On occasion, administrators may need to import and export Zerto Virtual Protection Group (VPG) settings. Whether you need to export settings prior to un-installing Zerto and import settings after re-install or simply need a settings backup, Zerto has a utility to perform this. Let’s walk through the process of exporting and importing Zerto VPGs.
Export Virtual Protection Group (VPG) Settings
To begin, launch the Zerto Diagnostics application. You can either search your Programs for Zerto Diagnostics or launch the program from C:\Program Files\Zerto\Zerto Virtual Replication.
After launching the Zerto Diagnostics application, select the Export Virtual Protection Group (VPG) settings radio and click Next.
Administrators have a few different options for updating HPE infrastructure components. One popular way to update HPE firmware, drivers, and Smart Components is utilizing Service Pack for Proliant (SPP) and the HP SUM tool.
What are SPP and SUM?
SPP – Service Pack for Proliant is a collection of firmware, drivers and Smart Components that are deployed to your environment via the SUM tool. SPP is packaged as an ISO.
SUM – HP Smart Update Manager is the tool utilized to deploy updates to HP ProLiant Servers, Integrity Servers, BladeSystem infrastructure, and HP Moonshot Servers. SUM, by default, opens as a GUI. It can also be run in interactive CLI, CLI, or Linux RPM mode.
How does SUM and SPP work? SUM discovers nodes in your infrastructure and records their current firmware and drivers. It then checks the existing firmware/drivers against the SPP and provides update recommendations for admins to apply.
How to Update HPE Enclosures, Servers, and Fabric Components
Now that we have that under control. Let’s look at how to deploy updates to your HPE chassis, servers, and fabric components. If you haven’t done so already, download the SPP. The SPP should come with HP SUM.
After you have the pertinent downloads, mount the SPP iso locally. Locate and run the launch_hpsum batch file.
For the final chapter of our Zerto Replication install series, we will create a Virtual Protection Group (VPG) and start replicating virtual machines. As a recap, we have already installed the ZVM, paired the protected and recovery sites, and deployed VRAs.
What is a Virtual Protection Group?
Virtual Protection Groups essentially enable virtual machines to be affinity grouped. Meaning, you can define a group of vms that need to be recovered together. For example, an application that is comprised of a web server, database server, and app server could be grouped together, so they are recovered jointly. VPGs can also be grouped into tiers based on target RPOs. Virtual machines requiring different RPO levels can be grouped so that all critical machines recover together and less critical tiers can be brought up subsequently. It is also entirely possible to include just one virtual machine in a protection group. This provides flexibility in the event a single vm needs recovered as opposed to a group of vms.
Yesterday, news broke about vulnerabilities affecting AMD, Intel, and ARM CPU’s. These vulnerabilities, termed Meltdown and Spectre, have the potential to expose information that the machine(s) process. Check out this post for an in-depth look. At this point, it appears that VMware is not vulnerable to Meltdown; however, they have released patches for Spectre. It has been speculated that patching the flaws will cause performance hits. To what degree varies by reporting source. As always, test patches before deployment and contact support if you have any questions.
As per the initial VMware Security Advisory, the specified patches should be applied for remediation. Remember, these patches remediate known issues. Definitely, watch for additional patches as exploits may continue to surface. If you are needing to patch your ESXi host per the advisory, you can do so through VMware Update Manager (VUM).
Update – VMware has removed patches to address Hypervisor-Assisted Guest Mitigation (VMSA-2018-04).
As a recap, patches have been released to address Hypervisor-Specific Remediation (VMSA-2018-02) and
Hypervisor-Assisted Guest Remediation (VMSA-2018-04). For more detail, check out this VMware KB detailing these responses.
VMware Patch Numbers for ESXi Versions (VMSA-2018-02):
- ESXi 6.5 – ESXi650-201712101-SG
- ESXi 6.0 – ESXi600-201711101-SG
- ESXi 5.5 – ESXi550-201709101-SG
- This 5.5 patch only addresses CVE-2017-5715, not CVE-2017-5753
VMware Patch Numbers for ESXi Versions (VMSA-2018-04)
ESXi 6.5 – ESXi650-201801401-BG, ESXi650-201801402-BG
ESXi 6.0 – ESXi600-201801401-BG, ESXi600-201801402-BG
ESXi 5.5 – ESXi550-201801401-BG
For this example, we will be patching VMware ESXi 6.5 with patch ESXi650-201712101-SG. Additional patches can be applied in the same manner. Read the release notes or security advisories before patching as other components may need to be patched first.
For the second part of our Zerto Replication install series, we are going install the Virtual Replication Appliances (VRAs) as well as pair our protected site to a recovery site.
First, let’s look at the Virtual Replication Appliance(s). VRAs are lightweight, Linux-based virtual machines that handle replication between sites. These VRAs are installed on each host that houses either a protected or a recovery virtual machine. As part of replication, the VRAs compress the data before traversing between sites.
VRA Requirements (Zerto 5.x – VMware Environment)
- 5 GB datastore space
- A minimum of 1 GB memory
- VMware ESXi 4.0U1 or higher
Install Zerto Virtual Replication Appliances (VRA)
From the ZVM Dashboard, navigate to the Setup tab.