JetStream Software

Menu

Preparation Checklist: AVS to AVS

Use this document to record the required inputs and verify prerequisite conditions for successfully installing JetStream DR in an AVS to AVS configuration. Refer to JetStream DR product documentation for additional information and explanation of the installation steps and operation of JetStream DR.

Prerequisites

Azure

  • Identify the Azure subscription, Regions, resource groups and credentials for installation and configuration of Azure resources including Azure Storage Account, AVS Private Clouds, Azure VNETs, etc.
  • JetStream DR for AVS Subscription ID: _______________________________________________
    (Required for Azure Storage Account access)
  • The JetStream MMS server (https://jsdr-mms.azurewebsites.net) must be accessible from the JetStream DR MSA at both the protected and recovery sites to validate the JetStream DR for AVS Subscription ID before connecting to an Azure storage account.

Azure NetApp Files

If Azure NetApp Files (ANF) volumes will be used as datastores, ensure that the performance best practices are implemented including service levels and network gateway configuration.

Object Storage

Azure Blob Storage Account

  • Storage account must be accessible from JetStream DR MSA and DRVA’s at both the protected and recovery sites.
  • The Jetstream MMS server (https://jsdr-mms.azurewebsites.net) must be accessible from the JetStream DR MSA at both the protected and recovery sites to validate the JetStream DR subscription ID before connecting to an Azure storage account.
  • Storage account FQDN must be resolvable by the JetStream MSA and DRVA’s at both the protected and recovery sites.
  • Storage account must not have “hierarchical namespace” enabled.
    • Azure storage account name (FQDN): ___________________________________
    • IP address: _____._____._____._____
    • Access type: [ ] Key Access [ ] AAD Based Access (Tech Preview feature)
    • Access key: ___________________________________

Azure Active Directory (Tech Preview Feature)

  • AAD-based access requires additional configuration and the following credentials:
    (The application ID and application secret key value should be unique for each site accessing the Azure storage account.)
    • Azure active directory tenant ID: _______________________________________________
    • Protected site application ID: _______________________________________________
    • Protected site application secret key: _______________________________________________
    • Recovery site application ID: _______________________________________________
    • Recovery site application secret key: _______________________________________________

Protected Site

The installer requires the target environment to be available before proceeding: vCenter, ESXi host cluster(s), datastores, network segments, IP address ranges, DHCP services, DNS services, etc.

Azure

  • Identify the Azure subscription, resource group, region, and resource names (VNET, Gateway, etc.)
  • Identify the Azure VMware Solution private cloud.
  • ExpressRoute connection configured between Azure and AVS Private Cloud.
  • Azure VM for use as a jump machine to access AVS vCenter, NSX-T Manager, etc.

Azure VMware Solution

  • The JetStream DR for AVS installation has multiple steps that must be adapted according to the actual topology of the AVS Private Cloud.
  • The installer requires the target environment to be available before proceeding:  vCenter, NSX-T segments, IP address ranges, DHCP services, DNS services, etc.
  • The JetStream DR for AVS installation process in Azure VMware Solution is cmdlet driven and the inputs can be saved for reference or re-run if necessary.
  • AVS Private cloud ExpressRoute ID: _______________________________________________
    (Used to verify the AVS Run command environment)

AVS Private Cloud Networking

  • Enable “Internet Access” for the AVS Private Cloud.
    (Required for Azure Marketplace validation of JetStream DR for AVS subscription and JetStream DR lifestyle operations utilizing the AVS Run command environment.)
  • Firewall(s) configured to allow communication from JetStream MSA to JetStream Azure metering website (https://jsdr-mms.azurewebsites.net): TCP 443.
  • Firewall(s) configured to allow communication from AVS Run Command systems (100.72.0.0/15) to JetStream MSA: TCP 443.
  • Firewall(s) configured to allow communication from AVS Run Command systems (100.72.0.0/15) to JetStream MSA: TCP 8443.

Create an NSX-T network segment for JetStream DR appliances

  • NSX-T network segment with no IP address overlap with Azure or on-premises networks, DHCP enabled, configured with DNS zone/forwarder providing DNS name resolution of AVS private cloud servers (vCenter, ESXi hosts), Azure blob storage account, and Azure Marketplace.
  • DHCP is required on these networks for the temporary recovery virtual appliances during the recovery/failback of protected VMs.
  • Per AVS requirement, the network name must not begin with “TNT”, “HCX”, “ESX”, or “Mgmt.”
    • Network name: _______________________________________________
    • IP address range: _______________________________________________
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
    • DHCP address range: _______________________________________________

Create one or more VM workload network segments for testing and VM recovery purposes

  • DHCP is required on these networks for the temporary recovery virtual appliances during the recovery/failback of protected VMs.
    • Network name: _______________________________________________
    • IP address range: ___________________________________
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________

JetStream Virtual Appliance Networks Planner

Management Network

  • MSA, DRVA and RocVA all use this network.
    • Network name: _______________________________________________
    • Network address: _____._____._____._____
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
    • DHCP address range: _____._____._____._____ to _____._____._____._____

Host (IO Filter) to DRVA Data Network

  • Typically, the same as the Management Network in AVS deployments. MSA, DRVA and RocVA all use this network. DHCP is required on this network.
    • Network name: _______________________________________________
    • Network address: _____._____._____._____
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
    • DHCP address range: _____._____._____._____ to _____._____._____._____

Replication Network for Object Store (DRVA to Azure Blob storage)

  • Typically, the same as the Management Network in AVS deployments. DRVA and RocVA use this network.
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
    • DHCP address range: _____._____._____._____ to _____._____._____._____

Replication Log Network #1 (DRVA to DR Store)

  • Typically, the same as the Management Network in AVS deployments.
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
    • DHCP address range: _____._____._____._____ to _____._____._____._____

JetStream Virtual Appliances

MSA and DRVA FQDNs should be registered in DNS and resolvable.

  • Identify the “management” network for virtual appliances – needs to communicate with protected site vCenter, ESXi hosts, Azure metering, Azure Blob Storage Account and Azure marketplace.
  • Identify Datastores for virtual appliances and replication log disks.
  • Identify AVS cluster for MSA/DRVA deployment.
  • Identify AVS cluster to be protected.

Management Server Appliance (MSA)

1 per vCenter server/site

  • VM name (FQDN): _______________________________________________
  • MSA username: root (This is a required for AVS install)
  • Password: _______________________________________________
  • Datastore for virtual appliance disk: _______________________________________________
    (60 GB operating system virtual disk)

Management Network

  • Network name: _______________________________________________
  • IP address: _____._____._____._____ or [ ] DHCP
  • Net mask: _____._____._____._____
  • Gateway IP: _____._____._____._____
  • DNS server(s): _______________________________________________

DR Virtual Appliance (DRVA)

Minimum: 1 – Repeat this section for each additional DRVA as needed.

  • VM name: jss-drva-_______________________________________________
  • Datacenter: SDDC-Datacenter
  • Cluster: _______________________________________________
    (Typically “Cluster-1” in AVS)
  • Datastore for virtual appliance disk: vsanDatastore
    (32 GB operating system virtual disk)
  • Number of CPUs: _______________________________________________
    (Minimum: 4 – Size according to CPT recommendation)
  • Memory (GB): _______________________________________________
    (Minimum: 8 – Size according to CPT recommendation)

Networks

  • Management Network
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Host (IO Filter) to DRVA Data Network
    (Typically the same as the Management Network in AVS deployments)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Network to Object Store
    (Typically the same as the Management Network in AVS deployments)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Log Network #1
    (Typically the same as the Management Network in AVS deployments)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Log Network #2 (DRVA to iSCSI DR Store)
    (N/A for AVS)

VMDK Replication Log Volume

Minimum: 1 – Repeat for additional replication log volumes as needed.

  • Datacenter: SDDC-Datacenter
  • Datastore: vsanDatastore
  • Log disk size (GB): _______________________________________________
    • 128 GB recommended as a starting point for a single protected domain.
    • 64 GB additional for each additional protected domain.
    • Use the CPT resource recommendations for sizing specific to your protected workloads.

Recover from Object Cloud Virtual Appliance (RocVA)

RocVA is automatically deployed on the protected side during restore, recover or failback operations.
If using static IP addresses repeat this section for each additional protected domain (RocVA) as needed.

1 per protected domain.

Networks

  • Management Network
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Host (IO Filter) to DRVA Data Network
    (Optional – If different from Management Network)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Network to Object Store
    (Optional – If different from Management Network)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________

Representation VM (RVM)

1 per protected domain.

  • One RVM is automatically deployed for each VM in a protected domain on the protected side during failback or recovery/restore operations.
  • RVMs require DHCP assigned IP addresses on the protected side’s internal “Host to DRVA Data Network” for the duration of failback or recovery/restore operations.
  • Plan to provide enough IP addresses via DHCP to support the total number of VMs in all protected domains, or for the maximum number that will be restored to the protected side at one time.

JetStream Virtual Appliances – Summary

Management Server Appliance (MSA)

  • 1 per vCenter server/site.

DR Virtual Appliance (DRVA)

  • Minimum 1 per protected cluster, consider 1 per protected domain.
    • Current recommendation is a ratio of 100 protected VMs per DRVA.
    • Use the CPT resource recommendations for sizing specific to your protected workloads.

Recover from Object Cloud Virtual Appliance (RocVA)

  • 1 per protected domain.
  • Deployed automatically during restore, recovery or failback operations.

Representation VM (RVM)

  • 1 per protected VM.
    • Deployed automatically during restore, recovery or failback operations.

Plan to provide enough IP addresses via DHCP to support the total number of VMs in all protected domains, or for the maximum number that will be restored to the protected side at one time.

Typically in AVS, the RocVA is deployed with all interfaces on the same network segment, but up to three separate segments can be specified: Management Network, Replication Network to Object Store, and Host (IO Filter) to DRVA Data Network.

The RocVA requires an address on each unique network segment specified.

Recovery Site

The installer requires the target environment to be available before proceeding: vCenter, ESXi host cluster(s), datastores, network segments, IP address ranges, DHCP services, DNS services, etc.

Azure

  • Identify the Azure subscription, resource group, region, and resource names.
  • Identify the Azure VMware Solution private cloud.
  • ExpressRoute connection configured between Azure and AVS Private Cloud.
  • Azure VM for use as a jump machine to access AVS vCenter, NSX-T Manager, etc.

Azure VMware Solution (AVS)

  • The JetStream DR for AVS installation has multiple steps that must be adapted according to the actual topology of the AVS Private Cloud.
  • The installer requires the target environment to be available before proceeding:  vCenter, NSX-T segments, IP address ranges, DHCP services, DNS services, etc.
  • The JetStream DR for AVS installation process in Azure VMware Solution is cmdlet driven and the inputs can be saved for reference or re-run if necessary.
  • AVS Private cloud ExpressRoute ID: _______________________________________________
    (Used to verify the AVS Run command environment.)

AVS Private Cloud Networking

  • Enable “Internet Access” for the AVS Private Cloud.
    (Required for Azure Marketplace validation of JetStream DR for AVS subscription and JetStream DR lifestyle operations utilizing the AVS Run command environment.)
  • Firewall(s) configured to allow communication from JetStream MSA to JetStream Azure metering website (https://jsdr-mms.azurewebsites.net): TCP 443
  • Firewall(s) configured to allow communication from AVS Run Command systems (100.72.0.0/15) to JetStream MSA: TCP 443
  • Firewall(s) configured to allow communication from AVS Run Command systems (100.72.0.0/15) to JetStream MSA: TCP 8443

Create an NSX-T network segment for JetStream DR appliances

  • NSX-T network segment with no IP address overlap with Azure or on-premises networks, DHCP enabled, configured with DNS zone/forwarder providing DNS name resolution of AVS private cloud servers (vCenter, ESXi hosts), Azure blob storage account, and Azure Marketplace.
  • DHCP is required on these networks for the temporary recovery virtual appliances during the recovery/failover of protected VMs.
  • Per AVS requirement, the network name must not begin with “TNT”, “HCX”, “ESX”, or “Mgmt.”
    • Network name: _______________________________________________
    • IP address range: _____._____._____._____ to _____._____._____._____
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
    • DHCP address range: _____._____._____._____ to _____._____._____._____

Create one or more VM workload network segments for testing and VM recovery purposes

  • DHCP is required on these networks for the temporary recovery virtual appliances during the recovery/failback of protected VMs.
    • Network name: _______________________________________________
    • IP address range: _____._____._____._____ to _____._____._____._____
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________

JetStream Virtual Appliance Networks Planner

Management Network

  • MSA, DRVA and RocVA all use this network.
    • Network name: _______________________________________________
    • Network address: _____._____._____._____
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
    • DHCP address range: _____._____._____._____ to _____._____._____._____

Host (IO Filter) to DRVA Data Network

  • Typically, the same as the Management Network in AVS deployments. MSA, DRVA and RocVA all use this network. DHCP is required on this network.
    • Network name: _______________________________________________
    • Network address: _____._____._____._____
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
    • DHCP address range: _____._____._____._____ to _____._____._____._____

Replication Network for Object Store (DRVA to Azure Blob storage)

  • Typically, the same as the Management Network in AVS deployments. DRVA and RocVA use this network.
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
    • DHCP address range: _____._____._____._____ to _____._____._____._____

Replication Log Network #1 (DRVA to DR Store)

  • Typically, the same as the Management Network in AVS deployments.
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
    • DHCP address range: _____._____._____._____ to _____._____._____._____

JetStream Virtual Appliances

MSA and DRVA FQDNs should be registered in DNS and resolvable.

  • Identify the “management” network for virtual appliances – needs to communicate with protected. site vCenter, ESXi hosts, Azure metering, Azure Blob Storage Account and Azure marketplace.
  • Identify Datastores for virtual appliances and replication log disks.
  • Identify AVS cluster for MSA/DRVA deployment.
  • Identify AVS cluster to be protected.

Management Server Appliance (MSA)

1 per vCenter server/site

  • VM name (FQDN): _______________________________________________
  • MSA username: root (This is a required for AVS install)
  • Password: _______________________________________________
  • Datastore for virtual appliance disk: _______________________________________________
    (60 GB operating system virtual disk.)

Management Network

  • Network name: _______________________________________________
  • IP address: _____._____._____._____ or [ ] DHCP
  • Net mask: _____._____._____._____
  • Gateway IP: _____._____._____._____
  • DNS server(s): _______________________________________________

DR Virtual Appliance (DRVA)

Minimum: 1 – Repeat this section for each additional DRVA as needed.

  • VM name: jss-drva-_______________________________________________
  • Datacenter: SDDC-Datacenter
  • Cluster: _______________________________________________
    (Typically “Cluster-1” in AVS)
  • Datastore for virtual appliance disk: vsanDatastore
    (32 GB operating system virtual disk)
  • Number of CPUs: _______________________________________________
    (Minimum: 4 – Size according to CPT recommendation)
  • Memory (GB): _______________________________________________
    (Minimum: 8 – Size according to CPT recommendation)

Networks

  • Management Network
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Host (IO Filter) to DRVA Data Network
    (Typically the same as the Management Network in AVS deployments)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Network to Object Store (DRVA to Azure Blob storage)
    (Typically the same as the Management Network in AVS deployments)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Log Network #1 (DRVA to DR Store)
    (Typically the same as the Management Network in AVS deployments)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Log Network #2 (DRVA to iSCSI DR Store)
    (N/A for AVS)

VMDK Replication Log Volume

Minimum: 1 – Repeat for additional replication log volumes as needed.

  • Datacenter: SDDC-Datacenter
  • Datastore: vsanDatastore
  • Log disk size (GB): _______________________________________________
    • 128 GB recommended as a starting point for a single protected domain.
    • 64 GB additional for each additional protected domain.
    • Use the CPT resource recommendations for sizing specific to your protected workloads.

Recover from Object Cloud Virtual Appliance (RocVA)

RocVA is automatically deployed on the recovery side during restore, recovery, failover or continuous failover operations. If using static IP addresses repeat this section for each additional protected domain (RocVA) as needed.

1 per protected domain during failover/restore operations.

Networks

  • Management Network
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Host (IO Filter) to DRVA Data Network
    (Optional – If different from Management Network)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________
  • Replication Network to Object Store
    (Optional – If different from Management Network)
    • Network name: _______________________________________________
    • IP address: _____._____._____._____ or [ ] DHCP
    • Net mask: _____._____._____._____
    • Gateway IP: _____._____._____._____
    • DNS server(s): _______________________________________________

Representation VM (RVM)

1 per protected domain.

  • One RVM is automatically deployed for each VM in a protected domain on the recovery side during failover, continuous failover or recovery/restore operations.
  • RVMs require DHCP assigned IP addresses on the recovery site’s internal “Host to DRVA Data Network” for the duration of failover, continuous failover, or recovery/restore operations.
  • Plan to provide enough IP addresses via DHCP to support the total number of VMs in all protected domains, or for the maximum number that will be restored to the recovery side at one time.

JetStream Virtual Appliances – Summary

Management Server Appliance (MSA)

  • 1 per vCenter server/site.

DR Virtual Appliance (DRVA)

  • Minimum 1 per protected cluster, consider 1 per protected domain.
    • Current recommendation is a ratio of 100 protected VMs per DRVA.

Recover from Object Cloud Virtual Appliance (RocVA)

  • 1 per protected domain.
  • Deployed automatically during restore, recovery or failover operations.

Representation VM (RVM)

  • 1 per protected VM.
    • Deployed automatically during restore, recovery or failover operations.

Plan to provide enough IP addresses via DHCP to support the total number of VMs in all protected domains, or for the maximum number that will be restored to the protected side at one time.

Typically in AVS, the RocVA is deployed with all interfaces on the same network segment, but up to three separate segments can be specified: Management Network, Replication Network to Object Store, and Host (IO Filter) to DRVA Data Network.

The RocVA requires an address on each unique network segment specified.

Network Communication Ports

The source ports for the traffic flows from our appliances are ephemeral. All listed ports are destination ports.

AVS local traffic (within the same AVS Private Cloud)

  • JetStream MSA to vCenter: TCP 443
  • JetStream MSA to vCenter: TCP 80
  • vCenter to JetStream MSA: TCP 443
  • JetStream MSA to ESXi hosts (CIM Server): TCP 5989
  • JetStream IO Filter (ESXi hosts) to DRVA (DATA): TCP 32877
  • JetStream MSA to JetStream DRVA (REST): TCP 32878
  • JetStream MSA to JetStream RocVA (REST): TCP 32878
  • JetStream RocVA to JetStream DRVA (DATA): TCP 32877
  • JetStream RocVA to JetStream ReVM (iSCSI): TCP 3260
  • JetStream MSA, DRVA and RocVA (DNS): TCP/UDP 53

AVS and Azure/Internet

  • AVS Run Command systems (100.72.0.0/15) to JetStream MSA: TCP 443
  • AVS Run Command systems (100.72.0.0/15) to JetStream MSA: TCP 8443
  • JetStream MSA to Azure Storage Account: TCP 443
  • JetStream DRVA to Azure Storage Account: TCP 443
  • JetStream RocVA to Azure Storage Account: TCP 443
  • JetStream MSA to Azure Active Directory (login.microsoftonline.com) (OAuth 2.0): TCP 443 (for Storage Account AAD Authentication)
  • JetStream DRVA to Azure Active Directory (login.microsoftonline.com) (OAuth 2.0): TCP 443 (for Storage Account AAD Authentication)
  • JetStream RocVA to Azure Active Directory (login.microsoftonline.com) (OAuth 2.0): TCP 443 (for Storage Account AAD Authentication)
  • JetStream MSA to JetStream Azure metering website(jsdr-mms.azurewebsites.net): TCP 443
  • JetStream MSA, DRVA and RocVA (DNS): TCP/UDP 53

Troubleshooting (Only needed upon request for support)

  • JetStream MSA, DRVA and RocVA (SSH): TCP 22
Was this article helpful?
Yes No

Related Articles

Contents

Can We Help You?

Can't find what you're looking for?
Contact JetStream