Cloud Data

Cloud Computing Disaster Recovery Strategies

Cloud Computing Disaster Recovery Strategies – The disaster recovery strategies available to you in AWS can be broadly divided into four approaches, from low-cost and low-complexity backups to more complex strategies using multiple active zones. An active/passive strategy uses an active site (such as an AWS region) to serve workloads and traffic. A passive location (such as another AWS region) is used for recovery. A passive site does not actively serve traffic until a failover event is triggered.

It’s important to regularly evaluate and test your disaster recovery strategy to ensure you can implement it when needed. Use the AWS Resilience Hub to continuously verify and monitor the resilience of your AWS workloads, including whether you’re likely to meet your RTO and RPO goals.

Cloud Computing Disaster Recovery Strategies

Cloud Computing Disaster Recovery Strategies

For a well-designed and highly available disaster workload based on the outage or loss of a single physical data center, you only need a backup and recovery approach for disaster recovery. If your definition of a disaster goes beyond the disruption or loss of a physical data center and goes into a zone, or you are subject to regulatory requirements that require it, you should consider pilot lighting, standby or multi-site activation. active

Infographic: How To Plan A Cloud Disaster Recovery Strategy

When choosing a strategy and the AWS resources to implement it, remember that we typically distribute services in AWS.

. The data plane is responsible for providing real-time services while using control planes to configure the environment. For maximum resiliency, you should only use data plane operations as part of your failover operation. This is because data planes typically have higher availability design goals than control planes.

Backup and restore is a convenient approach to mitigate data loss or corruption. This approach can also be used to mitigate a regional disaster by replicating data to other AWS regions, or to mitigate a lack of redundancy for workloads deployed in a single Availability Zone. In addition to data, you must redeploy infrastructure, configuration, and application code in the recovery zone. To enable fast, error-free infrastructure relocation, you should always use Infrastructure as Code (IaC) using services like AWS CloudFormation or the AWS Cloud Development Kit (AWS CDK). Without IaC, recovering workloads in a recovery zone can be complicated, which can increase recovery time and exceed your RTO. In addition to user data, be sure to back up your code and configuration, including the Amazon Machine Images (AMIs) you use to create Amazon EC2 instances. You can use AWS CodePipeline to automate the movement of application code and configuration.

Your workload data needs a regularly scheduled or continuous backup strategy. How often you run backups determines your achievable recovery point (which should be consistent with your RPO). The backup should also offer a way to restore it to the time it was created. Backup with point-in-time recovery is available through the following services and resources:

Disaster Recovery In The Cloud

For Amazon Simple Storage Service (Amazon S3), you can use Amazon S3 Cross-Region Replication (CRR) to asynchronously copy objects to an S3 sector in a DR region, creating versions of stored objects and choosing to restore them. point Continuous data replication has the advantage of the shortest time (almost zero) to back up your data, but may not protect against catastrophic events such as data corruption or malicious attacks (such as unauthorized data deletion). Backing up time. Includes continuous replication of AWS services for the Pilot Lite segment.

AWS Backup provides a centralized location to configure, schedule, and monitor AWS backup capabilities for the following services and resources:

As an additional disaster recovery strategy for your Amazon S3 data, enable versioning of S3 objects. Object versioning protects your data in S3 from the effects of deletion or modification by preserving the original version before the operation. Object versioning can be a useful mitigation against human error. If you use S3 replication to back up data to your DR pool, by default, when an object is deleted in the source bucket, Amazon S3 adds a deletion flag to the source bucket only. This approach protects data in the DR area from malicious deletions in the source area.

Cloud Computing Disaster Recovery Strategies

In addition to data, you must back up the configuration and infrastructure needed to redeploy your workloads and meet your recovery time objective (RTO). AWS CloudFormation provides Infrastructure as Code (IaC), allowing you to define all the AWS resources in your workload so you can reliably deploy and move them across multiple AWS accounts and AWS Regions. You can back up the Amazon EC2 instances used by your workloads as Amazon Machine Images (AMIs). AMIs are created from snapshots of the root volume of your instance and any other EBS volumes attached to your instance. You can use this AMI to launch a recovery version of an EC2 instance. AMIs can be copied within or between regions. Or you can use AWS Backup to copy backups between accounts and to other AWS regions. The ability to back up between accounts helps protect against disasters, including insider threats or account compromise. AWS Backup adds additional capabilities to EC2 backup – in addition to individual EBS volumes, AWS Backup stores and tracks the following metadata on an instance: instance type, configured virtual private cloud (VPC), security group, IAM role, monitoring configuration, and tags. . However, this additional metadata is only used when restoring an EC2 backup to the same AWS region.

Disaster Recovery Strategies On Aws

Any data stored in the disaster recovery zone as a backup should be restored in the event of a failure. AWS Backup offers a restore option, but does not currently allow scheduled or automatic restores. You can automatically trigger restores to a DR using the AWS SDK to call the AWS backup APIs. You can set this as a regularly recurring task or trigger a restore after the backup is complete. The following figure shows an example of automatic renewal using Amazon Simple Notification Service (Amazon SNS) and AWS Lambda. Since data recovery from a backup is a control panel activity, it is a good idea to run a scheduled regular data recovery. If this operation was not available during the disaster, you still have working databases created from a recent backup.

Your backup strategy should include backup testing. For more information, see Testing disaster recovery. See AWS Well-Architected Lab: Testing Backups and Data Recovery for a hands-on implementation demonstration.

Access, you replicate your data from one region to another and provide a copy of your core workload infrastructure. The resources needed to support data replication and backup, such as databases and object storage, are always running. Other elements, such as application servers, are loaded with application code and configurations, but are “disconnected” and used only during testing or when disaster recovery fails. In the cloud, you have the flexibility to provision resources when you don’t need them and to provision them when you do. The best practice to “turn it off” is to not deploy the resource, then create the configuration and options to deploy it (“turn it on”) when needed. Unlike a backup and recovery approach, your underlying infrastructure is always available and you always have the ability to quickly provision a full production environment by running and scaling your application servers.

The pilot lightweight approach minimizes disaster recovery costs by minimizing operational resources and simplifies disaster recovery as all basic infrastructure requirements are met. This recovery option requires you to change the deployment approach. You need to make basic infrastructure changes for each region and simultaneously change the workload (configuration, code) for each region. This step can be simplified by automating your deployments and using Infrastructure as Code (IaC) to deploy infrastructure across multiple accounts and regions (deploying full infrastructure to the primary region and reducing/disabling infrastructure deployment to DR regions). It is recommended that you use a different account for each region to provide the highest level of resource isolation and security (expired credentials are part of your disaster recovery plans).

Creating A Disaster Recovery Plan For The Cloud

There is also a need to mitigate data disaster with this approach. Continuous data replication will protect you from some types of disasters, but it will not protect you from data corruption or destruction unless your strategy includes options for versioning or recovery of stored data over time. You can back up replicated data in a disaster zone to create point backups of the same zone.

In addition to using the AWS services listed in the Backup and Restore section to create backups over time, consider the following services for your pilot lighting strategy.

For pilot lighting, continuous data replication to live databases and data warehouses in the DR zone is the best approach for low RPO (when used in addition to the backups discussed above). AWS provides continuous asynchronous data replication between regions

Cloud Computing Disaster Recovery Strategies

Cloud disaster recovery, cloud disaster recovery services, disaster recovery in cloud computing ppt, vmware cloud disaster recovery, disaster recovery planning in cloud computing, cloud computing business continuity and disaster recovery, security and disaster recovery in cloud computing, disaster recovery in cloud computing pdf, disaster recovery plan cloud computing, cloud disaster recovery plan, cloud disaster recovery solutions, cloud computing disaster recovery

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button