FSx file system replication with Arpio
FSX for Windows>
FSX for ONTAP>
Handling Credentials for Self-Managed AD>
FSx for Windows File Server
Arpio can replicate file systems configured with either a self-managed Microsoft AD or an AWS Managed AD.
If you are using an AWS Managed Microsoft AD, you must set up the directory in your recovery environment before using Arpio replication to recover an FSx file system that uses the directory. See AWS Managed Microsoft AD for instructions on configuring your directory to be available in your recovery environment.
If you use a self-managed Microsoft AD, hosted on EC2 instances in your account, Arpio will automatically include those Windows EC2 instances in your application and replicate them to your recovery environment.
Arpio replicates the following Amazon FSx for Windows File Server resources.
File System
Arpio replicates file systems and their contents.
The following attributes are translated when replicating file systems to the recovery environment:
|
Attribute |
Translation |
|
Subnets |
Translated to corresponding subnets that Arpio manages in the recovery environment |
|
Amazon VPC |
Translated to the corresponding VPC that Arpio manages in the recovery environment |
|
Security Groups |
Translated to the corresponding Security Groups that Arpio manages in the recovery environment. |
|
Active Directory Configuration |
Translated to use either the self-managed Microsoft AD or AWS Managed AD in the recovery environment. |
The following resources are automatically selected into recovery points when using a self-managed Microsoft Active Directory:
- EC2 Instances that host the self-managed Microsoft AD
FSx for ONTAP
Arpio can replicate FSx ONTAP volumes. This is done using ONTAP's SnapMirror technology which requires manual configuration. See Onboarding Instructions for more details.
Arpio replicates the following FSx for ONTAP resources.
Volume
Arpio replicates the volumes and their contents. Since volumes have no direct references to external resources, attribute translation is not required.
Any SMB/CIFS shares defined inside of the volume are also replicated, along with their Access Control Lists (ACLs).
The following resources are automatically selected into recovery points when an FSx ONTAP Volume is selected:
- FSx ONTAP Storage Virtual Machine
Storage Virtual Machine
Arpio replicates storage virtual machines needed by volumes. Since SVMs have no direct references to external resources, attribute translation is not required. If an SVM is joined to an Active Directory domain, Arpio will attempt to join it to the Active Directory controller with the same IP address in the recovery environment during a failover or failover test operation. Upon conclusion of the failover or test, the SVM is detached from the Active Directory controller.
The following resources are automatically selected into recovery points when using a storage virtual machine:
- FSx ONTAP File System
File System
Arpio does not directly replicate file systems. You must deploy the recovery filesystem yourself and provide a reference to it in the primary file system's arpio-config:fsx:ontap:peer tag. See Onboarding Instructions for details.
Active Directory Credentials for Recovered FSX filesystem
When Arpio recovers a file system that uses a self-managed Microsoft AD, the file system in the recovery environment is configured to authenticate to the directory using the username that Arpio read from the primary environment.
Because Arpio cannot read the password associated with that username, you must configure a specific Secrets Manager secret containing the appropriate password to your recovery environment after you add the file system to your Arpio application.
Arpio will notify you when it's time to create this Secret and tell you the expected name of the recovery Secret via Arpio issue message.