password for the name you specified in user name

Backup Directory The absolute path to the location on the FTP server where you want to store the backup

Filename Prefix n sfo_NSX_Mgmt for the NSX Manager for the management cluster

n sfo_NSX_Comp for the NSX Manager for the shared edge and compute cluster

Pass Phrase nsx_backup_pass_phrase

5 In the Backups History section, select the latest restore point, and click Restore.

6 In the Restore from Backup dialog box, click Yes to confirm the restart of the appliance.

The appliance management is unavailable during the restart.

7 Replace the certificate of NSX Manager:

a In a Web browser, log in to the NSX Manager by using the administration interface again.

b Click Manage Appliance Settings.

c In the navigation pane, click SSL Certificates and click Upload PKCS#12 Keystore.

d Click Choose File and import the nsx-mgr-name.4.p12 generated by using the CertGenVVD utility.

For example, the certificate filename for the NSX Manager instance for the management cluster in Region A is sfo01m01nsx01.4.p12

You can use the original certificate or a new certificate generated at the time of the failure.

e Reboot the NSX Manager appliance.

What to do next

Verify that NSX Manager is operational. For information about validating NSX Manager and NSX Controller, see VMware Validated Design Operational Verification.

Redeploy Other NSX Appliances

Your can recreate inaccessible NSX appliances, such as NSX Controller, NXS Edge, NSX Distributed Logical Router (DLR), or NSX Universal Distributed Logical Router (UDLR) instances.

Backup and Restore

VMware, Inc. 40


Region NSX Manager Instance NSX Manager IP Address


172.16.11.65


172.16.11.66


172.17.11.65


172.17.11.66

Prerequisites

n The vCenter Server instance associated with the controlling NSX Manager instance must be operational. If the vCenter Server instance is not operational, see Restore All Failed Platform Service Controller Instances.

n The NSX Manager that controls the object that you want to redeploy must be operational. If the NSX Manager instance is not operational, see Restore a Failed NSX Manager Instance.

Procedure


Setting Value




2 To redeploy an NSX Controller instance, perform the following steps:

a In the Networking and security inventory, click Installation and upgrade.

b Click the NSX Controller Nodes tab.

c From the NSX Manager drop-down menu, select the IP address of the NSX Manager instance.

d Select the radio button next to the failed NSX Controller, and click Delete.

e To deploy a new NSX Controller that replaces the failed NSX Controller, click Add.

3 To redeploy an NSX Edge, perform the following steps:

a In the Networking and security inventory, click NSX Edges.

b From the NSX Manager drop-down menu, select the IP address of the NSX Manager instance.

c Select the radio button next to the NSX Edge that you want redeploy, and click Actions > Redeploy > .

Backup and Restore

VMware, Inc. 41

4 To redeploy an NSX Distributed Logical Router (DLR), perform the following steps:



c Select the radio button next to the NSX DLR that you want redeploy, and click Actions > Redeploy > .

5 To redeploy an NSX Universal Distributed Logical Router (UDLR), perform the following steps:



c Select the radio button next to the NSX UDLR that you want redeploy, and click Actions > Redeploy > .

6 Repeat the steps for all relevant objects across all relevant NSX instances.

What to do next

Confirm that all NSX Controller, Edge, DLR and UDLR instances are fully operational.

Import the NSX Firewall Configuration

You can import a configuration XML file that you previously exported from the NSX Manager instance. The imported configuration overwrites the existing rules in the firewall table.

The NSX firewall configuration is part of the NSX Manager backup. If you want to restore the entire NSX Manager, see Restore a Failed NSX Manager Instance.

This procedure applies to restoring only the firewall configuration of an NSX Manager instance.




172.16.11.65

Primary NSX Manager for the shared edge and compute cluster

172.16.11.66


172.17.11.65

Secondary NSX Manager for the shared edge and compute cluster

172.17.11.66

Backup and Restore

VMware, Inc. 42

Procedure


Setting Value




2 In the Networking and security inventory, in the Security section, click Firewall settings.

3 From the NSX Manager drop-down menu, select the IP address of the NSX Manager instance.

4 On the Saved Configurations tab, click Import.

5 In the Import Configuration dialog box, click Choose File, select the exported firewall configuration XML file, and click Import.

The firewall configuration is imported to Saved Configurations.

6 In the navigation pane, click Firewall.

7 In the top right corner, click the More drop-down menu and select Load Saved Configuration.

8 In the Load Saved Configuration dialog box, select the imported configuration file and click Load.

The rules are imported based on rule names. During the import, the firewall ensures that each object referenced in the rule exists in the environment. If an object is not found, the rule is marked as invalid. If a rule references a dynamic security group, the dynamic security group is created in NSX Manager during the import. If your current configuration contains rules managed by Service Composer, these rules are overwritten when you load the imported firewall configuration.

9 If the imported firewall configuration contains rules managed by the service composer, synchronize the imported rules and reconfigure them to be managed by the service composer again.

a In the navigation pane, click Service Composer and click the Security Policies tab.

b Click Synchronize.

10 Repeat the steps for all relevant NSX Manager instances.

Import a Security Composer Configuration

To restore a misconfigured policy, you can import a saved security policies configuration file to an NSX Manager instance. The imported configuration also contains the security groups to which the security policies are mapped.

The NSX service composer configuration is part of the NSX Manager backup. If you want to restore the entire NSX Manager, see Restore a Failed NSX Manager Instance.

Backup and Restore

VMware, Inc. 43

This procedure applies to restoring only the service composer configuration of an NSX Manager instance.




172.16.11.65


172.16.11.66


172.17.11.65


172.17.11.66

Procedure


Setting Value




2 In the Networking & Security inventory, in the Security Section, click Service Composer.

3 Click the Security Policies tab.

4 From the NSX Manager drop-down menu, select the IP address of the NSX Manager instance.

5 Click More > Import Configuration.

6 On the Import policy Configuration dialog box, click Choose File, navigate to the security policies configuration file, enter a suffix for the names of the imported policies, and click Apply.

The page shows the security groups to which the policies are applied, the endpoint services, firewall rules, and network introspection services which are part of the policies.

7 Repeat the steps for all relevant NSX Manager instances.

Restore the Configuration of a Distributed Switch

To reset the configuration of a distributed switch, you can restore the settings exported in a configuration file.

The restore operation changes the settings on the selected switch back to the settings saved in the configuration file. The operation overwrites the current settings of the distributed switch and its port groups. It does not delete existing port groups that are not a part of the configuration file.

Backup and Restore

VMware, Inc. 44

The Distributed Switch configuration is part of the vCenter Server backup. If you want to restore the entire vCenter Server instance, see Recover a vCenter Server Instance.

This procedure applies to restoring only the Distributed Switch configuration of an vCenter Server instance.


Region Distributed Switch vCenter Server Instance

Region A sfo01-m01-vds01 sfo01m01vc01.sfo01.rainpole.local

Region A sfo01-w01-vds01 sfo01w01vc01.sfo01.rainpole.local

Region B lax01-m01-vds01 lax01m01vc01.lax01.rainpole.local

Region B lax01-w01-vds01 lax01w01vc01.lax01.rainpole.local

Procedure


Setting Value




2 In the Networking inventory, expand the vCenter Server inventory tree, and locate the distributed switch.

3 Right-click the distributed switch and select Settings > Restore Configuration.

4 In the Restore Configuration wizard, browse to the location of the configuration file for the distributed switch.

5 Select the Restore distributed switch and all port groups option and click Next.

6 On the Ready to complete page, review the changes and click Finish.

7 Repeat the steps for the second distributed switch in each relevant region.

Restore the Remaining SDDC Components

This section describes the general steps for restoring the remaining individual components if failed.

When an individual component fails logically, and the underlying hardware and storage are fully operational, you can restore the failed component from a backup and reintegrate it to the SDDC environment. The steps in this procedure are generic, therefore you must validate the steps in the context of your VADP-compatible backup solution.

Prerequisites

n Verify that you have a valid backup of the component that you want to restore.

Backup and Restore

VMware, Inc. 45

n Verify that the requirements of your VADP-compatible backup solution are met. See the product documentation for your backup solution.

Procedure

1 Power off the failed component.

2 Restore the failed component.

3 Power on the restored component.

4 Verify the operational status of the components that start after the restored component, and perform any necessary remediation if necessary.

See Startup Order of the Management Virtual Machines.

What to do next

Validate that the failed component reintegrated successfully into the environment. See VMware Validated Design Operational Verification.

Restore Site Recovery Manager

You can use the standalone VMware Site Recovery Manager Configuration Import/Export Tool to import Site Recovery Manager configuration data from a previously exported XML file.

Prerequisites

n Verify that you have an XML file with the exported configuration of Site Recovery Manager.

n Verify that you have the srm_configuration.properties file from the previous installation, or recreate this file. See Back Up Site Recovery Manager.

Procedure

1 Deploy a new Site Recovery Manager appliance with the same configuration as the original failed instance.

2 Register the new instance with the same vCenter Server instance or with a vCenter Server instance with the same inventory as that in the exported file.

3 Connect to the appliance by using an SSH client.

4 Run the following command.

java -jar import-export-tool-8.2.0-build_number.jar --import --path Path_to_exported_XML_file --

properties Path_to_properties_file

What to do next

Validate that the failed component reintegrated successfully into the environment. See VMware Validated Design Operational Verification .

Backup and Restore

VMware, Inc. 46

Restoring the SDDC from Physical Failures

The following section addresses the scenarios where one or more components failed due to underlying physical hardware failures. The extent of the failure and the appropriate response might vary by failure scenario.

Restore the SDDC Management Components after Physical Failures

When a major hardware failure occurs, to resume normal SDDC operations, it might be necessary to rebuild and restore a significant portion of the infrastructure. This section addresses a full stack rebuild. After you evaluated the failures that you encountered, you can use the relevant section and sequence of events presented here to recover your SDDC.

Perform some or all of the following steps based on the details of your environment, the nature of the failure, and your VADP-compatible backup solution.

Prerequisites

Depending on the severity of the failure you might need to rebuild the underlying ESXi and vSAN infrastructure before restoration or redeployment of the SDDC management stack. This includes restore of some or all of the following components:

n Platform Services Controller

n vCenter Server

n NSX Manager

n vRealize Operations Manager

n vRealize Log Insight

n Microsoft SQL Server

n Cloud Management Platform applications

n vSphere Update Manager Download Service

n vRealize Suite Lifecycle Manager

n Skyline Collector

n Site Recovery Manager

n vSphere Replication Manager

Procedure

1 Shut down all running components if any.

See Shutdown Order of the Management Virtual Machines

Backup and Restore

VMware, Inc. 47

2 If the physical hosts were lost or rebuilt as part of recovery:

a Add vSAN Diskgroups to an ESXi Host.

b Enable Force Provisioning on an ESXi Host.

c Verify the VM Network VLAN ID.

d Verify the Management Network Gateway, DNS, and NTP.

3 If Platform Services Controllers instances were lost:

a Restore all Platform Services Controllers instances.

See Restore All Failed Platform Service Controller Instances.

b Createor modify the DNS entry for the Platform Services Controller load balancer instance in DNS to point at the first management Platform Services Controller instance in that region.

4 If the Management vCenter Server was lost, restore the instance.

See Restore All Failed Platform Service Controller Instances

5 If the physical hosts were lost or rebuilt as part of recovery:

a Remove all failed ESXi host from the management vCenter Server.

b Disable DRS.

c Disable HA.

d Add the first new ESXi Host to the management cluster.

e Update VM Storage Policies to enable force provisioning.

f Add the first ESXi Host to the Distributed Switch.

g Migrate vmk0 for the first ESXi host to the Distributed Switch.

h Migrate the Platform Services Controller and the Management vCenter Server VMs to the Distributed Switch.

i Add the remaining new or rebuilt ESXi hosts to the management cluster.

j Migrate vmk0 for the remaining ESXi hosts to the Distributed Switch.

k Remove the default standard switch vSwitch0

l Add the last vmnic to the Distributed Switch for all hosts.

m Add a VMkernel Network Adapter for vSphere vMotion for all hosts.

n Add a VMkernel Network Adapter for vSAN for all hosts.

o Add a VMkernel Network Adapter for ECMP Uplinks

p Add a VMkernel Network Adapter for NFS

q Add a VMkernel Network Adapter for vSphere Replication

Backup and Restore

VMware, Inc. 48

r Add vSAN Diskgroups to remaining ESXi Hosts.

s Rename the vSAN datastore to match original datastore name.

t Update the VM Storage Policies to disable force provisioning.

u Disable force provisioning on the first ESXi Host.

6 If the Management NSX Manager is lost, eploy and restore NSX Manager

See Restore a Failed NSX Manager Instance.

7 If the physical hosts are lost or rebuilt as part of recovery:

a Enable vSphere DRS.

b Prepare the hosts for NSX by installing the NSX vibs.

c Disable vSphere DRS.

d Configure ESXi Hosts to join Active Directory domain.

e Create host profile based on the first host in the cluster, and apply it all other hosts to ensure compliance.

8 If additional NSX appliances are lost:

a Redeploy NSX Edges, DLRs, and UDLRs.

See Redeploy Other NSX Appliances.

b If the Platform Services Controller instances are restored, modify the DNS entry for the Platform Services Controller load balancer instance in DNS to point at the virtual IP address for the Platform Services Controller instances in that region.

9 If other vCenter Server and NSX Managers instances are lost:

a Restore the additional vCenter Server instances.

b Redeploy and restore the additional NSX Managers.

See Restore a Failed NSX Manager Instance.

10 Verify VM Anti-Affinity Rules.

11 Restore all remaining cloud management components as required:

a Recover VMware vRealize Suite Lifecycle Manager.

b Recover VMware vRealize Log Insight.

c Recover VMware vRealize Operations Manager.

d Recover VMware vRealize Business for Cloud.

e Recover Microsoft SQL Server.

Can be the entire server or only the vRealize Automation IaaS SQL database based on the environment.

f Recover VMware vRealize Automation.

Backup and Restore

VMware, Inc. 49

g Recover VMware Skyline Collector.

h Recover VMware Site Recovery Manager

See Restore Site Recovery Manager.

i VMware vSphere Replication Manager

12 Ensure that vSphere DRS and vSphere HA are enabled.

13 Power on the components according to power-up sequence.

See Startup Order of the Management Virtual Machines

What to do next

Verify that all restored virtual machines are operational. See VMware Validated Design Operations Verification.

Backup and Restore

VMware, Inc. 50

Backup and Restore - VMware Validated Design 5 · backup and restore is a more granular method than...

Documents

Transcript of Backup and Restore - VMware Validated Design 5 · backup and restore is a more granular method than...