XenServer

Enable Disaster Recovery

This section describes how to enable Disaster Recovery in XenCenter. Use the Configure DR option to identify storage repositories where the pool metadata, configuration information about all the VMs and vApps in the pool is stored. The metadata is updated whenever you change the VM or vApp configuration within the pool.

Note:

You can enable Disaster Recovery only when using LVM over HBA or LVM over iSCSI. A small amount of space is required on this storage for a new LUN which contains the pool recovery information.

Before you begin, ensure that the SRs used for DR are attached only to the pool at the primary site. SRs used for DR must not be attached to the pool at the secondary site.

To configure Disaster Recovery, complete the following steps:

  1. On the primary site, select the pool that you want to protect. From the Pool menu, point to Disaster Recovery, and then select Configure.

  2. Select up to 8 SRs where the pool metadata can be stored. A small amount of space is required on this storage for a new LUN which contains the pool recovery information.

    Note:

    Information for all VMs in the pool is stored, VMs do not need to be independently selected for protection.

  3. Select OK. Your pool is now protected.

Recover VMs and vApps during a disaster (Failover)

This section explains how to recover your VMs and vApps on the secondary (recovery) site.

  1. In XenCenter select the secondary pool, and on the Pool menu, select Disaster Recovery and then Disaster Recovery Wizard.

    The Disaster Recovery wizard displays three recovery options: Failover, Failback, and Test Failover. To recover on to your secondary site, select Failover and then select Next.

    Warning:

    If you use Fibre Channel shared storage with LUN mirroring to replicate data to the secondary site, break the mirroring before attempting to recover VMs. Mirroring must be broken to ensure that the secondary site has Read/Write access.

  2. Select the storage repositories (SRs) containing the pool metadata for the VMs and vApps that you want to recover.

    By default, the list on this wizard page shows all SRs that are currently attached within the pool. To scan for more SRs, select Find Storage Repositories and then select the storage type to scan for:

    • To scan for all the available Hardware HBA SRs, select Find Hardware HBA SRs.

    • To scan for software iSCSI SRs, select Find Software iSCSI SRs and then type the target host, IQN, and LUN details.

    When you have selected the required SRs in the wizard, select Next to continue.

  3. Select the VMs and vApps that you want to recover. Select the appropriate Power state after recovery option to specify whether you want the wizard to start them up automatically when they have been recovered. Alternatively, you can start them up manually after failover is complete.

    Select Next to progress to the next wizard page and begin failover prechecks.

  4. The wizard performs several prechecks before starting failover. For example, to ensure that all the storage required by the selected VMs and vApps is available. If any storage is missing at this point, you can select Attach SR on this page to find and attach the relevant SR.

    Resolve any issues on the prechecks page, and then select Failover to begin the recovery process.

  5. A progress page displays the result of the recovery process for each VM and vApp. The Failover process exports the metadata for VMs and vApps from the replicated storage. Therefore, the time taken for Failover depends on the VMs and vApps you recover. The VMs and vApps are recreated in the primary pool, and the SRs containing the virtual disks are attached to the recreated VMs. If specified, the VMs are started.

  6. When the failover is complete, select Next to see the summary report. Select Finish on the summary report page to close the wizard.

When the primary site is available, work through the Disaster Recovery wizard and select Failback to return to running your VMs on that site.

Restore VMs and vApps to the primary site after disaster (Failback)

This section explains how to restore VMs and vApps from replicated storage. You can restore VMs and vApps back to a pool on your primary (production) site when the primary site comes back up after a disaster. To failback VMs and vApps to your primary site, use the Disaster Recovery wizard.

  1. In XenCenter select the primary pool, and on the Pool menu, select Disaster Recovery and then Disaster Recovery Wizard.

    The Disaster Recovery wizard displays three recovery options: Failover, Failback, and Test Failover. To restore VMs and vApps to your primary site, select Failback and then select Next.

    Warning:

    When you use Fibre Channel shared storage with LUN mirroring to replicate data to the primary site, break the mirroring before attempting to restore VMs. Mirroring must be broken to ensure that the primary site has Read/Write access.

  2. Select the storage repositories (SRs) containing the pool metadata for the VMs and vApps that you want to recover.

    By default, the list on this wizard page shows all SRs that are currently attached within the pool. To scan for more SRs, choose Find Storage Repositories and then select the storage type to scan for:

    • To scan for all the available Hardware HBA SRs, select Find Hardware HBA SRs.

    • To scan for software iSCSI SRs, select Find Software iSCSI SRs and then type the target host, IQN, and LUN details.

    When you have selected the required SRs in the wizard, select Next to continue.

  3. Select the VMs and vApps that you want to restore. Select the appropriate Power state after recovery option to specify whether you want the wizard to start them up automatically when they have been recovered. Alternatively, you can start them up manually after failback is complete.

    Select Next to progress to the next wizard page and begin failback prechecks.

  4. The wizard performs several pre-checks before starting failback. For example, to ensure that all the storage required by the selected VMs and vApps is available. If any storage is missing at this point, you can select Attach SR on this page to find and attach the relevant SR.

    Resolve any issues on the prechecks page, and then select Failback to begin the recovery process.

  5. A progress page displays the result of the recovery process for each VM and vApp. The Failback process exports the metadata for VMs and vApps from the replicated storage. Therefore, Failback can take some time depending on the number of VMs and vApps you are restoring. The VMs and vApps are recreated in the primary pool, and the SRs containing the virtual disks are attached to the recreated VMs. If specified, the VMs are started.

  6. When the failback is complete, select Next to see the summary report. Select Finish on the summary report page to close the wizard.

Test failover

Failover testing is an essential component in disaster recovery planning. You can use the Disaster Recovery wizard to perform non-disruptive testing of your disaster recovery system. During a test failover operation, the steps are the same as for failover. However, instead of being started after they have been recovered to the DR site, the VMs and vApps are placed in a paused state. At the end of a test failover operation, all VMs, vApps, and storage recreated on the DR site are automatically deleted. After initial DR configuration, and after you make significant configuration changes in a DR-enabled pool, verify that failover works correctly by performing a test failover.

  1. In XenCenter select the secondary pool, and on the Pool menu, select Disaster Recovery to open the Disaster Recovery Wizard.

    The Disaster Recovery wizard displays three recovery options: Failover, Failback, and Test Failover. To test your disaster recovery system, select Test Failover and then select Next.

    Note:

    If you use Fibre Channel shared storage with LUN mirroring to replicate data to the secondary site, break the mirroring before attempting to recover data. Mirroring must be broken to ensure that the secondary site has Read/Write access.

  2. Select the storage repositories (SRs) containing the pool metadata for the VMs and vApps that you want to recover.

    By default, the list on this wizard page shows all SRs that are currently attached within the pool. To scan for more SRs, select Find Storage Repositories and then the storage type to scan for:

    • To scan for all the available Hardware HBA SRs, select Find Hardware HBA SRs.

    • To scan for software iSCSI SRs, select Find Software iSCSI SRs and then type the target host, IQN, and LUN details in the box.

    When you have selected the required SRs in the wizard, select Next to continue.

  3. Select the VMs and vApps that you want to recover then select Next to progress to the next page and begin failover prechecks.

  4. Before beginning the test failover, the wizard performs several pre-checks. For example, to ensure that all the storage required by the selected VMs and vApps is available.

    • Check that storage is available. If any storage is missing, you can select Attach SR on this page to find and attach the relevant SR.

    • Check that high availability is not enabled on the target DR pool. High availability must be disabled on the secondary pool to avoid having the same VMs running on both the primary and DR pools. High availability must be disabled to ensure that it does not start the recovered VMs and vApps automatically after recovery. To disable high availability on the secondary pool, you can simply select Disable HA on the page. If high availability is disabled at this point, it is enabled again automatically at the end of the test failover process.

    Resolve any issues on the pre-checks page, and then select Failover to begin the test failover.

  5. A progress page displays the result of the recovery process for each VM and vApp. The Failover process recovers metadata for the VMs and vApps from the replicated storage. Therefore, Failover can take some time depending on the number of VMs and vApps you are recovering. The VMs and vApps are recreated in the DR pool, the SRs containing the virtual disks are attached to the recreated VMs.

    The recovered VMs are placed in a paused state: they do not start up on the secondary site during a test failover.

  6. After you are satisfied that the test failover was performed successfully, select Next in the wizard to have the wizard clean up on the DR site:

    • VMs and vApps that were recovered during the test failover are deleted.

    • Storage that was recovered during the test failover is detached.

    • If high availability on the DR pool was disabled at the prechecks stage to allow the test failover to take place, it is re-enabled automatically.

    The progress of the cleanup process appears on the wizard.

  7. Select Finish to close the wizard.

Enable Disaster Recovery