Deploying additional DDVE appliances in the
Cyber Recovery vault
Multiple production
DD systems can replicate data to multiple
DD Virtual Edition (DDVE) appliances in the
Cyber Recovery vault. After the
Cyber Recovery solution is deployed on
Amazon Web Services (AWS), you can add additional DDVE appliances to the
Cyber Recovery vault.
Prerequisites
An additional DDVE is deployed in the
Cyber Recovery vault on AWS.
Ensure that you:
Follow instructions for deploying a DDVE on AWS in the
PowerProtect DD Virtual Edition on Amazon Web Services Installation and Administration Guide at
Dell Online Support.
Configure the newly added DDVE so that it is on the same subnetwork as the existing DDVE.
Configure the newly added DDVE so that it uses the same security group as the existing DDVE.
Create an S3 bucket as described in the
PowerProtect DD Virtual Edition on Amazon Web Services Installation and Administration Guide.
NOTE:You cannot access the S3 bucket on the newly added DDVE until you complete the following steps.
About this task
Perform the following steps to ensure connectivity between the jump host and an additional DDVE in the
Cyber Recovery vault:
Steps
In the AWS Management Console, go to
Services > VPC.
Under
SECURITY on the left side menu, click
Network ACLs.
Under
Network ACLs in the main window, click
<your prefix>_PPCR Jump Host Subnet ACL.
Edit the jump host ACL:
Click the
Inbound rules tab, and then click
Edit Inbound Rules.
In the
Edit Inbound Rules window, click
Add new rule.
Add a rule that includes the ephemeral range 1024-65535 for the destination IP address of the newly added DDVE, and then click
Save changes.
NOTE:The default value for the
Allow/Deny field is
Allow. This field indicates that the port range from the source IP address, which is the newly added DDVE, is allowed.
Click the
Outbound rules tab, and then click
Edit Outbound Rules.
In the
Edit Outbound Rules window, click
Add new rule.
Add a rule that includes the ephemeral range 1024-65535 for the destination IP address of the newly added DDVE.
Click
Add new rule again.
Add a rule that includes https port 443 for the destination IP address of the newly added DDVE, and then click
Save changes.
Under
SECURITY on the left side menu, click
Security Groups.
Under
Security Groups in the main window, click
<your prefix>_PPCR Mgmt Host SG.
Edit the management host security group:
Click the
Outbound rules tab, and then click
Edit Outbound Rules.
In the
Edit Outbound Rules window, click
Add rule.
Add the following four rules for the destination IP address of the new DDVE:
Add SSH port 22
Add Custom TCP port 2052
Add Custom TCP port 2049
Add Custom TCP port 111
Click
Save rules.
Under
VIRTUAL PRIVATE CLOUD on the left side menu, click
Endpoints.
Select the endpoint that corresponds to the S3 Gateway endpoint that was created during the initial
CloudFormation deployment.
NOTE:The endpoint type is displayed as
Gateway.
Click the
Policy tab, and then click
Edit Policy.
In the
Edit Policy window, under the
Resource section of the policy, add the Amazon Resource Name (ARN) for the S3 bucket that was created for the newly added DDVE.
The following example shows the required changes in boldface:
dds3bucket is the original bucket that was created during the initial
CloudFormation deployment.
secondary-dds3bucket is the new bucket that is created for the additional DDVE in the
Cyber Recovery vault.
NOTE:Ensure that you add the bucket name as a resource on one line, and then repeat on the second line with the trailing
/*. You must include both lines.
You can now access the
Cyber Recovery jump host on AWS and connect to the newly added DDVE.
Return to the
PowerProtect DD Virtual Edition on Amazon Web Services Installation and Administration Guide instructions to create a file system on S3 object storage on the newly added DDVE.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\