VMware Cloud on AWS for Health

With VMware Cloud on AWS, organizations can leverage the massive scalability and global presence of the AWS Cloud to rapidly, seamlessly, and cost-effectively meet their data center capacity and regional footprint expansion needs. Deploy VMware Cloud on AWS for high availability production workloads by adopting specific architectural patterns and configuration options.

Click to view a reference architecture, details of the workflow, and related resources.

What does this solution do?

Workloads that require high availability should be architected and configured with specific architectural patterns and configuration options to maximize its resiliency.

With VMware Cloud on AWS running on top of the AWS Global Infrastructure and managed by VMware, customers no longer have to worry about the undifferentiated heavy lifting of infrastructure hardware and software maintenance.

Hardware failures and data center outages can happen, but there are solutions available that can help you automatically failover. Customers are responsible for leveraging these and the built-in capabilities of SDDC to protect their business-critical workloads against regional and data center failures.

Detailed process flow: 

1. VMware HA (High Availability) will restart virtual machines on surviving hosts in the event of a host failure, providing site local resiliency. You should ensure you configure their vSAN policies to ensure you meet your site’s local performance and recovery requirements based on the amount of host failures their business will tolerate using a recommended policy of FTT2.

2. Use VMware stretch clusters to protect VMs by restarting them on the remote site providing AWS Availability Zone resiliency within a region.

3. Use VMware Site Recovery to protect on premises and/or VMware Cloud on AWS SDDC workloads between regions. VMware Site Recovery provides you with protection against regional disasters, and helps you meet your regulatory requirements.

4. Amazon S3 buckets are regional constructs, you can configure S3 to store backups in different regions to protect you from regional failures. This is not done by default, and you should ensure this is configured to meet regulatory and recovery requirements.

5. If you use Amazon FSx, you can configure this in the secondary (DR) region. You should configure an AWS DataSync agent near your source data, as well as the DataSync service to replicate data from the source to the DR region or Availability Zone.

6. Use AWS DataSync to copy data between Amazon EFS file systems, which should be placed in different regions and Availability Zones to ensure they can meet the recoverability requirements.

7. Changes to vCenter and NSX configurations are not saved until the next scheduled and completed backup. You are responsible to ensure these change details are captured in change logs, architecture diagrams, and internal change control processes. vSAN is not backed up, so you must ensure backups are configured, tested, and stored outside the SDDC.

8. Have at least two virtual interfaces over separate physical AWS Direct Connect connections terminating at different Direct Connect locations for consistent performance while using VPNs as a backup.

As organizations plan hybrid cloud strategies, disaster recovery (DR) is a vital consideration to ensure business continuity in the event of a disaster. Some organizations have been intimidated by the cost and complexity of traditional DR and do not have a recovery solution in place. These organizations can now use the VMware Site Recovery Manager (SRM) and VMware Cloud on AWS to implement DR in a cost-effective way. 

Click to view a reference architecture, details of the workflow, and related resources.

What does this solution do?

Organizations need to consider the architectural best practices for implementing DR using VMware Cloud on AWS. By combining the trusted and proven VMware DR technologies, such as VMware Site Recovery Manager and vSphere Replication, with the massive scalability, availability, speed, and cost benefits of the AWS Cloud, organizations can realize the benefits of cost reduction, operational simplification, and faster time to protection for disaster recovery and DR testing.

VMware Cloud on AWS offers four levels of DR support with increasing complexity and decreasing RPO/RTO, including Backup and Restore, Pilot Light, Warm Standby in AWS, and Hot Standby Active/Active. We explore the Backup and Restore use case below. Consult with your AWS account rep to identify the most appropriate DR solution to deploy for your needs. 

Backup and Restore
At the simplest form of DR, a Software Defined Data Center (SDDC) can be ready to start deploying workloads within 120 minutes to support an on-demand disaster recovery. The ability to spin up resources on-demand is a cost-effective approach preventing idle resources waiting for use.

On-premise backups are configured with backup repositories that can extend to Amazon Simple Storage Service (Amazon S3). A VMware Cloud on AWS certified backup is required. The backup data gets offloaded to the S3 bucket based on a zero-day value move policy which dictates the operational restore window.

From the diagram above: 

1. Amazon Route 53 handles DNS requests to the primary data center.

2. The Backup & Replication server backs up workloads to the backup repository.

3. Local data from the backup repository offloads to the Capacity Tier in Amazon S3 through AWS Direct Connect or the internet.

4. The recovery process launches and configures the VMware SDDC cluster in the designated AWS recovery region through web portal automation scripts using vRA or vCLI.

5. A new backup repository instance deployed and configured within the newly-created SDDC.

6. Previous data stored in S3 is detected. The initial metadata and archive index sync is executed.

7. Workloads recovered into the SDDC cluster and services are brought back online.

8. Amazon Route 53 record setting updates to resolve requests to the new secondary data center in the cloud.