5.0
Table Of Contents
- Site Recovery Manager Administration Guide
- Contents
- About This Book
- Administering VMware vCenter Site Recovery Manager
- Installing and Updating Site Recovery Manager
- Configuring the SRM Database
- About the vSphere Replication Management Database
- Install the SRM Server
- Upgrading SRM
- Install Storage Replication Adapters
- Install the SRM Client Plug-In
- Connect the Sites
- Revert to a Previous Release
- Repair or Modify the Installation of a Site Recovery Manager Server
- Install the SRM License Key
- Establishing Inventory Mappings and Placeholder Datastores
- Configuring Array-Based Protection
- Installing vSphere Replication Servers
- Creating Protection Groups and Replicating Virtual Machines
- Limitations to Protection and Recovery of Virtual Machines
- Create Array-Based Protection Groups
- Create vSphere Replication Protection Groups
- Configure Replication for a Single Virtual Machine
- Configure Replication for Multiple Virtual Machines
- Replicate Virtual Machines Using Physical Couriering
- Move a Virtual Machine to a New vSphere Replication Server
- Apply Inventory Mappings to All Members of a Protection Group
- Recovery Plans and Reprotection
- Customizing Site Recovery Manager
- Customizing a Recovery Plan
- Configure Protection for a Virtual Machine or Template
- Configure Resource Mappings for a Virtual Machine
- Configure SRM Alarms
- Working with Advanced Settings
- Troubleshooting SRM
- Index
Run a Recovery Plan
When you run a recovery plan, all virtual machines in the recovery plan are migrated to the recovery site. The
corresponding virtual machines in the protected site are shut down.
When you perform a planned migration, SRM attempts to replicate all virtual machines and gracefully shut
down the protected machines. If errors occur during a planned migration, the plan pauses so that users can
resolve errors. Replicating and shutting down virtual machines and providing opportunities to resolve errors
makes it possible to reprotect the virtual machines. When you perform a disaster recovery, SRM attempts to
shut down any virtual machines. If they cannot be shut down, the copies at the recovery site are still started,
and automatic reprotection might not be possible.
CAUTION A recovery plan makes significant alterations in the configurations of the protected and recovery
sites and it stops replication. Do not run any recovery plan that is not tested. In the case of array-based
replication, recovered virtual machines and services might need to be supported at the recovery site for a period
of time. Reversing these changes might cost significant time and effort and can result in prolonged service
downtime.
Forced failover is intended for use in cases where storage arrays fail at the protected site and, as a result,
protected virtual machines are unmanageable and cannot be shut down, powered off, or unregistered. In such
a case, the system state cannot be changed for extended periods. To resolve this situation, you can force failover.
Forcing failover does not complete the process of shutting down the virtual machines at the protected site. As
a result, a split-brain scenario occurs, but the recovery might be completed quickly.
Running forced failover can affect the mirroring between the protected and the recovery storage arrays. After
you run forced failover, you must check that mirroring is set up correctly between the protected array and the
recovery array before you can perform further replication operations. If mirroring is not set up correctly, you
must repair the mirroring by using the storage array software.
You can only use forced failover with array-based replication. Forced failover is not supported for vSphere
Replication.
When forced failover is enabled, any outstanding changes on the protection site are not replicated to the
recovery site before the failover sequence begins. Replication of the changes occurs according to the recovery
point objective (RPO) period of the storage array. If a new virtual machine or template is added on the
protection site and failover is initiated before the storage RPO period has elapsed, the new virtual machine or
template does not appear on the replicated datastore and is lost. To avoid losing the new virtual machine or
template, wait until the end of the RPO period before running the recovery plan with forced failover.
After the forced failover is finished and you have verified the mirroring of the storage arrays, you can resolve
the issue that necessitated the forced failover. After the underlying issue is resolved, run planned migration
on the recovery plan again, resolve any problems that occur, and rerun the plan until it finishes successfully.
Running the recovery plan again does not affect the recovered virtual machines at the recovery site.
NOTE Forced failover is only available in SRM 5.0.1 and later.
Prerequisites
To use forced failover, you must first enable this function. You enable forced failover by enabling the
recovery.forcedFailover setting as described in “Change Recovery Site Settings,” on page 89.
Procedure
1 Click Recovery Plans in the left pane and click the recovery plan to run.
2 In the Commands area, click Recovery.
Site Recovery Manager Administration Guide
70 VMware, Inc.