Tuesday, November 27, 2012

Configuring SRA for EMC DMX4 on SRM 5.0

Following my SRM Definitive Guide, today we will cover the configuration of Storage Replication Adapter (SRA) for the EMC DMX4 storage on SRM 5.0

VMware vCenter: 5.0
Site Recovery Manager (SRM): 5.0
Storage Vendor: EMC
Storage Model: DMX4
Replication Technology: SRDF (Symmetrix Remote Data Facility)

The first document you should take a look at is the one that comes with SRA, EMC SRDF Storage Replication Adapter.

As much as it gives a good start it’s does not have all the details you might need, in this case I recommend the Using EMC SRDF Adapter for VMware vCenter Site RecoveryManager 5.0 , which can be found on Powerlink (if you do not have an account yet, get a registration, it’s free!!)

 The firmware requirements and software requirements are very well documented, there’s no reason to repeat it here.

For SRM to works properly you need a way to manipulate the storage (local and remote). Solution Enabler is the tool for the job, it discovery and manages the storage arrays on behalf of SRM.
You could just point your SRM server to another server which already has Solution Enabler installed and working, but, IMHO, it just adds more complexity and dependency on your solution, my advice is to install it on the SRM server itself.

Solutions Enabler manipulates the storage through a small disk (6mb) called GateKeeper, it’s a kind of control LUN, so if you are installing SRM on a virtual server, provision a RDM/RAW disk in physical mode. (remember that this disk must be provided by the storage you have your replicated disks)

 During Solutions Enabler installation, make sure you install SYMAPI Server Daemon, it will create a service, that works on port 2707 that will allow the remote SRM to communicate with it’s local storage.

Install Solutions Enabler on both SRM servers (local/remote)

Next step would be installing SRA, on both servers, there’s not trick here, just NEXT, NEXT, NEXT…..

The final piece would be configuring the SRA, it’s done inside the SRM itself. Click on Array Managers and then on Add Array Manager.

Give it a descriptive name and choose the SRA type (in this case EMC SRDF)

On Local SYMAPI Server, just put the IP of local SRM server, or just type local.
On Remote SYMAPI Server, just put the IP of the remote SRM server.

Configure the SRA for the remote SRM server as well, just remember to switch the IP’s information.

Now you can Enable the arrays and Scan for your replicated disks.

Good luck

SRM Definitive Guide

Site Recovery Manager (SRM) implementation is always challenging, each storage vendor/model has it’s own requirements and ways of configuring it. For a successfully implementation you need to take into consideration several aspects like:

- HCL compatibility  (I don’t have to mention it’s mandatory right)
- replication engine/technology
- software requirements
- minimum storage firmware level

But, In my own experience, what really made a difference was having on the same boat, the storage guy, the one that really understands the environment, how the storage works and how to configure it, so, bring him on board.

Well, so what’s this post about ?!?!

I decided to create my own SRM reference guide. From time to time I’ve been pushing back to scenarios that I have worked before but I cannot remember some of the details.
While those posts will remember me about those specific scenarios, it can also help others facing it for the very first time.

The intention is not to cover SRM installation, it's pretty straighfor and there are plenty of resources out there covering it.

Thursday, November 8, 2012

Free Compliance Check Tool for vSphere

You guys out there, dealing with compliance, regulation and audits know how hard is to keep the environment compliant.

Since vSphere 4.0, VMware provides Hardening Guides containing best practices and detailed description of security vulnerabilities, threat severity, risk mitigation techniques for fixing the vulnerability and securing the system.

Despite the fact you do an amazing job keeping all hosts secure, mysteriously, some times you found one or two items not compliant ; )
Doing a manual check for every host is a hard task, thinking about it VMware released VMware vCenter Configuration Manager FreeCompliance Checkers.

And as you can image by it’s name, it’s a FREE tool.

The tool allows you to scan your environment checking against few guidelines:
  • VMware HIPAA Compliance Checker for Windows and Linux
  • vSphere 5.0 VMware Hardening Guidelines
  • vSphere 4.1 VMware Hardening Guidelines
  • vSphere 4.0 VMware Hardening Guidelines
  • PCI 2.0 Compliance Guideline

The installation procedure is pretty straight for, just download it and NEXT, NEXT, FINISH.
The only caveat is the installer does not search for the presence of java, so if it’s not installed on the default location, change the address during installation to point to the correct location.

 Once it’s installed you can point to your vCenter, type your username and password and hit “Assess Compliance”.

When it’s done it will automatically open a nice HTML report with the findings.

You can also expand the items to learn a little more about that specific finding.

As it’s a free tool there’s expected some limitations : (

If you need something more robust or If you need adjustments to include your own policies, or checking against Industry and regulatory mandates such as Sarbanes-Oxley (SOX), Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA) and Federal information Security Act (FISMA),  VMwarevCenter Configuration Manager is the tool for the job, you definetely should take a look at it.

I’m heading out now, I have a few items to correct on my own environment.

Good luck.

Who am I

My photo
I’m an IT specialist with over 15 years of experience, working from IT infrastructure to management products, troubleshooting and project management skills from medium to large environments. Nowadays I'm working for VMware as a Consulting Architect, helping customers to embrace the Cloud Era and make them successfully on their journey. Despite the fact I'm a VMware employee these postings reflect my own opinion and do not represents VMware's position, strategies or opinions. Reach me at @dumeirell

Most Viewed Posts

Blog Archive