- 21 Aug 2024
- DarkLight
Zerto Client Install and Site Pairing
- Updated on 21 Aug 2024
- DarkLight
Overview
Description
This informational document is intended to guide an Expedient client who subscribes to Host-to-Host Virtual Server Replication through the process of initial installation and configuration of the underlying products used to deliver this Expedient service.
Underlying Products
Zerto Virtual Manager (ZVM) is the management service for the Zerto Virtual Replication (ZVR) platform, which is an integral part of Expedient's Host-to-Host Virtual Server Replication service. The ZVM is a Linux-based application that provides installation, management, and orchestration services for Zerto and the corresponding Virtual Replication Appliances (VRA). ZVM is also responsible for site pairing and acts as a management interface to the virtual hypervisor environment.
Preconditions
This informational document assumes the following preconditions:
- An active VPN tunnel or MAN connection with bidirectional access to the protected Zerto Virtual Manager (ZVM) site and ZVM replication site.
- Zerto Replications Appliances (ZRAs) have been established, and they are passing traffic.
- A Zerto Cloud Connector (ZCC) or Zerto Virtual Manager (ZVM) IP address has been provided by Expedient.
- The source environment is managed by vCenter (standalone ESXi is not supported)
- Permissions:
- Administrative access to the local vCenter server.
- Root access to the local ESXi servers.
- VMware virtual machine hardware version:
- The VM source and destination host servers (ESXi) must support the virtual machine hardware version.
- Zerto Virtual Manager Appliance (ZVM Appliance) Requirements
- vCenter 7 / 8
- 16 GB of RAM
- 8 vCPUs
- 180 GB of available disk for deployment
Installation
Download
The Expedient public download site changes over time. Thus, the file contents and directory structure may change periodically and not accurately reflect the image within this document. Therefore, please download the correct file as your Expedient technician or engineer directs.
***Contact your Project Manager for credentials and download location if this has not already been provided.
- Download the latest Zerto archive file (unless otherwise directed).
- Once the archive file completes downloading, extract the archive files.
The archive is of compression type ".zip." Therefore, the native Windows Server archive or any third-party archive extraction tool will work.
Deploying the ZVMA
- Login to the vCenter to be used as a replication source.
- Begin an OVA-based deployment and use the following options:
- Choose a network that can access vCenter and the Expedient infrastructure.
- Once the wizard is complete, wait for the ZVMA to finish deploying.
Configuring the ZVMA
After the deployment has finished, we still need to do some basic configuring of the appliance.
Note: If the remote console gives you input issues, such as typing the wrong key, use the VMRC instead of the web console.
Configuring the New ZVMA Shell
Power on the ZVMA and wait for the boot to complete
Console into the VM. Login as ‘zadmin’ with the default password of Zertodata123!
You will be prompted to enter a new password. Enter a new password now. If you did not already document this new password, do so now.
Once logged in, you will be brought to the appliance shell. We want to enable SSH, change the hostname, and then set the network configuration.
Press ‘7' at the main menu, then enter 'y’ to enable SSH. Once completed you should be brought back to the main menu.
Press ‘9' at the main menu. Enter the hostname in all lowercase, with no underscores, and no domain. This should be the exact same name as set in vCenter. This operation will take a little while to complete.
To change the networking, enter '2' at the main menu to enter the Network Configuration submenu.
Once in the Network Configuration submenu, enter '2' to change the static IP address of the appliance.
Enter a new IP address for this ZVMA.
After the networking is configured, the appliance will require a confirmation and then request permission to reboot. Let the ZVMA reboot.
Once the ZVMA comes back online, go to the web UI of the ZVMA using https://IP_OF_THE_APPLIANCE
Enter admin as the username, and admin as the password. You will be prompted to change the password. Enter a new password now. If you did not already document this new password, do so now.
Do not make any changes within the ZVMA web UI yet, except for changing this password.
Initial Keycloak Configuration
The keycloak admin password must be changed as well. After the reboot is completed, the ZVMA is now accessible via the web UI.
Open a browser and enter the keycloak admin interface of the appliance. Use the IP address you entered on the appliance, like so:
Once at the Keycloak Admin page, click on “Administration” and login with ‘admin’ as the username and ‘admin’ as the password.
You will be prompted to enter a new password. Enter a new password now. If you did not already document this new password, do so now.
At this point all the initial deployment steps should be completed.
Source: https://help.zerto.com/bundle/Linux.ZVM.HTML.10.0/page/ZVM_Linux_Deployment_Guide.htm
Post Deployment Configuration
- In the Deployment Settings screen, VC Configuration, configure your vCenter server information, including IP or hostname, username, and password. Note that the hostname is case sensitive.
- Click Configure.
Source: https://help.zerto.com/bundle/Linux.ZVM.HTML.10.0/page/ZVM_Linux_Deployment_Settings.htm
Site Pairing
- Login to the ZVMA GUI
- Enter the ZCC IP and Pairing Token provided to you by Expedient and Click Connect.Source: https://help.zerto.com/bundle/Linux.ZVM.HTML.10.0/page/ZVM_Linux_Deployment_Settings.htm
Install Virtual Replication Appliances
The Virtual Replication Appliance (VRA) is a vendor custom build Debian-based Linux virtual machine that communicates with the virtual hypervisor. It reads input/output changes and writes them to a journal. The VRA is in a 1:1 ratio with the ESXi hosts in your environment. For example, if you have four ESXi hosts, you must install four VRA appliances (one on each host).
- To configure and install Zerto Virtual Replication Appliances (VRAs) on a host, in the Zerto User Interface, click SETUP > VRAs.
- Select a host which requires a VRA and click NEW VRA.
The Configure and Install VRA dialog is displayed.
- There will be a prompt to enter the settings of the ZRA:
- Host: Select an ESXi host for the VRA installation (each host will need a VRA deployed).
- Select the option, "Use credentials to connect to host."
- Host Root Password: Enter the root password for the hosts.
- Datastore: Pick a datastore in your environment with available space.
- Network: Pick the applicable Zerto ZVM Replication network.
- VRA RAM: 3 GB
- VRA vCPUs: 1
- Configuration: Static
- Address: Pick an available IP address on your network.
- Subnet Mask: Enter the relevant subnet mask. (i.e. 255.255.255.0)
- Default Gateway: Enter the appropriate gateway for the network.
- Click Install.
- The VRA installation starts and the status is displayed in the TASKS popup dialog in the status bar and under Monitoring > Tasks.
- The VRA displayed name, and DNS name, is Z-VRA-hostname. If a virtual machine with this name exists, for example when a previous VRA was not deleted, the VRA name has a number appended to it.
- Repeat this procedure to add a VRA to every host that hosts virtual machines for which you want replication.
• Zerto recommends installing a VRA on every listed host.
• An alert is issued after the first VRA is installed in a cluster because Zerto recommends installing a VRA on every host in the cluster. The alert is automatically removed when all the hosts in the cluster have VRAs installed.
• For details of the maximum number of volumes that a VRA can manage, whether these are volumes being protected or recovered, refer to Zerto Scale and Benchmarking Guidelines.
• VRAs are configured and managed by the Zerto Virtual Manager. You cannot take snapshots of VRAs as snapshots cause operational problems for the VRAs.
Source: https://help.zerto.com/bundle/Linux.ZVM.HTML.10.0/page/Installing_Virtual_Replication_Appliances.htm
Firewall Considerations
Port | Purpose |
---|---|
22 | Required between the ZVM Appliance and an ESXi host during installation of a VRA |
80 | VSS communication |
443 | Communication between ZVM Appliance and ZVM GUI and ZVM REST APIs, Zerto Powershell Cmdlets, and the ZCM |
1433 | Required to connect to the external SQL database if an external database is used. |
2049 | Required between Extended Journal Copy and a network shared repository on top of NFS protocol |
4005 | Log collection between the ZVM Appliance and site VRAs, using TLS over TCP communication |
4006 | TLS over TCP communication between the ZVM Appliance and local site VRAs and the site VBA |
4007 | Unencrypted TCP communication between protecting and peer VRAs |
4008 | Unencrypted TCP communication between VRAs to pass data from protected virtual machines to a VRA on a recovery site |
4009 | TLS over TCP communication between the ZVM Appliance and local site VRAs to handle checkpoints |
9007 | Encrypted TCP communication between protecting and peer VRAs |
9008 | Encrypted TCP communication between VRAs to pass data from protected virtual machines to a VRA on a recovery site |
9071 | HTTPS communication between paired ZVMAs |
9180 | Communication between the ZVM Appliance and the VBA |
11371 | Required for installing Ansible |
Source: https://help.zerto.com/bundle/Linux.ZVM.HTML.10.0/page/DNS_Targets_Ports.htm
Future Upgrades
Please note that both the source and destination ESXi host servers must support the replicated virtual machine's hardware version. When either performing upgrades to the ESXi hosts or upgrading virtual machine hardware versions, please first verify the compatibility of the virtual machine's hardware version.
For example:
- vSphere 6.7u2+ supports hardware 7, 8, 9, 10, 11, 13, 14, and 15
- vSphere 7.0 u3 supports hardware 7, 8, 9, 10, 11, 13, 14, 15, 17, and 19