Category: Zerto

Zerto Cloud Manager

Hi All, in this series i am going to be looking at a deepdive into the Zerto Cloud Manager(ZCM), the ZCM is a component normally deployed by our service providers but can equally be used by End User customers aswell.

Some of the features the ZCM brings are:

  • Multi-Tenancy Support
    • Resource allocation
    • Organisations or “ZORG” Definition
    • ZSSP user configuration
  • Granular RBAC
  • ZCC deployment
  • Service Profile Definition
  • Centralized alerting – can also be viewed via Zerto Analytics

As you can see there is a wealth of additional features and functionality that can be added to the Zerto platform with the addition of the ZCM

Deployment

As we can see the ZCM is another VM deployed inside the Datacenter – the install packages can be downloaded via MyZerto.

For all tech specs and ports etc please follow the Zerto official documentation :

ZCM Install Guide
Zerto Service Provider Guidelines
ZCM Administrator Guide

Walkthrough

In this section I will be walking you through the various areas of the ZCM to give you an understanding of what each section does

but first lest get some Jargon out of the way

  • ZORG – Zerto organisation – Used to define what a single tenant is inside of the Zerto Infrastructure
  • ZSSP – Zerto Self Service Portal – Allows tenants to access Zerto Infrastructure that is not hosted by themselves
  • ZCC – Zerto Cloud Connector – A Small Appliance that allows a dedicated connection point for each Tenant, this masks the infrastructure behind the ZCC so no information is displayed to the tenant.

Login

Logging in is simple – its a Web based UI – that is accessed using the following URL:

https://zcmip:9989

htps://zcmfqdn:9989

Organizations Tab

In this section we show all the ZORG’s that are currently configured inside the ZCM, as the ZCM is a global entity across the entire Zerto estate a ZORG only needs to be created once and can now be used across the entire Zerto estate wherever it is required.

We can also drill into the each organization in more detail – we will cover this further down.

Sites Tab

The sites listed under this screen are the Sites directly connected to this ZCM – this does not include DRaaS Customer connected via a ZCC.

You will see all the various info about the site including whether it is configured for VCD or not.

Adding a new site is very easy

Simply click on add, input the required details – ZVM IP the port you have installed the ZVM on – normally left as default, and the ZCM access code which can be found under the site settings in your ZVM.

Service Profiles

Service Profiles come in extremely handy for either Service providers of Large enterprises that want a cookie cutter approach to protecting their VM’s. Service profiles allow the administrator to pre-define certain fields inside of a VPG.

The fields that are pre-populated in a service profile are:

  • Target RPO Alert – The threshold for when Zerto should alert the user that an RPO has exceeded expected RPO
  • Default Journal History – The time of length that the short term journal is configured for.
  • Journal Size Hard Limit – Maximum size the short term journal can grow to in % of VM size
  • Journal Size Warning Threshold – the % Size of the journal that will trigger an alert
  • Test Frequency Reminder – how often should this VPG be tested for DR

These service profiles are then assigned during the VPG Creation ensuring that each VPG has the same settings per service profile.

Permissions

The Permissions tab is where administrators will configure RBAC.

To enable RBAC select the “Enable Role-Based Permissions” option

I will be doing a follow up blog to cover RBAC in more detail so watch this space.

Deep Dive into ZORGS

as we discussed earlier a Zorg is an organisation inside of Zerto, so let’s explore one in more detail :

Zorg Page

Lets run through each section in a little more detail:

1– This is the Zorg information – this will be used for Zorg identification both internally and externally, this is also used as a field for the ZSSP login

2– Pre-seed folder name is used to store ZORG pre-seed disks, this means that only Disks inside of a folder that matches this name can be seen by a ZORG to use for pre-seed – make sure this matches a folder name inside your environment if you change it.

3-These permissions dictate what a customer can/cant do inside of the ZSSP – they are relatively self explanatory, expect for the last one – “Prevent vAPP operations during test” , when this is turned on a user will not be able to change settings inside of the created VCD vApp when Zerto is performing a failover test. This prevents issues where users could delete the vApp without zerto being aware making the VPG go into an error state, in my opinion this should always be turned on.]

4– Custom Service profiles allows a ZORG to create their own service profiles on a per VPG basis, this enabled a ZORG user to change the settings we ran through earlier in the post.

5– ZSSP login credentials – Again self explanatory – these are the credentials used for a ZORG to login to the ZSSP, I would recommended rotating credential’s on a regular basis for security purposes.

Resource Allocation

One of the most important sections in the ZCM is the ability to assign resources to a ZORG ensuring that no Zorg can use resources they have not been assigned. a ZVM can either be configured to use vCenter OR VCD this shows in the sites tab I showed earlier.

vCenter Resources that can be assigned are the normal objects found in vCenter these comprise of:

  • Resource Pools – These are mandatory when deploying Zerto in multi-tenant vCenter environment – can only exist in a single ZORG
  • Virtual Networks – Can only Exist in a single ZORG
  • Datastores – Can exist in multiple ZORG’s
  • Repositories – can only Exist in a single ZORG

When we are using VCD we add the whole VCD organisation under the ZORG – This will then automatically include all ORG VDC’s and the objects contained within them, eg ORGVDC Networks and Storage policies. each organisation can only exist in a single ZORG at a time, and the ZORG will populate new resources as they are added into the VCD organisation.

Customer Sites

This section is where we would Deploy ZCC’s for the specified ZORG

There is a simple wizard to help deploy the appliances that connect a customers on-premise site to a service provider site.

Once this is deployed the Zorg customer can now pair through the ZCC into the ZVM backing it, this hides all internal infrastructure outwards.

Conclusion

the ZCM is a very powerful component and probably a component that some of you may not have used before and can be used in service provider and Large enterprise customer settings.

As I said before keep an eye out for more details on the RBAC post to follow

Please share and comment

Cheers

Chris

New in Zerto 9 – JFLR from ZSSP

With my service provider background holding a large place in my heart i am always extra excited when new features in Zerto land that are aimed directly at our service providers.

one of these features in Zerto 9 is the ability to enable tenants to restore files and folders directly back into production VM’s or download compressed inside the web browser from all the journal recovery points. this means that without any intervention from your service provider a tenant can access files and folders from mere seconds go and self service restore them, and remember all this without snapshots or any production impact .

lets run through the process of how a tenant can access this :

  1. log into to your service providers ZSSP (if they have enabled the VCD Tenant UI this can be done from inside VCD)

2. Navigate to the Restore Button and click restore file

3. The wizard will open up and you can select which VM you would like to recover files and folders from

4. the next page is where the tenant can select the journal point in time that they want to “rewind” the files and folder to – Note the 1494 points in time to recover from.

5. now select to mount the view of the files and folders – this uses no additional compute resources as we do not build any infrastructure or VM’s during this process meaning no additional costs.

6. the mount process will now start and can take a couple of minutes to complete

7. once the mount completes you will now be able to open up the rewinded point in time to view the files and folders

8. you will now see the VM you have chosen with the disks available to browse, here is where you select the files and folders you want to recover.

9. you now get your recovery options – you can ether restore instantly back into the production VM using guest OS credentials you have pre-configured or you can download them compressed inside of the web browser.

7. once this is done you can stop the mount – one thing to note as whilst this process is ongoing Zerto is still replicating the data therefore maintaining that ~5 second RPO

watch the full video here:

Thanks for reading

Chris

Zerto’s First Appearance in the Gartner Enterprise Backup & Recovery MQ!

    Zerto reached a huge milestone in its history by making it into the Gartner MQ for Backup and Recovery for the first time. in my opinion this is a huge step as Zerto has its roots in the Disaster Recovery Sector. I believe this is even more significant as the MQ placement was evaluated before some key announcements from Zerto, lets dig into some of these

  • Zerto for SaaS Powered by Keepit – Powerful SaaS Backups for Microsoft 365, Google Workspaces, Salesforce and More! all delivered in an easy to use SaaS platform that requires no infrastructure, no additional storage (even public cloud storage) and some amazing recovery workflows 

  • Zerto for Kubernetes (Z4K) – the worlds best CDP engine dropped into the worlds best container orchestration platform, in my opinion a match made in heaven. allowing customers to achieve data protection-as-code, so Kubernetes workloads are born protected, and protected every 5 or so seconds with the same granularity that Zerto customers have come to expect from Zerto’s CDP engine for VM’s

  • Zerto 9 – In my opinion one of the biggest releases in Zerto’s history. Loads of new features & functionality including but no limited to:
  • Immutability for backups
  • File level recovery from LTR repositories
  • Instant VM restore into production 
  • S3 compatible repositories now supported 
  • Cloud storage automated tiering 
  • Automated VM protection                                                             

 watch the release webinar here:
https://www.zerto.com/page/zerto-9-demo-instant-ransomware-recovery/ 

    When we take all of these things into account I truly think that Zerto has a great future disrupting the backup market and making sure CDP is the best protection against things like ransomware.
More to come on the above features in future posts

Please comment, or share so others are also aware. 

Thanks for reading 

Chris