In my role as a Cloud Services Engineer, I get a lot of questions from customers about the difference between Zerto Live and test failovers. Many people seem to doubt the need to do test failovers. Test failovers have become the industry standard for DRaaS – let me explain why and, in the process, outline the important differences between live and test failovers.
Our recommended approach is as follows:
Before performing a live failover on your full production environment, 11:11 Systems recommends running a test failover to ensure user access is set up and configured ahead of time, to test access, and to look for possible issues before bringing down the production environment. It may also be useful to perform a live failover on test or development servers to get a good handle on the process. DR testing with Zerto performs a no-impact failover that will spin up and import your VMs to your target DR environment. When the failover servers come online at the DR site, the firewall can be configured for IPSec VPN and SSL VPN access for remote access. You can also choose to open NAT and firewall rules for public access, for example when testing web or terminal services. This can all be done without affecting the production environment or networking. Essentially, the DR site at this point is a separate copy of your live production environment and can be sandboxed to prevent any communication to the public network or your production environment.
The overall process for a live and test failover is very similar, but the live failover operation includes a few extra parameters. The execution parameters for live failovers have three extra settings that are not found in the test failover wizard, and I have detailed those options below:
1. The VM Shutdown Option. The VM Shutdown option can be set to No, Yes, or Force. Setting this option to “No” will prevent Zerto from shutting down the production servers during the live failover process. If you set VM Shutdown to “Yes,” the servers will be gracefully shutdown using the “Shutdown Guest Operating System” option in VMware. However, this process and the failover will fail for a VM that does not have VMware tools installed. Last, you can use the “Force” option, which will forcefully shutdown a server if VMware tools are not installed.
2. The Reverse Protection Option. Reverse protection can only be enabled if the failover is configured with an Auto-Commit policy or is later committed after the failover process. To enable reverse protection, you check the box for the VPG under the column. Next, you will need to click the “REVERSE” link to configure the reverse protection settings. This opens a wizard similar to the VPG creation wizard where you will need to set a host, datastore and network to be used for the reverse replication. Once reverse protection is configured, the production server will be powered down and unregistered from your VMware environment. The reverse protection will also overwrite the data on the original production server. Basically, the original server will be used as a seed for the reverse replication.
Author: Mike Mosley
Mike Mosely is a cloud engineer at 11:11 and has worked at the company for over 3 years. He holds a number of VMware certifications including VCP5 as well as the Veeam VMCE certification. Mike works closely with customers to build cloud solutions that fit their requirements.