AWS Partner Network (APN) Blog
How to Achieve On-Demand Disaster Recovery with VMware Cloud on AWS and Veeam Cloud Tier
By Anthony Spiteri, Sr. Global Technologist at Veeam
By Frank Fan, Sr. Partner Solutions Architect at AWS
One of the costliest aspects of any disaster recovery (DR) implementation is the price associated with keeping resources on-demand at the target end.
For some, this cost is an accepted part of having a disaster recovery strategy in place. However, there are ways to minimize costs on platforms that can sit idle waiting for DR testing or actual DR events.
VMware Cloud on AWS is an integrated cloud offering jointly developed by Amazon Web Services (AWS) and VMware. It allows organizations to seamlessly migrate and extend their on-premises VMware vSphere-based environments to the AWS Cloud running on next-generation Amazon Elastic Compute Cloud (Amazon EC2) bare metal infrastructure.
VMware Cloud on AWS is ideal for enterprise IT infrastructure and operations organizations looking to migrate their on-premises vSphere-based workloads to the public cloud, consolidate and extend their data center capacities, and optimize, simplify, and modernize their disaster recovery solutions.
VMware Cloud on AWS provides enterprises with the capabilities of VMware’s Software-Defined Data Center (SDDC), including compute, storage, and networking, delivered as a service on AWS.
Within hours, an SDDC can be ready to start deploying workloads into, and this is where leveraging VMware Cloud on AWS and Veeam Cloud Tier for on-demand disaster recovery is possible.
This ability to spin up an SDDC on-demand solves some of the exiting pain points around DR that have to do with costs at the target end. The ability to spin up resources on demand means that hardware is not sitting there idle, waiting for use.
Having a platform that can be spun up on-demand, either through full automation scripts or an easy-to-use web console, should be an attractive proposition for organizations looking to get started with their disaster recovery strategies.
With VMware Cloud on AWS and Veeam Cloud Tier, you can easily recover data via backup software that’s designed to work with Amazon Simple Storage Service (Amazon S3). This reduces the path to resistance in implementing cost-effective disaster recovery, meaning companies can easily recover their data quickly and reliably.
In this post, we will look at how VMware Cloud on AWS and Veeam can work together to leverage the ability to spin up an SDDC on-demand, and then have pre-existing downloads that have been offloaded to Amazon S3 via the Veeam Clout Tier used as a way to perform recovery operations into the on-demand SDDC.
Veaam Software is an AWS Partner Network (APN) Advanced Technology Partner that provides powerful, easy-to-use, and affordable solutions that are built for virtualization and the cloud.
Veeam Cloud Tier for On-Demand Recoverability
Amazon S3 is an object storage service that offers industry-leading scalability, data availability, security, and performance.
With the launch of Update 4 for Veeam Backup & Replication 9.5, Veeam added Cloud Tier as a new way to extend backup repositories to the cloud, effectively delivering a scalable scale-out backup repository (SOBR).
By using the new Amazon S3 repository as a capacity tier extent as part of the SOBR, Veeam has changed the way in which organizations think about how they design and architect backup repositories. The local landing zone can be easily managed, and capacity issues that have been problematic with recent data growth are resolved by offloading the bulk of the data off to Amazon S3.
By extending the SOBR to take advantage of Amazon S3, in conjunction with on-demand nature of VMware Cloud on AWS, customer have an option to combine both solutions for on-demand recoverability into a VMware Cloud on AWS SDDC in case of localized disaster.
Architecture Overview
By combining VMware Cloud on AWS and Veeam Cloud Tier, this solution leverages a software-driven approach to enable on-demand recovery SDDC. While end-to-end automation can be achieved, the solution has been implemented and tested by Veeam.
The reference architecture can be used as the basis for a proof of concept (PoC) and for anyone needing to implement the solution by combining these technologies.
The architecture in Figure 1 shows how to use Veeam Cloud Tier to restore to VMware Cloud on AWS. It includes native services integration for Amazon S3, AWS Direct Connect, and Amazon Route 53, and showcases a cost-effective solution for existing VMware Cloud on AWS customers.
Figure 1 – AWS reference architecture.
In the architecture above, you can see eight steps that use Veeam Cloud Tier to restore to VMware Cloud on AWS:
- Amazon Route 53 handles DNS requests to the primary data center.
- The Veeam Backup & Replication server (VBR) backs up workloads to the SOBR.
- Local data from the SOBR Performance Tier offloads to the Capacity Tier in Amazon S3 through AWS Direct Connect or the internet.
- The recovery process launches and configures the VMware SDDC cluster in the designated AWS recovery region through web portal automation scripts using vRA, AWS CloudFormation, or vCLI.
- A new VBR instance with SOBR is deployed and configured within the newly-created SDDC.
- Previous data stored in Amazon S3 is detected. The initial metadata and archive index sync is executed.
- Workloads recovered into the SDDC cluster and services are brought back online.
- Amazon Route 53 record setting updates to resolve requests to the new secondary DC in the cloud.
Backup Workloads On-Premises
At the on-premises end, Veeam Backup & Replication is configured with a SOBR that extends into Amazon S3 via a capacity tier extent. From there, backup data gets offloaded to the S3 bucket based on a zero-day value move policy which dictates the operational restore window.
To ensure restoration order, a number of different backup jobs are configured depending on the criticality of virtual machines (VMs) and their workloads (configured with VMware Tags) . Depending on the desired Recovery Point Objective(RPO), backup jobs are configured to run every 15, 30, or 60 minutes with synthetic fulls being run often to ensure backup chains are sealed.
A sealed chain, together with a zero-day move policy, ensures data is offloaded as quickly as possible to allow recoverability within the desired RPO. This also ensures any new VMs that are created can have their data points offloaded as quickly as possible.
Provision SDDC and VBR On-Demand
In the case of a disaster, an SDDC is deployed into a desired region. All networking, routing, and external firewall and Network Address Translation (NAT) rules should be known before deployment and configured as workloads are restored into the SDDC.
Using Amazon Route 53, external DNS records for key services that require access via the internet can be changed to reference the new external IP of the SDDC.
Once the SDDC is deployed, a Veeam Backup & Replication server is deployed into the vCenter running on the SDDC. A new SOBR is configured with a capacity tier extent, which is configured with the same Amazon S3 bucket that was used on-premises.
Existing backup files will be detected automatically and a resync process started. This resync will work to download the metadata that has been replicated from the on-premises SOBR. Metadata data size is a fraction of the size of the backup, so this process will be done relatively quickly.
Restore Workloads to VMware Cloud on AWS
From there, Veeam Backup & Replication will download the archive index along with the backup file metadata to the performance tier. Once fully synchronized, VMs can be restored via the console.
This is where organizing jobs into workload criticality is important and will be easier to process VMs in the required order. For example, an Active Directory server would be a candidate to be restored first, while a file server may be a candidate for restoration once the main infrastructure VMs have been recovered.
Speed of recovery is directly proportional to the amount of Veeam Proxies deployed into the SDDC vCenter. At a minimum, there should be a proxy per host. There will be more detailed guidance on proxy configuration relative to number and size of VMs in future updates to the reference architecture.
Recovery Time Objectives (RTOs) are governed by the amount of data being backed up verses the speed of download and initial infrastructure deployed into the SDDC.
Once all of your workloads have been restored, the SDDC works as the primary site for the recovered workloads.
This on-demand scenario allows the restoration of the original site, while business continuity remains in place within the VMware Cloud on AWS SDDC. From here, organizations can make the choice on when and how to replicate the workloads back to the original location.
It’s important to note that once the workloads are running out of VMware Cloud on AWS they will need to be protected and backed up. Veeam Backup & Replication can be configured to ensure the workloads are protected once they have been recovered.
The references architecture in Figure 2 shows Veeam backup on VMware Cloud on AWS. Repository options for storing data with Veeam using native AWS storage services on the VMware Cloud on AWS platform. For more details, please see the full reference architecture.
Figure 2 – Veeam backup on VMware Cloud on AWS.
Customer Benefits
The solution detailed in this post is a good option for organizations looking to implement some form of disaster recovery beyond backing up workloads offsite.
The on-demand recovery options allows organizations to leverage AWS, VMware Cloud on AWS, and Veeam technologies to copy protected VMs from their on-premises environment to Amazon S3, and provides simple DR failover to VMware Cloud on AWS environment.
The VMware Cloud on AWS SDDC is not required during ongoing protection and can be provisioned on-demand in a disaster scenario.
Summary
In this post, we used Amazon S3 repository as a capacity tier to extend Veeam backup repository to the AWS Cloud. We then provisioned VMware SDDC and Veeam Backup & Replication server on VMware Cloud on AWS on-demand in the event of disaster. Finally, we restored protected virtual machines to VMware Cloud on AWS.
With VMware Cloud on AWS and Veeam Backup & Replication leveraging Amazon S3 as Cloud Tier, organizations are able to extend their on-premises data protection to VMware Cloud on AWS, combining the benefits of minimal cloud footprint during routine operation.
To learn more, check out the VMware Cloud on AWS website and the getting started guide.
Veeam Software – APN Partner Spotlight
Veeam is an APN Advanced Technology Partner. They are a leader in backup and recovery, ensuring data is always available, protected, and actively working for businesses across the globe.
Contact Veeam | Solution Overview | AWS Marketplace
*Already worked with Veeam? Rate this Partner
*To review an APN Partner, you must be an AWS customer that has worked with them directly on a project.