Disaster recovery webinar - oct.7
-
Upload
amazon-web-services -
Category
Documents
-
view
747 -
download
3
description
Transcript of Disaster recovery webinar - oct.7
Using the AWS Cloud for Disaster Recovery
Gerard Ngo – Account Manager
AWS Worldwide Public Sector
What is AWS?
Basics of Disaster Recovery
Why AWS for Disaster Recovery?
AWS services that can be employed
Common DR architectures
Agenda
What is AWS?
Application Services
Compute Storage Databases
Networking
AWS Global Infrastructure
Deployment & Administration
AWS Platform
AWS Global Infrastructure
10 Regions
consisting of
26 Availability Zones
and
52 Edge Locations (CDN)
Customer Decides Where Applications and Data Reside
AWS Region View
- Independent/Separate Geographic Areas- Isolated from other Regions (security boundary)- = ~50 mile radius “clustered” data center architecture- Comprised of multiple Availability Zones- Availability Zone = 1 or more “data center”- Availability Zones connected through redundant low-
latency links - Customer chooses a Region and Data stays within Region.- Enables High-Availability Architecture
Availability Zone A
Availability Zone B
Availability Zone C
Sample US Region
AWS Availability Zone (AZ) View
- Multiple Isolated locations within a Region- Availability Zone = 1 or more “data center”- Independent Failure Zone- Physically separated- On separate Low Risk Flood Plains- Discrete UPS- Onsite backup generation facilities- Fed from different segments of utility provider- Redundantly connected to multiple tier-1 ISP’s- No “Disaster Recovery Datacenter”- Built for Continuous Availability- Customer decides Availability Zone for Compute
Availability Zone A
Availability Zone B
Availability Zone C
Sample US Region
~ Data Center
Trusted by Enterprises Around the World
Public Sector Customers Worldwide
3800 public sector customers across the globe!
Certifications
SOC 2
ISO 27001
PCI DSS for EC2, S3, EBS, VPC, RDS, ELB, IAM
FISMA Moderate Compliant Controls
HIPAA & ITAR Compliant Architecture
Physical Security
Datacenters in nondescript facilities
Physical access strictly controlled
Must pass two-factor authentication at least twice
for floor access
Physical access logged and audited
HW, SW, Network
Systematic change management
Phased updates deployment
Safe storage decommission
Automated monitoring and self-audit
Advanced network protection
Built to enterprise security standards
http://aws.amazon.com/security
Basics of Disaster Recovery
DR is part of a wider set of policies and controls…
DR & business continuity
It’s not an all or nothing thing
Choose what needs to failover and what does notSome things more important than others
Some things will still be working
High availability Backup Disaster recovery
Keep your applications
running 24x7
Make sure your data is protected
and can be recovered if it is lost
Get your applications and
data back after a major
disaster
Each set of IT assets will have different requirements…
DR & business continuity
Recovery Time Objective (RTO)
How quickly you need this asset to be recovered?
e.g. 1min? 15min? 1hr? 4hrs? 1day?
Recovery Point Objective (RPO)
How ‘fresh’ the recovery must be for the asset?
e.g. zero data loss, 15mins out of date?
Assets will sit on a spectrum of technical complexity…
DR & business continuity
Rebuild when required from offsite backup
Run hot-hot configuration with
auto-failover
Cus
tom
er fa
cing
tran
sact
iona
l
web
app
licat
ion
Inte
rnal
com
mun
icat
ions
sys
tem
Dai
ly s
ched
uled
pro
cess
es &
syst
ems
Bac
kend
repo
rting
sys
tem
&
data
base
Why AWS for Disaster Recovery?
The fundamental economic model…
Traditional, second datacenter
Primary SiteRouters
Firewalls
Network
Application Licenses
Operating Systems
Hypervisor
Servers
SAN fabric
Primary Storage
Backup
Archive
Secondary SiteRouters
Firewalls
Network
Application Licenses
Operating Systems
Hypervisor
Servers
SAN fabric
Primary Storage
Backup
Archive
The fundamental economic model…
Utility, on-demand datacenter
Primary SiteRouters
Firewalls
Network
Application Licenses
Operating Systems
Hypervisor
Servers
SAN fabric
Primary Storage
Backup
Archive
AWSRouters
Firewalls
Network
Application Licenses
Operating Systems
Hypervisor
Servers
SAN fabric
Snapshot Storage
Backup
Archive
Secondary site costs
With utility services you might be able to:
Business & technical drivers
Reduce costs
Slash DR budgets by up to 50%
Reduce on-premise
Eliminate 30%+ of on-premise physical equipment
Consolidate sites
Eliminate the need to run a secondary site
Remove aging technologies
Eliminate tape for backup and archive
Challenges around Cost
Conventional DR Sites
High Cost
Low ROI
Implemented only for
most critical systems
Usually scaled down to
50% of production
Systems in a remote
region challenging
Cost Effective – On Demand Infrastructure
Disaster Recovery on AWS
Unprecedented
capabilities to implement
DR sites
Easily set up DR sites on
different geographic
regions
Cut down DR site cost by
up to 70%
Substantial savings on
software licenses
AWS services that can be employed
Amazon Simple Storage
Service (S3)
AWS Import/Export
AWS Storage Gateway Service
AWS Direct Connect
Amazon Virtual Private Cloud
(VPC)
Amazon Route 53
Amazon Elastic Compute Cloud
(EC2)
Amazon Relational Database Service (RDS)
Amazon Elastic Block
Storage (EBS)
Object storage & transfer services
Networking services Foundation services
S3 and Elastic Block Store
AWS storage is ideal for DR
Simple Storage ServiceHighly scalable object storage
1 byte to 5TB in size
99.999999999% durability
Elastic Block StoreHigh performance block storage device
Volumes of 1GB to 1TB in size
Mount as drives to instances with
snapshot/cloning functionalities
Glacier
DurableDesigned for 99.999999999%
durability of archives
Cost effectiveWrite-once, read-never. Cost effective for long
term storage. Pay for accessing data
3 to 5 hour Retrieval time
Direct ConnectDedicated connection between your IT
infrastructure and the AWS datacenters
Extend your network infrastructure and
VLANs into AWS
VPN ConnectionA Hardware VPN connection connects
amazon environment to your datacenter
Internet Protocol security (IPsec) VPN
connection
Commonly used hardware supported
Virtual Private CloudPrivate, isolated section of the AWS Cloud
Launch resources in a virtual network that you
define
complete control over your virtual networking
environment
Internet
Internet
Connecting to AWS
Common DR architectures
4 main patterns
Common DR architectures
Backup & Restore Pilot light
Warm standby in AWS
Multi-site solution in AWS & on-premise
Let’s start with Backup & Restore
Common DR architectures
Backup & Restore Pilot light
Warm standby in AWS
Multi-site solution in AWS & on-premise
Advantages to starting a journey with this pattern
Backup & Restore pattern
Simple to get started
Easy starting point for exploring the AWS cloud
Low technical barrier to entry
Focus on incorporating cloud into your DR
strategy, not on complex technical issues
related to hot-hot systems
Cost effective
Very high levels of data durability at low price
Cost of storing snapshots in S3
Archiving possibilities beyond tape using
Glacier
The preparation process…
Backup & Restore pattern
Take backups of current systems
Store backups in S3
Move to long term archive in Glacier
The process…
Backup & Restore pattern
Take backups of current systems
Store backups in S3
Detail how you will restoring from backup or recover from archive
Move to long term archive in Glacier
Push backups to AWS
Recover servers during DR
Let’s look at the Pilot Light pattern…
Common DR architectures
Backup & Restore Pilot light
Warm standby in AWS
Multi-site solution in AWS & on-premise
Moving along the DR spectrum…
Pilot light architecture
Build resources around replicated
dataset
Keep ‘pilot light’ on by replicating core
databases
Build AWS resources around dataset
and leave in stopped state
Scale resources in AWS in response to a DR
event
Start up pool of resources in AWS when
events dictate
Match current production capacity
through auto-scaling policies
Pilot light
Pilot light
Let’s look at the Warm standby pattern…
Common DR architectures
Backup & Restore Pilot light
Warm standby in AWS
Multi-site solution in AWS & on-premise
Moving along the DR spectrum…
Warm standby architecture
Build resources around replicated
environment
Operate a warm standby by replicating
app servers and core databases
Build AWS resources around dataset
and run in limited capacity
Moving along the DR spectrum…
Warm standby architecture
Build resources around replicated
environment
Operate a warm standby by replicating
app servers and core databases
Build AWS resources around dataset
and run in limited capacity
Scale resources in AWS in response to a DR
event
Scale up pool of resources in AWS when
events dictate
Match current production capacity
through auto-scaling policies
Warm standby - prep
Warm standby - recovery
Let’s look at the Multi-site pattern…
Common DR architectures
Backup & Restore Pilot light
Warm standby in AWS
Multi-site solution in AWS & on-premise
Moving along the DR spectrum…
Multi-site architecture
Deploy resources necessary to operate
full production
Operate a full stack by replicating app
servers and core databases
Fail over to AWS in response to a DR event
Sufficient resources in AWS to handle full
peak load
Multi-site - prep
Multi-site - recovery
Where to learn more
Resources
Disaster Recovery on AWS: aws.amazon.com/disaster-recovery
Architecture Center: aws.amazon.com/architecture
Using AWS for Disaster Recoveryhttp://media.amazonwebservices.com/AWS_Disaster_Recovery.pdf
Backup and Recovery Approaches Using AWShttp://media.amazonwebservices.com/AWS_Backup_Recovery.pdf