How Koç University Uses VMware VCDR to Meet its Disaster Recovery Needs
By Vahap Öç, Lead Cloud Engineer – Commencis
By Tuna Ersoy, Sr. Solutions Architect – AWS
Disaster recovery (DR) and business continuity planning (BCP) are crucial investments for every institution, especially in higher education.
Many universities have large IT infrastructure footprints on-premises running on VMware virtualization technology. It can be challenging for these institutions when it comes to creating a BCP in a cloud environment due to a limited budget or staff that’s already invested in learning and building in a VMware environment.
In such cases, VMware Cloud Disaster Recovery (VCDR) on VMware Cloud on AWS can help institutions preserve on-premises virtual machines by using established VMware disaster recovery technology and the speed of the AWS Cloud.
Koç University, founded in 1993 as a nonprofit research university in Istanbul, previously relied on an on-premises data center without a dedicated disaster recovery site and recognized the importance of implementing DR solutions to ensure business continuity. The University has a large IT infrastructure to support close to 9,000 students, 22 undergraduate, 43 Master’s and 30 PhD programs, and critical systems are running on-premises on a single site.
The IT team was in search of a DR solution to meet the University’s recovery time objective (RTO) and recovery point objective (RPO) without making a significant infrastructure investment that would stay idle most of the time.
In this post, we’ll share how Commencis helped Koç University meet business continuity requirements for its critical workloads with VCDR. Commencis is an AWS Select Tier Services Partner with Competencies in DevOps and Digital Customer Experience. Commencis helps leading brands grow and scale in digital, powered by its big data, analytics, and cloud services.
VCDR Addressed Challenges of the University
There are many disaster recovery options in the cloud that address different functional and non-functional requirements.
One of these DR solutions is VCDR, which is fully integrated and natively built into VMware Cloud on AWS. It’s an on-demand software-as-a-service (SaaS) solution you can use to protect on-premises vSphere virtual machines by replicating them into AWS and recovering them to a VMware Cloud on AWS software-defined data center (SDDC) in case of disaster.
You do not require any operating SDDCs until a disaster occurs, and VCDR automatically creates an SDDC and recovers your VMs to the new SDDC. Thus, it’s a cost-effective solution that answers the University’s budget concerns.
Figure 1 – Disaster recovery options when running on AWS.
Figure 1 summarizes the tradeoff between cost and RTO/RPO in the visual spectrum. You can dive deep into all of these options in this AWS blog post: Design Considerations for Disaster Recovery with VMware Cloud on AWS.
A new SDDC can be up and running within two hours and you can start to recover your workload. Approximately two hours of recovery was a fair objective for the University, and Koç was intrigued with the ability to lower RTO if it needed it later by applying the pilot light strategy easily.
Another important requirement of the University was operational simplicity and quick transition because of its limited IT staff who already support many systems and ongoing modernization projects. VMware Cloud on AWS allows fast adaptation because the University’s IT team continues to use the VMware interfaces they’re already familiar with.
Commencis initiated the process by developing a strategic plan, the steps of which are visually represented below.
Figure 2 – Disaster recovery plan steps.
In this proposed solution, Commencis created cloud-based replicas of the customer’s document management system and academic course/lesson registration system. These systems, originally designed for on-premises operations and demanding high durability, were transitioned to a cloud environment using VMware Cloud on AWS. This move ensured the seamless operation of Oracle WebLogic servers, web servers, and Oracle and SQL database servers within the cloud environment during emergency situations.
At the same time, existing IP addresses and LDAP connections were maintained and unaffected. When strategizing the data replication, Commencis aligned the process with the RTO/RPO timelines, which were carefully defined based on the University’s specific requirements.
Commencis accomplished the discovery process without the need for server agents by integrating a replication user devised within the customer’s vCenter cluster via the VCDR console.
To create a one-way data flow, the team installed a VCDR connector device, designed specifically for each DR project, within the customer’s on-premises vCenter cluster. Consequently, the data flow could be securely transmitted as one-way encrypted traffic via port 443 to the VCDR environment.
As part of the VCDR service, Commencis initiated the replication of data from the internal network to the VCDR storage unit. This was done in an encrypted format following an intermittent replication process aligned with RPO planning.
SDDC Cluster Deployment for Disaster Recovery
Following the above steps, Commencis established an SDDC cluster on VMware Cloud on AWS, composed of at least two servers. This setup enabled the data to be stored and replicated in accordance with the RPO timeline and ready to be used in case of a disaster. The servers within this newly-formed cluster operate in the same IP range and configuration as the original replicated data.
The role of the Disaster Recovery as a Service (DRaaS) connector within the replication model and the overall disaster recovery solution is depicted below.
Figure 3 – DRaaS connector within the replication model and overall DR solution.
After completing the data synchronization, the testing process was planned. First, the most suitable date for the testing phases and testing process was determined. The details of the testing process were discussed with the customer, and joint decisions were made. Accordingly, the actions to be taken on the test day were clarified.
In the first stage of the process, backup servers were established in the SDDC cluster during testing. For the WebLogic web servers, an Application Load Balancer was formed within the AWS account linked to VMware Cloud on AWS. A second domain name system (DNS) record was generated to trial the requests to the web application firewall (WAF) servers, ensuring no interference with the production environment. These requests were then directed to the Application Load Balancer.
Commencis connected web applications and other load-balancing needs to the environment through its internal network, using the Application Load Balancer setup in the AWS account. The benefit of this approach is the ability to link SDDCs to Amazon Virtual Private Cloud (VPC) via an Elastic Network Interface (ENI), thus eliminating the need for a virtual private network (VPN) or AWS Direct Connect connection.
Each host in VMware Cloud on AWS operates on specific bare metal servers using AWS infrastructure, leading to lower latency and compatibility with various AWS services.
To meet security requirements, the Application Load Balancer was paired with AWS WAF, and AWS Managed Rules were used during testing. SSL offloading was performed on the Application Load Balancer with a certificate created in AWS Certificate Manager.
In the concluding stage, after verifying the servers’ accessibility to one another via their private IP addresses, Commencis notified the customer about the application-level testing, completing the process. After the University completed application-level testing and confirmed the DR environment worked, Commencis terminated on-demand resources to save costs.
In this post, we present a cost-effective solution that addresses the needs of organizations seeking to implement disaster recovery and offsite workload backup.
Through a collaboration between VMware and AWS, Commencis created an architecture integrated with AWS services, specifically VMware Cloud on AWS. By leveraging this approach, Commencis utilizes the SDDC cluster on-demand rather than continuously.
As a practical example, the team implemented an AWS disaster recovery environment for Koç University’s on-premises VMware workloads as part of the VMware Cloud on AWS solution.
Commencis – AWS Partner Spotlight
Commencis is an AWS Select Tier Services Partner with Competencies in DevOps and Digital Customer Experience. Commencis helps leading brands grow and scale in digital, powered by its big data, analytics, and cloud services.