I think that will be more than just one post. I would like to go thru the overview, design, and best practice with implementing CIFS DR solution using VNX Replicator. Let’s start from the beginning.
CIFS DR introduction
DR stands for Disaster Recovery, and it’s a plan to replicate and recover data (in case of a distaster). What does that exactly mean? Let’s assume you have two Data Centers – one for your production environment, with all users connecting to it, and second, maybe with a little bit cheaper hardware, DR Data Center. Once there is a failure in your primary DC (for example all power suppliers will fail, or there is a fire), to guarantee data continuity you have to switch your users to your DR site. This series of posts will explain step-by-step how to do it with CIFS (Windows users) servers for EMC VNX.
CIFS DR solution is asynchronus. It means that during the failure you will loose some data. Typically the data is replicated every 10 minutes, so in worst-case scenario (using typical setting) you will lose up to 10 minutes of users work when losing primary DC. A point-in-time copy of a production environment can be replicated asynchronously to a remote VNX and, in the event of disaster, can be accessed using the same CIFS servers, share names and local groups.
There are two basic rules to implement this solution, first is: you have to use VNX Replicator. Second is – your CIFS servers have to be placed on Virtual Data Movers (VDM).
It’s a little bit more complex that the picture I above. Replicating CIFS data takes more than just replicating file systems. Sinces CIFS data is dependent on its environment, parts of the environment must be replicated as well. That’s why you have to use VDM. Virtual Data Mover is contained within a file system that can be replicated and contains the following CIFS information:
- local groups database
- CIFS server names and interfaces
- Kerberos information
- CIFS share database
- home directories
- event logs
To make CIFS data user accissible on remote site, you have to replicate both the file systems and associated VDMs.
CIFS DR configuration
There are a number of setup operations to be performed if you like to implement a CIFS DR solution using VNX replicator. The most important are:
- You have to CIFS service running (obviously 🙂 ), Replicator and SnapSure licensed and enabled.
- Ability to configure Control Station, Data Mover IP interfaces, routing, DNS and NTP network services.
- If your VNX is windows-only environment it’s highly recommended to use Usermapper for user mapping method. You have to configure one primary usermapper service and one secondary usermapper service. It doesn’t mean that primary usermapper should be in your primary DC. Actually EMC gives you the choice, but best practice is to put in in your remote DR. I will write a seperate post regarding Usermapper.
- VDMs have to be configured and data file systems have to be created, configured and mounted on the VDMs. Same with CIFS Servers – they have to be configured within VDMs as well.
Data Mover network interface configuration
As you know, CIFS servers are assigned to network interface names. with VNX Replicator, CIFS servers must be able to operate on the DR site. Without that there would be no option to direct end-users to your DR site. To make that possible the interface names used by CIFS servers must be identical on the Data Movers from both sites. I bet you wonder ‘OK, same interface name, what about IP?’ Great question.
Data Movers can have different or the same IPs. When the interfaces on each site are configured with the same IP address, there are some benefits and risks. First of all, DR site cannot have the interface up and online. With different IP address the interfaces on both sides can be up and online. There is no need for manual manipulation of the interfaces during a failover operation. However there is one risk as well – CIFS server will have a different IP address. If dynamic DNS is used, the records for the CIFS server will be updated automatically… But… Any clients having a DNS cache (with old-IP entry) will be unable to access the CIFS server until its DNS cache is flushed.
NTP Service configuration
I assume your CIFS servers are joined to Active Directory Domain. Both AD, and Replicator operations are time sensitive. AD authentication uses the Kerberos auth protocol – which requires a default time tolarance of 5 minutes. When configuring remote replication, Control Stations (primary and secondary site) must be within 10 minute time tolerance. The NTP service is used for maintaining system time synchronization. For redundancy purposes you should configure your VNX with at least two NTP servers. Remember, you configure both Data Mover, and Control Station with NTP service.
Hi,
Excellent article. Crystal clear, no-nonsense information. Keep writing more.