JetStream Software Portal

Preparation Checklist: On-Premises vSphere

Use this document to record the required inputs and verify prerequisite conditions for successfully installing JetStream DR in an on-premises vSphere to on-premises vSphere configuration. Refer to JetStream DR product documentation for additional information and explanation of the installation steps and operation of JetStream DR.


Prerequisites: On-Premises

Azure Marketplace

  • Identify the Azure subscription, Regions, resource groups and credentials for installation and configuration of Azure resources including Azure Storage Account, AVS Private Clouds, Azure VNETs, etc.
  • JetStream DR for AVS Subscription ID: _______________________________________________
    (Required for Azure Storage Account access)
  • The JetStream MMS server (https://jsdr-mms.azurewebsites.net) must be accessible from the JetStream DR MSA at both the protected and recovery sites to validate the JetStream DR for AVS Subscription ID before connecting to an Azure storage account.

Object Storage

The object storage maintains the continuously updated objects for each Protected Domain including domain info, the VMs and their data. The Storage Site may be located with the Recovery Site, or it may be in a different location.

Amazon S3

  • Amazon S3 endpoint must be accessible from JetStream DR MSA, DRVA’s and RocVA’s at both the protected and recovery sites.
    • Storage site name (friendly name): _______________________________________________
    • Amazon access key ID: _______________________________________________
    • Amazon secret access key: _______________________________________________

MinIO S3

  • MinIO S3 endpoint must be accessible from JetStream DR MSA, DRVA’s and RocVA’s at both the protected and recovery sites.
  • MinIO S3 endpoint FQDN must be resolvable by the JetStream MSA, DRVA’s and RocVA’s at both the protected and recovery sites.
    • Storage site name (friendly name): _______________________________________________
    • MinIO S3 server: _______________________________________________
    • MinIO port: _______________________________________________
    • Access key: _______________________________________________
    • Secret key: _______________________________________________
    • Use SSL
    • Verify SSL

Cloudian S3

  • Cloudian S3 endpoint must be accessible from JetStream DR MSA, DRVA’s and RocVA’s at both the protected and recovery sites.
  • Cloudian S3 endpoint FQDN must be resolvable by the JetStream MSA, DRVA’s and RocVA’s at both the protected and recovery sites.
  • Storage site name (friendly name): _______________________________________________
  • Cloudian S3 endpoint (FQDN): _______________________________________________
  • Cloudian S3 endpoint IP address: _____._____._____._____
  • Cloudian port: _______________________________________________
  • Access key: _______________________________________________
  • Secret key: _______________________________________________
  • Use SSL
  • Verify SSL

Azure Blob Storage

  • Storage account must be accessible from JetStream DR MSA and DRVA’s at both the protected and recovery sites.
  • The Jetstream MMS server (https://jsdr-mms.azurewebsites.net) must be accessible from the JetStream DR MSA at both the protected and recovery sites to validate the JetStream DR subscription ID before connecting to an Azure storage account.
  • Storage account FQDN must be resolvable by the JetStream MSA and DRVA’s at both the protected and recovery sites.
  • Storage account must not have “hierarchical namespace” enabled.
    • Azure storage account name (FQDN): ___________________________________
    • IP address: _____._____._____._____
    • Access type: [ ] Key Access [ ] AAD Based Access (Tech Preview feature)
    • Access key: ___________________________________

Azure Active Directory (Tech Preview Feature)

  • AAD-based access requires additional configuration and the following credentials:
    (The application ID and application secret key value should be unique for each site accessing the Azure storage account.)
    • Azure active directory tenant ID: _______________________________________________
    • Protected site application ID: _______________________________________________
    • Protected site application secret key: _______________________________________________
    • Recovery site application ID: _______________________________________________
    • Recovery site application secret key: _______________________________________________

Protected Site

The installer requires the target environment to be available before proceeding: vCenter, ESXi host cluster(s), datastores, network segments, IP address ranges, DHCP services, DNS services, etc.

vCenter Server

  • Using a supported version? [ ] Yes / [ ] No
    • 7.0 (U3c or later required, U3f or later preferred) Installed version: _____________________________
  • vCenter server FQDN: _______________________________________________
  • IP address: _____._____._____._____
  • “Admin” user credentials: ___________________________, password known? ______________________________
  • Datacenter name: _______________________________________________
  • Cluster name: _______________________________________________

ESXi Hosts

  • Using a supported version? [ ] Yes / [ ] No
    • 7.0 Update 3c or later (build number# 19193900 or later) Installed version: _____________________
  • CIM service started and running on ESXi hosts.

Network Security

  • Firewall(s) configured to allow communication between the JetStream DR virtual appliances, protected site vCenter, ESXi hosts, object storage, JetStream Metering server, and Azure Marketplace.

JetStream Virtual Appliances

MSA and DRVA FQDNs should be registered in DNS and resolvable.

  • Identify the “management” network for virtual appliances – needs to communicate with on-premises vCenter, ESXi hosts, and object storage.
  • Identify Datastores for virtual appliances and replication logs (VMFS).
  • iSCSI LUN(s) for replication logs (iSCSI) (optional).

Management Server Appliance (MSA)

1 per vCenter server/site

  • VM name (FQDN): _______________________________________________
  • MSA root username: _______________________________________________
  • Password: _______________________________________________
  • Datastore for virtual appliance disk: _______________________________________________
    (60 GB operating system virtual disk)

Management Network

  • Network name: _______________________________________________
  • IP address: _____._____._____._____ or [ ] DHCP
  • Net mask: _____._____._____._____
  • Gateway IP: _____._____._____._____
  • DNS server(s): _______________________________________________

DR Virtual Appliance (DRVA)

Minimum: 1 – Repeat this section for each additional DRVA as needed.

  • VM name: jss-drva-_______________________________________________
  • Datacenter: _______________________________________________
  • Cluster: _______________________________________________
  • Datastore for virtual appliance disk: _______________________________________________
    (32 GB operating system virtual disk)
  • Number of CPUs: _______________________________________________
    (Minimum: 4 – Size according to CPT recommendation)
  • Memory (GB): _______________________________________________
    (Minimum: 8 – Size according to CPT recommendation)

Networks

  • Management Network
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • DRVA Data Network (DRVA to ESXi hosts)
    (Optional – if different from Management Network)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Network to Object Store (DRVA to object storage)
    (Optional – if different from Management Network)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Log Network #1 (DRVA to iSCSI DR Store)
    (Optional – only required for iSCSI backed Replication Log Volumes)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Log Network #2 (DRVA to iSCSI DR Store)
    (Optional – only required for multi-path iSCSI backed Replication Log Volumes)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________

VMDK Replication Log Volume

Minimum: 1 – Repeat for additional replication log volumes as needed.

  • Datacenter: _______________________________________________
  • Datastore: _______________________________________________
  • Log disk size (GB): _______________________________________________
    • 128 GB recommended as a starting point for a single protected domain.
    • 64 GB additional for each additional protected domain.
    • Use the CPT resource recommendations for sizing specific to your protected workloads.

iSCSI Replication Log Volume

All hosts in the cluster and the DRVA VMs must have access to the configured iSCSI target LUN. Also, the iSCSI storage adapter must be defined on all hosts of the cluster and rescanned so that the iSCSI LUN appears in the list under the Devices tab.

Minimum: 1 – Repeat for additional replication log volumes as needed.

  • iSCSI target address 1: _______________________________________________
  • iSCSI target port 1: _______________________________________________
  • iSCSI target address 2 (for Multipathing Only): _______________________________________________
  • iSCSI target port 2 (for Multipathing Only): _______________________________________________
  • LUN IQN: _______________________________________________
  • Force format already configured LUN

Recover from Object Cloud Virtual Appliance (RocVA)

RocVA is automatically deployed on the protected side during restore, recover or failback operations.
If using static IP addresses repeat this section for each additional protected domain (RocVA) as needed.

1 per protected domain.

Networks

  • Management Network
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Host (IO Filter) to DRVA Data Network
    (Optional – If different from Management Network)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Network to Object Store
    (Optional – If different from Management Network)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________

Representation VM (RVM)

1 per protected domain.

  • One RVM is automatically deployed for each VM in a protected domain on the protected side during failback or recovery/restore operations.
  • RVMs require DHCP assigned IP addresses on the protected side’s internal “Host to DRVA Data Network” for the duration of failback or recovery/restore operations.
  • Plan to provide enough IP addresses via DHCP to support the total number of VMs in all protected domains, or for the maximum number that will be restored to the protected side at one time.

JetStream Virtual Appliances – Summary

Management Server Appliance (MSA)

  • 1 per vCenter server/site.

DR Virtual Appliance (DRVA)

  • Minimum 1 per protected cluster, consider 1 per protected domain.
    • Current recommendation is a ratio of 100 protected VMs per DRVA.
    • Use the CPT resource recommendations for sizing specific to your protected workloads.

Recover from Object Cloud Virtual Appliance (RocVA)

  • 1 per protected domain.
  • Deployed automatically during restore, recovery or failback operations.

Representation VM (RVM)

  • 1 per protected VM.
    • Deployed automatically during restore, recovery or failback operations.

Plan to provide enough IP addresses via DHCP to support the total number of VMs in all protected domains, or for the maximum number that will be restored to the protected side at one time.

Typically in AVS, the RocVA is deployed with all interfaces on the same network segment, but up to three separate segments can be specified: Management Network, Replication Network to Object Store, and Host (IO Filter) to DRVA Data Network.

The RocVA requires an address on each unique network segment specified.



Recovery Site

The installer requires the target environment to be available before proceeding: vCenter, ESXi host cluster(s), datastores, network segments, IP address ranges, DHCP services, DNS services, etc.

vCenter Server

  • Using a supported version? [ ] Yes / [ ] No
    • 7.0 (U3c or later required, U3f or later preferred) Installed version: _____________________________
  • vCenter server FQDN: _______________________________________________
  • IP address: _____._____._____._____
  • “Admin” user credentials: ___________________________, password known? ______________________________
  • Datacenter name: _______________________________________________
  • Cluster name: _______________________________________________

ESXi Hosts

  • Using a supported version? [ ] Yes / [ ] No
    • 7.0 Update 3c or later (build number# 19193900 or later) Installed version: _____________________
  • CIM service started and running on ESXi hosts.

Network Security

  • Firewall(s) configured to allow communication between the JetStream DR virtual appliances, protected site vCenter, ESXi hosts, object storage, JetStream Metering server, and Azure Marketplace.

JetStream Virtual Appliances

MSA and DRVA FQDNs should be registered in DNS and resolvable.

  • Identify the “management” network for virtual appliances – needs to communicate with on-premises vCenter, ESXi hosts, and object storage.
  • Identify Datastores for virtual appliances and replication logs (VMFS).
  • iSCSI LUN(s) for replication logs (iSCSI) (optional).

Management Server Appliance (MSA)

1 per vCenter server/site

  • VM name (FQDN): _______________________________________________
  • MSA root username: _______________________________________________
  • Password: _______________________________________________
  • Datastore for virtual appliance disk: _______________________________________________
    (60 GB operating system virtual disk)

Management Network

  • Network name: _______________________________________________
  • IP address: _____._____._____._____ or [ ] DHCP
  • Net mask: _____._____._____._____
  • Gateway IP: _____._____._____._____
  • DNS server(s): _______________________________________________

DR Virtual Appliance (DRVA)

Minimum: 1 – Repeat this section for each additional DRVA as needed.

  • VM name: jss-drva-_______________________________________________
  • Datacenter: _______________________________________________
  • Cluster: _______________________________________________
  • Datastore for virtual appliance disk: _______________________________________________
    (32 GB operating system virtual disk)
  • Number of CPUs: _______________________________________________
    (Minimum: 4 – Size according to CPT recommendation)
  • Memory (GB): _______________________________________________
    (Minimum: 8 – Size according to CPT recommendation)

Networks

  • Management Network
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • DRVA Data Network (DRVA to ESXi hosts)
    (Optional – if different from Management Network)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Network to Object Store (DRVA to object storage)
    (Optional – if different from Management Network)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Log Network #1 (DRVA to iSCSI DR Store)
    (Optional – only required for iSCSI backed Replication Log Volumes)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Log Network #2 (DRVA to iSCSI DR Store)
    (Optional – only required for multi-path iSCSI backed Replication Log Volumes)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________

VMDK Replication Log Volume

Minimum: 1 – Repeat for additional replication log volumes as needed.

  • Datacenter: SDDC-Datacenter
  • Datastore: vsanDatastore
  • Log disk size (GB): _______________________________________________
    • 128 GB recommended as a starting point for a single protected domain.
    • 64 GB additional for each additional protected domain.
    • Use the CPT resource recommendations for sizing specific to your protected workloads.

iSCSI Replication Log Volume

All hosts in the cluster and the DRVA VMs must have access to the configured iSCSI target LUN. Also, the iSCSI storage adapter must be defined on all hosts of the cluster and rescanned so that the iSCSI LUN appears in the list under the Devices tab.

Minimum: 1 – Repeat for additional replication log volumes as needed.

  • iSCSI target address 1: _______________________________________________
  • iSCSI target port 1: _______________________________________________
  • iSCSI target address 2 (for Multipathing Only): _______________________________________________
  • iSCSI target port 2 (for Multipathing Only): _______________________________________________
  • LUN IQN: _______________________________________________
  • Force format already configured LUN

Recover from Object Cloud Virtual Appliance (RocVA)

RocVA is automatically deployed on the recovery side during restore, recover, failover or continuous failover operations. If using static IP addresses repeat this section for each additional protected domain (RocVA) as needed.

1 per protected domain.

Networks

  • Management Network
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Host (IO Filter) to DRVA Data Network
    (Optional – If different from Management Network)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Network to Object Store
    (Optional – If different from Management Network)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________

Representation VM (RVM)

1 per protected domain.

  • One RVM is automatically deployed for each VM in a protected domain on the recovery side during failover, continuous failover or recovery/restore operations.
  • RVMs require DHCP assigned IP addresses on the protected side’s internal “Host to DRVA Data Network” for the duration of failback continuous failover, or recovery/restore operations.
  • Plan to provide enough IP addresses via DHCP to support the total number of VMs in all protected domains, or for the maximum number that will be restored to the recovery side at one time.

JetStream Virtual Appliances – Summary

Management Server Appliance (MSA)

  • 1 per vCenter server/site.

DR Virtual Appliance (DRVA)

  • Minimum 1 per protected cluster, consider 1 per protected domain.
    • Current recommendation is a ratio of 100 protected VMs per DRVA.

Recover from Object Cloud Virtual Appliance (RocVA)

  • 1 per protected domain.
  • Deployed automatically during restore, recovery or failover operations.

Representation VM (RVM)

  • 1 per protected VM.
    • Deployed automatically during restore, recovery or failover operations.

Plan to provide enough IP addresses via DHCP to support the total number of VMs in all protected domains, or for the maximum number that will be restored to the protected side at one time.

Typically in AVS, the RocVA is deployed with all interfaces on the same network segment, but up to three separate segments can be specified: Management Network, Replication Network to Object Store, and Host (IO Filter) to DRVA Data Network.

The RocVA requires an address on each unique network segment specified.


Network Communication Ports

The source ports for the traffic flows from our appliances are ephemeral. All listed ports are destination ports.

AVS Local Traffic (within the same site)

  • JetStream MSA to vCenter: TCP 443
  • JetStream MSA to vCenter: TCP 80
  • vCenter to JetStream MSA: TCP 443
  • JetStream MSA to ESXi hosts (CIM Server): TCP 5989
  • JetStream IO Filter (ESXi hosts) to DRVA (DATA): TCP 32877
  • JetStream MSA to JetStream DRVA (REST): TCP 32878
  • JetStream MSA to JetStream RocVA (REST): TCP 32878
  • JetStream RocVA to JetStream DRVA (DATA): TCP 32877
  • JetStream RocVA to JetStream ReVM (iSCSI): TCP 3260
  • JetStream DRVA to iSCSI Replication Log Volume (iSCSI): TCP 3260
  • ESXi Hosts to iSCSI Replication Log Volume (iSCSI): TCP 3260
  • JetStream MSA, DRVA and DNS: TCP/UDP 53

Other Traffic (may not be local to a site)

  • JetStream MSA to Azure Storage Account: TCP 443
  • JetStream DRVA to Azure Storage Account: TCP 443
  • JetStream RocVA to Azure Storage Account: TCP 443
  • JetStream MSA to JetStream Azure metering website (jsdr-mms.azurewebsites.net): TCP 443
  • JetStream MSA to Amazon S3: TCP 443
  • JetStream DRVA to Amazon S3: TCP 443
  • JetStream RocVA to Amazon S3: TCP 443
  • JetStream MSA to MinIO S3: TCP 9000
  • JetStream DRVA to MinIO S3: TCP 9000
  • JetStream RocVA to MinIO S3: TCP 9000
  • JetStream MSA to Cloudian S3: TCP 443
  • JetStream DRVA to Cloudian S3: TCP 443
  • JetStream RocVA to Cloudian S3: TCP 443
  • JetStream MSA to Azure Active Directory (login.microsoftonline.com) (OAuth 2.0): TCP 443 (for Storage Account AAD Authentication)
  • JetStream DRVA to Azure Active Directory (login.microsoftonline.com) (OAuth 2.0): TCP 443 (for Storage Account AAD Authentication)
  • JetStream RocVA to Azure Active Directory (login.microsoftonline.com) (OAuth 2.0): TCP 443 (for Storage Account AAD Authentication)

Troubleshooting (Only needed upon request for support)

  • JetStream MSA, DRVA and RocVA (SSH): TCP 22
Was this article helpful?

Related Articles