Figure: Primary Region Failure.

Overview

    • Regional failure is detected (outside the scope of AROVA).
    • If the active AROVA was running in the Primary Region, a new AROVA should be deployed for recovery (for additional information refer to: Handling AROVA failures).
    • Using the AROVA UI, identify the Protected Domains in the region.
    • Start failover of the affected Domains.
      • Since recovery is conducted by Domain, order and concurrency of Domain failover can be specified.
      • VMs in the Domains are created and started at the same time.
    • If a Domain contains a Recovery Group that is configured with a Runbook, the Runbook will be applied automatically during failover.
    • Failover progress can be monitored from the AROVA UI.
    • After VM failover, the status of VMs will initially be "Unprotected" because their data now only resides in a single region.
    • After regional failover, the roles of the primary and secondary regions will be exchanged.
      • Backward replication cannot be started until the primary site is restored.

Note: During failover AROVA automatically stops replication (otherwise, VMs cannot be recreated). However, the nature of primary regional failure is not deterministic, and some production VMs may continue to run in primary regions. These VMs should be manually removed by the user.

The following screen shots illustrate the above steps:

    • After a new AROVA is deployed for regional recovery, the Protected Domains will be visible but their VMs will indicate "Issue(s) present."

Figure: The VMs of the Protected Domains have "Issue(s) present."

    • Replication details of Recovery Groups can also expose issues present.

Figure: Replication Group details indicate problems.

    • Starting Failover for a Protected Domain displays information about the Domain and outlines the steps that will be performed. Click the Failover button to start the recovery process for protected VMs.

Figure: Starting the Failover process.

    • Details of the Failover task can be viewed from the Events log of the Protected Domain.

Figure: Failover task details.

    • After VM failover, the status of VMs will initially be "Unprotected" because their data now only resides in a single region.

Figure: VMs have successfully failed over to the new region.

Also see:

View: Failure Scenarios