Protecting From an Azure Site - Creating a VPG to recover in AWS

Use the following procedure to create a virtual protection group (VPG) in an Azure Site, to recover in AWS.

To create a virtual protection group (VPG) to recover in AWS:

1. In the Zerto User Interface, select ACTIONS>CREATE VPG.

The GENERAL step of the Create VPG wizard is displayed.

2. Enter the name of the VPG and the priority of the VPG.
VPG Name: The VPG name must be unique and cannot be more than 80 characters.
Priority: Determine the priority for transferring data from the protected site to the recovery site when there is limited bandwidth and more than one VPG is defined on the protected site.
High Priority: When there are updates to virtual machines protected in VPGs with different priorities, updates from the VPG with the highest priority are passed over the WAN first.
Medium Priority: Medium priority VPGs will only be able to use whatever bandwidth is left after the high priority VPGs have used it.
Low Priority: Low priority VPGs will use whatever bandwidth is left after the medium priority VPGs have use it.

Note that updates to the protected virtual machines are always sent across the WAN before synchronization data, such as during a bitmap or delta sync.

During synchronization, data from the VPG with the highest priority is passed over the WAN before data from medium and low priority VPGs.

3. Click NEXT.

The VMs step is displayed.

4. Select the VMs that will be part of this VPG and click the arrow pointing right to include these VMs in the VPG.
When using the Search field, you can use the wildcards; * or ?

Virtual machines that are not yet protected are displayed in the list. A VPG can include virtual machines that are not yet protected and virtual machines that are already protected.

5. You can view protected virtual machines in the Advanced (One-to-Many) section, by clicking Select VMs.

The Select VMs window is displayed.

Note: Virtual machines can be protected in a maximum of three VPGs. These VPGs cannot be recovered to the same site. Virtual machines protected in the maximum number of VPGs are not displayed in the Select VMs dialog.

In on-premise environments, protecting virtual machines in several VPGs is enabled only if both the protected site and the recovery site, as well as the VRAs installed on these sites, are of version 5.0 and higher.

6. Click NEXT.

The REPLICATION step is displayed.

Note: If the protected site is paired with only one recovery site, the recovery step is displayed with the Recovery Site field automatically filled in and defaults set, as shown below.

7. After selecting the recovery site, define the following parameters:
Parameter Field Description
SLA Journal History Specify the time-frame in which information is saved in the journal for the group, and which will apply to every virtual machine in the group.

The longer the information is saved in the journal, the more space is required for each journal in the VPG.

Select one of the following time-frames:
Number of hours: From 1 to 24
Number of days: From 2 to 30
Target RPO Alert The maximum desired time between each automatic checkpoint write to the journal before an alert is issued. Default value is X hours.
Test Reminder The time recommended between testing the integrity of the VPG.

A warning is issued if a test is not done within this time frame.
8. Click NEXT.

The Storage step is displayed.

By default the storage used for the virtual machine definition is also used for the virtual machine data.

For each virtual machine in the VPG, Zerto displays its storage-related information.

9. Specify whether the protected volume is a Temp Data disk.

Temp Data: If the virtual machine to be replicated includes a temp data disk as part of its configuration, mark the recovery disk for this disk as a temp data disk. In this case, data is not replicated to the temp data disk after initial synchronization.

10. Click NEXT.

The RECOVERY step is displayed. Recovery details include the networks to use for failover, move, and for testing failover, and whether scripts should run as part of the recovery operation.

11. From the Import Method drop-down list, select an import method.

Zerto Import for data volumes (Faster): Uses the zImport method for data volumes only. This is the default setting and usually has a faster RTO than AWS Import. This method requires setting the Access Key ID and Secret Access Key in the Site Settings window. See Site Settings.
Zerto Import for all volumes (Fastest, Requires setup): This is usually the fastest import method and uses a zImport VM for all volumes.
AWS Import: This was the only import method supported until version 5.5. This method requires setting the Access Key ID and Secret Access Key in the Site Settings window. See Site Settings.
VPC Network: The virtual network dedicated to your AWS account. A security group and subnet must be assigned to this VPC.
Subnet: The subnet for the VPC network.
When you select the import methods Zerto Import for data volumes (Faster), or Zerto Import for all volumes (Fastest, Requires setup), only those subnets that are supported by the zImport method are displayed in the drop-down list.

Other Subnets are grayed out and cannot be selected.

Note:  

If the import method is not AWS Import, then the user can select only subnets that are part of the same Availability Zone as the one in which the ZCA resides. Other Subnets are disabled.

When you select the import methods AWS Import, all subnets are listed. A tool tip alert is displayed when the user hovers over a subnet that is not supported.

Note:  

If a subnet is chosen in a network that is not in the same Availability Zone as the one in which the ZCA resides, options that utilize the zImport method will not be made available for selection.

Security Group: The AWS security to be associated with the virtual machines in this VPG.
Instance Family: The instance family from which to select the type. AWS instance families are optimized for different types of applications. Choose the instance family appropriate for the application being protected in the VPG.
Instance Type: The instance type, within the instance family, to assign to recovered instances. Different types within an instance family vary, for example in vCPU, RAM, and local storage size. Choose the instance type appropriate for the application being protected in the VPG. The price per instance is related to the instance configuration.
12. For additional settings, click Advanced VM Settings.

The Advanced VM Settings window is displayed, which shows the recovery network settings for Failover/Move for virtual machines in the VPG. You can see the recovery network settings for failover tests by selecting Test.

13. If you want to edit information in one field, click the field and update the information. If you want to edit information for several virtual machines at the same time, select the virtual machines and click EDIT SELECTED.
14. The Edit VM Settings window is displayed.

15. Update the values for Import Method, VPC network, Subnet, Security Group, Instance Family, Instance Type, and Private IP as necessary.
Note: Only private IPs specified for Windows machines are assigned during a recovery operation. For Linux machines, the IP is assigned from the specified subnet range.

Clearing the values in the Private IP field results in an IP being automatically assigned from the subnet range during a recovery operation.

Refer to the Zerto Interoperability Matrix for the list of operating systems for which Zerto supports re-IP.

16. Click OK twice to return to the main page of the RECOVERY step.
17. To run pre and post recovery scripts, enter the path to the script to run.
Pre-recovery Script: The information about a script that should run at the beginning of the recovery process.
Post-recovery Script: The information about a script that should run at the end of the recovery process.

For both types of scripts, enter the following information:

Text Box Description
Script path The full path to the script. The script must be located on the same machine as the Zerto Virtual Manager for the recovery site.
Params The parameters to pass to the script. Separate parameters with a space.
Timeout The time-out, in seconds, for the script to run.
If the script runs before executing a failover, move, or test failover, and the script fails or the timeout value is reached, an alert is generated and the failover, move, or test failover is not performed.
If the script runs after executing a failover, move, or test failover, and the timeout value is reached, an alert is generated.
The default time-out value is specified in Site Settings > Throttling tab.
Note: Pre and post recovery scripts run in parallel. Therefore, ensure that the pre and post recovery scripts don’t use common resources.
18. Click NEXT.
19. The SUMMARY step is displayed. It shows the VPG configuration that you defined in the previous steps.