Working with Disaster Recovery Configurations

Disaster recovery (DR) configurations specify the resources that play a critical role in protecting Private Cloud Appliance workloads against site-level incidents.

The resources in a DR configuration include compute instances with their associated block volumes, as well as the compartments they belong to and the network resources that provide their connectivity. Relevant network resources and compartment hierarchies must be set up on both the primary and standby rack, and associated with each other through site mappings.

Rules and Conditions

When populating DR configurations, respect the following rules regarding compute and storage resources.

• A compute instance must be stopped before it can be added to a DR configuration. There is one exception: when all volumes attached to the instance are also attached to one or more instances already included in the same DR configuration.

• A compute instance must be stopped before it can be removed from a DR configuration. There is one exception: when all volumes attached to the instance are also attached to one or more instances still included in the same DR configuration.

• All compute instances in a DR configuration must be stopped before the DR configuration can be deleted.

• A volume attached to a compute instance might be created from another source volume or volume backup. Such an instance (instance T) can be added to a DR configuration on condition that the source volume is not attached to any instance in any DR configuration. Note that source volume also refers to the volume used for the volume backup, and its direct or indirect source.

  Alternatively, the instance with the source volume attached can be added to a DR configuration on condition that instance T is not added to any DR configuration. Due to the volume source/target relationship, only one of the instances involved can be part of a DR configuration, not both.

• A DR configuration must be refreshed when configuration for any of its instances has changed, including changes for the instance and the attached storage or network resources. This is to ensure the instances on the standby rack after switchover or failover are started with needed attributes preserved.

• Refreshing a DR configuration results in a failure in case a volume and the source from which it was created, are both attached to one or more compute instances in any DR configuration.

• Instances in a DR configuration preserve the primary and secondary private IPs upon switchover or failover on condition that the subnet for the IP address is tagged appropriately. The subnet must be assigned a freeform tag, with the key preserve_private_ips and a value set to anything.

  When this freeform tag is applied, any instance with a VNIC attached to this subnet preserves the associated primary and secondary IP addresses after switchover or failover. The precheck on the standby rack verifies whether the IP address is already in use, and fails if this is true.

Instructions

These sections explain how to build DR configurations:

• Creating and Maintaining Disaster Recovery Configurations

• Creating and Maintaining Site Mappings

• Adding and Removing Compute Instances