Contact UsGet started

Fault protection with Hystax Acura

Written by
Updated at February 27, 2025

Regardless of your resource allocation structure, you can protect your infrastructure with Hystax Acura.

Supported platforms:

  • Cloud services
  • Hypervisors
  • Physical servers

To get started, create a VM with Hystax Acura Disaster Recovery to manage replication and recovery. Auxiliary Hystax Cloud Agent VMs will perform continuous and periodic replication. For a detailed description of the architecture, see this Hystax overview article.

To run Hystax Acura Disaster Recovery, follow the steps below:

  1. Get your cloud ready.
  2. Create a service account and authorized key.
  3. Configure the network traffic permissions.
  4. Create a VM with Hystax Acura.
  5. Set up Hystax Acura.
  6. Prepare and install the agents for disaster recovery.
  7. Enable replication.
  8. Set up subnets to run the VMs.
  9. Create a disaster recovery plan.
  10. Run exercises.
  11. Perform disaster recovery.

If you no longer need the resources you created, delete them.

Get your cloud ready

Sign up for Yandex Cloud and create a billing account:

  1. Go to the management console and log in to Yandex Cloud or create an account if you do not have one yet.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one.

If you have an active billing account, you can go to the cloud page to create or select a folder for your infrastructure to operate in.

Learn more about clouds and folders.

Note

Note that both the Hystax Acura infrastructure and all the recovered VMs will be charged and counted against the quotas.

  • A Hystax Acura Disaster Recovery VM uses 8 vCPUs, 16 GB of RAM, and a 200-GB disk.
  • The auxiliary Hystax Cloud Agent VMs use 2 vCPU cores, 4 GB or RAM, and a 10-GB disk. A single Hystax Acura Cloud Agent VM can serve up to 6 replicated disks at the same time. Should the number of disks exceed 6, this will automatically create additional Hystax Acura Cloud Agent VMs.

The cost of the resources required to use Hystax Acura Disaster Recovery includes:

Create a service account and authorized key

The Hystax Acura Disaster Recovery application will run under a service account:

  1. Create a service account named hystax-acura-account with the editor and marketplace.meteringAgent roles.
  2. Create an authorized key for the service account.

Save the following details to use at the next steps:

  1. Service account ID.
  2. Service account authorized key ID.
  3. Service account private authorized key.

Configure the network traffic permissions

Configure the network traffic permissions in the default security group. If a security group is unavailable, this will allow any inbound or outbound VM traffic.

If a security group is available, add the following rules to it:

Traffic
direction		 Description Port range Protocol Source /
Destination name		 CIDR blocks
Inbound http 80 TCP CIDR 0.0.0.0/0
Inbound https 443 TCP CIDR 0.0.0.0/0
Inbound https 4443 TCP CIDR 0.0.0.0/0
Inbound vmware 902 TCP CIDR 0.0.0.0/0
Inbound vmware 902 UDP CIDR 0.0.0.0/0
Inbound iSCSI 3260 TCP CIDR 0.0.0.0/0
Inbound udp 12201 UDP CIDR 0.0.0.0/0
Inbound tcp 15000 TCP CIDR 0.0.0.0/0
Outbound http 80 TCP CIDR 0.0.0.0/0
Outbound https 443 TCP CIDR 0.0.0.0/0
Outbound vmware 902 TCP CIDR 0.0.0.0/0
Outbound vmware 902 UDP CIDR 0.0.0.0/0
Outbound iSCSI 3260 TCP CIDR 0.0.0.0/0
Outbound udp 12201 UDP CIDR 0.0.0.0/0

Save the security group ID. You will need it when creating VMs with Hystax Acura.

Create a VM with Hystax Acura

Create a VM with a boot disk from the Hystax Acura Disaster Recovery to Yandex Cloud image.

Start the VM

  1. In the management console, select the folder where you want to create your VM.

  2. From the list of services, select Compute Cloud.

  3. In the left-hand panel, select Virtual machines.

  4. Click Create virtual machine.

  5. Under Boot disk image:

  6. Under Location, select an availability zone where your VM will reside.

  7. Under Disks and file storages, enter 200 GB as the boot disk size.

  8. Under Computing resources, select the 8 vCPU and 16 GB configuration.

  9. Under Network settings:

    • In the Subnet field, enter the ID of a subnet in the new VM’s availability zone. Alternatively, you can select a cloud network from the list.

      • Each network must have at least one subnet. If there is no subnet, create one by selecting Create subnet.

      • If you do not have a network, click Create network to create one:

        • In the window that opens, enter the network name and select the folder to host the network.
        • Optionally, enable the Create subnets setting to automatically create subnets in all availability zones.
        • Click Create network.

    • If a list of Security groups is available, select the security group whose network traffic permissions you previously configured. If this list is not there, all inbound and outbound traffic will be allowed for the VM.

  10. Under Access, select SSH key and specify the VM access credentials:

    • In the Login field, enter a username, e.g., yc-user.

    • In the SSH key field, select the SSH key saved in your organization user profile.

      If there are no saved SSH keys in your profile, or you want to add a new key:

      • Click Add key.
      • Enter a name for the SSH key.
      • Upload or paste the contents of the public key file. You need to create a key pair for the SSH connection to a VM yourself.
      • Click Add.

      The SSH key will be added to your organization user profile.

      If users cannot add SSH keys to their profiles in the organization, the added public SSH key will only be saved to the user profile of the VM being created.

  11. Under General information, specify the VM name: hystax-acura-vm.

  12. Under Additional, select the hystax-acura-account service account.

  13. Click Create VM.

If you do not have the Yandex Cloud CLI yet, install and initialize it.

The folder specified in the CLI profile is used by default. You can specify a different folder through the --folder-name or --folder-id parameter.

In the terminal, run this command:

yc compute instance create \
  --name hystax-acura-vm \
  --zone <availability_zone> \
  --cores 8 \
  --memory 16 \
  --network-interface subnet-id=<subnet_ID>,nat-ip-version=ipv4,security-group-ids=<security_group_ID_if_group_set_up_previously> \
  --create-boot-disk name=hystax-acura-disk,size=200,image-id=<Hystax_Acura_image_ID> \
  --service-account-id <service_account_ID> \
  --ssh-key ~/.ssh/id_ed25519.pub

Where:

  • name: VM name, e.g., hystax-acura-vm.

  • zone: Availability zone, e.g., ru-central1-a.

  • cores: Number of vCPUs the VM has.

  • memory: VM RAM size.

  • network-interface: VM network interface description:

    • subnet-id: Subnet to connect your VM to.

      You can get the list of subnets using the yc vpc subnet list CLI command.

    • nat-ip-version=ipv4: Connect a public IP address.

    • security-group-ids: Security groups.

      You can get the list of groups using the yc vpc security-group list command. If you skip this parameter the system will assign the default security group.

  • create-boot-disk: Create a new disk for the VM:

    • name: Disk name, e.g., hystax-acura-disk.

    • size: Disk size.

    • image-id: Disk image ID.

      For this example, use image_id from the product description in Cloud Marketplace.

  • service-account-id: ID of the previously created service account.

    You can get the list of accounts using the yc vpc security-group list command.

  • ssh-key: Path to the public SSH key file.

Convert the IP address to static

VMs get a public dynamic IP address when created. Since a VM with Hystax Acura may reboot, make the IP static.

To convert a dynamic public IP address into a static one:

  1. In the management console, open the page for the folder you are using.
  2. Select Virtual Private Cloud.
  3. Go to the IP addresses tab.
  4. Click in the row with the address of your Hystax Acura VM.
  5. In the menu that opens, select Make static.
  6. In the window that opens, click Change.

If you do not have the Yandex Cloud CLI yet, install and initialize it.

The folder specified in the CLI profile is used by default. You can specify a different folder through the --folder-name or --folder-id parameter.

To convert a dynamic public IP address into a static one:

  1. See the description of the CLI commands for updating the address attribute:

    yc vpc address update --help

  2. Get a list of the addresses:

    yc vpc address list

    Result:

    +----------------------+------+-----------------+----------+------+
|          ID          | NAME |     ADDRESS     | RESERVED | USED |
+----------------------+------+-----------------+----------+------+
| e2l46k8conff8n6ru1jl |      | 84.201.155.117  | false    | true |
+----------------------+------+-----------------+----------+------+

    The false value of the RESERVED parameter means the IP address with the e2l46k8conff8n6ru1jl ID is dynamic.

  3. Convert this address to static by using the --reserved=true key and the IP address ID:

    yc vpc address update --reserved=true e2l46k8conff8n6ru1jl

    Result:

    id: e2l46k8conff8n6ru1jl
folder_id: b1g7gvsi89m34pipa3ke
created_at: "2023-06-02T09:36:46Z"
external_ipv4_address:
  address: 84.201.155.117
  zone_id: ru-central1-b
  requirements: {}
reserved: true
used: true

    Now that the reserved parameter is true, the IP address is static.

Set up Hystax Acura

  1. Open the hystax-acura-vm VM page in the management console and find its public IP address.

  2. Enter the hystax-acura-vm VM public IP address in your browser. This will open the initial Hystax Acura setup screen.

    Note

    After the Hystax Acura Disaster Recovery VM boots up for the first time, an installation process will start, which may take over 20 minutes.

  3. By default, a Hystax Acura VM has a self-signed certificate.

  4. On the page that opens, fill out the following fields:

    • Organization: Name of your organization.
    • Admin user login: Email address for logging in to the admin panel.
    • Password: Admin password.
    • Confirm password: Re-enter the admin password.

  5. Click Next.

  6. Specify the Yandex Cloud connection settings:

    • Service account ID: ID of the service account.

    • Key ID: ID of the service account authorized key.

    • Private Key: Private part of your service account authorized key.

      Note

      If you obtained the ID and private key in a JSON file, e.g., when creating an authorized key via the CLI, remove the line break characters (\n) from the ID and the private key.

    • Default folder ID: ID of your folder.

    • Availability zone.

    • Hystax Service Subnet: ID of the subnet the hystax-acura-vm VM is connected to.

    • S3 host: storage.yandexcloud.net.

    • S3 port: 443.

    • Enable HTTPS.

    • Public IP address of the Hystax Acura management console: Public IP address of the Hystax Acura VM. Replace the value in this field with the IP address you got at step 1.

  7. Click Next.

Hystax Acura will automatically check whether it can access your cloud. If everything is correct, you can now log in to the Hystax control panel using your email address and password.

Prepare and install the agents for disaster recovery

The agents will install on the VMs that will be recovered in Yandex Cloud. To download and install an agent:

  1. In the Hystax Acura control panel, click the Hystax logo in the top-left corner.

  2. Under Machines Groups, create a group of protected VMs, e.g, Prod-Web.

  3. Go to the Download agent tab.

  4. Select one out of three agent types depending on the OS:

    • VMware
    • Windows
    • Linux

    Click Next.

  5. Download and install the agent on the VMs you would like to protect:

    1. From the drop-down list, select a group of VMs to set up agents for, e.g., Prod-Web.

    2. Select New VMware vSphere and fill in these fields:

      • Platform Name.
      • Endpoint: Public IP address of the ESXi host.
      • Login: User login. This user must have the admin permissions.
      • Password.

      Click Next.

    3. Click Download agent and wait for the download to complete.

    4. Unpack the downloaded OVA agent file on the ESXi host.

    5. Start the VMs with the agent.

    1. From the drop-down list, select a group of VMs to set up agents for, e.g., Prod-Web.
    2. Click Next.
    3. Click Download agent and wait for the download to complete.
    4. Unpack the archive and install the agent from hwragent.msi on the VMs you want to protect.
    1. From the drop-down list, select a group of VMs to set up agents for, e.g., Prod-Web.
    2. Select the Linux distribution type:
      • CentOS/RHEL (.rpm package): CentOS or Red Hat-based.
      • Debian/Ubuntu (.deb package).
    3. Select the driver installation method:
      • Pre-built: Install a driver binary.
      • DKMS: Compile as you install.
    4. Click Next.
    5. You will get commands for installing the agent to the VM. Run these commands following the instructions for your distribution and installation method.

Enable replication

After the agent is installed on the VMs under protection, they will appear in the list as Unprotected.

To enable VM replication:

  1. Open the Hystax Acura control panel. Click the Hystax logo.
  2. Under Machines Groups, deploy an instance group, e.g., Prod-Web.
  3. In the right-hand VM list, click .
  4. Set up a replication schedule and snapshot retention period using the Edit replication schedule and Edit retention policies options. For more information, see this Hystax article.
  5. Select Enable protection.

This will start VM replication. Once it is complete, the VMs will change their status to Protected.

Set up the subnets to run the VMs

The recovery process will create a cloud site, i.e., an infrastructure to support your application in Yandex Cloud that includes subnets and recovered VMs.

Create subnets whose CIDRs will contain the IP addresses of your VMs.

For example, if you are protecting two VMs with IP adresses 10.155.0.23 and 192.168.0.3, create two subnets with CIDRs 10.155.0.0/16 and 192.168.0.0/24. The subnets must reside in the same availability zone as the Hystax Acura Disaster Recovery VM.

To create subnets:

  1. Open the Virtual Private Cloud section in the folder where you want to create a subnet.
  2. Click the cloud network name.
  3. Click Create subnet.
  4. Enter a name for the subnet, e.g., net-b-155.
  5. From the drop-down list, select an availability zone, e.g., ru-central1-b.
  6. Enter the subnet CIDR, such as 10.155.0.0/16.
  7. Click Create subnet.

Save the IDs of the created subnets. You will need these when you create your disaster recovery (DR) plan.

If you do not have the Yandex Cloud CLI yet, install and initialize it.

The folder specified in the CLI profile is used by default. You can specify a different folder through the --folder-name or --folder-id parameter.

  1. Get a list of the cloud networks:

    yc vpc network list

    Result:

    +----------------------+----------------+
|          ID          |      NAME      |
+----------------------+----------------+
| enplum7a98s1t0lhasi8 |    network     |
+----------------------+----------------+

  2. Select NAME or ID of the cloud network you need. Create a subnet:

    yc vpc subnet create \
  --name net-b-155 \
  --network-name network \
  --zone ru-central1-b \
  --range 10.155.0.0/16

  3. To view the subnet list, run the command below:

    yc vpc subnet list

    Result:

    +----------------------+-------------+----------------------+----------------+---------------+------------------+
|          ID          |    NAME     |      NETWORK ID      | ROUTE TABLE ID |     ZONE      |      RANGE       |
+----------------------+-------------+----------------------+----------------+---------------+------------------+
| e2lgjspicv43ainspl0n | net-b-155   | enplum7a98s1t0lhasi8 |                | ru-central1-b | [10.155.0.0/16]  |
| e2l8g5u9ijd1sursv2ov | net-b-192   | enplum7a98s1t0lhasi8 |                | ru-central1-b | [192.168.0.0/24] |
| e2l1hqsrpp932ik74aic | net-b       | enplum7a98s1t0lhasi8 |                | ru-central1-b | [192.168.1.0/24] |
+----------------------+-------------+----------------------+----------------+---------------+------------------+

    Save the IDs of the subnets you created. You will need these when you create your disaster recovery (DR) plan.

For more details, see this Virtual Private Cloud step-by-step guide.

Create a disaster recovery plan

The DR plan includes a VM description and the network settings. You can have a plan generated automatically or create one manually.

To generate a DR plan automatically:

  1. Open the Hystax Acura control panel. Click the Hystax logo.
  2. Select the VMs you need from the list, click Bulk actions, and select Generate DR plan. You can also generate a plan for a VM group by clicking in the group header.
  3. In the Title field, enter the name: Plan-1.
  4. Under Subnets on the right, specify the parameters of the previously created subnets: Subned ID and CIDR.
  5. Click Save.

To create a DR plan manually:

  1. Open the Hystax Acura control panel. Click the Hystax logo.
  2. Click Add DR plan.
  3. In the Title field, enter the name: Plan-1.
  4. Use one of the modes below:
    • Basic: Create a plan with regular settings.
    • Expert: Create a plan with flexible settings using JSON (see the detailed syntax description here).
  5. Add VMs by clicking . If required, specify an initialization order by using the Move to another Rank option.
  6. If required, modify the parameters of the new VMs. To do this, specify the following in the Flavor name field: <platform>-<cpu>-<ram>-<core_fraction>, e.g., 2-8-16-100.
  7. Under Subnets on the right, specify the properties of the previously created subnets: Subned ID and CIDR.
  8. Click Save.

Warning

Make sure you specified a valid IP address for each VM.

Run tests

With regular tests, you can check your infrastructure fault tolerance, as well as make changes to your configuration when required.

To run a test without shutting down the primary infrastructure:

  1. Open the Hystax Acura control panel. Click the Hystax logo.
  2. In the top navigation panel, select Run test Cloud Site.
  3. Tick the disaster recovery plans you need in the list. Expand and edit the plans, if required.
  4. Click Next.
  5. In the Cloud Site Name field, enter a name, e.g., Cloud-Site-from-Plan-1.
  6. In the Restore point time field, open the calendar window and select the restore point that will be used to create your VMs.
  7. Under Final DR plan, make sure the plan is up-to-date and correct.
  8. Click Run Recover.

The Hystax Acura control panel will display the Cloud Sites section. Wait until the Cloud-Site-from-Plan-1 status switches to Running.

Open the management console and make sure these actions moved the required resources and your applications are ready to run.

Perform disaster recovery

A real disaster recovery is no different to a test one:

  1. Open the Hystax Acura control panel. Click the Hystax logo.
  2. In the top navigation panel, select Run Cloud Site.

Repeat the test recovery steps.

How to delete the resources you created

Some resources are not free of charge. To avoid paying for them, delete the resources you no longer need:

  1. Delete hystax-acura-vm.
  2. Delete the secondary cloud-agent VMs.
  3. Delete the hystax-acura-account service account.

If you reserved a public static IP address, delete it.

Previous
Migrating data to Yandex Cloud using Hystax Acura
Next
Overview