AWS Summit Barcelona - Backup & Disaster Recovery

1,426 views

Published on

Published in: Technology, Business
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,426
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
116
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

AWS Summit Barcelona - Backup & Disaster Recovery

  1. 1. BACK UP & DISASTER RECOVERY Vadim Zendejas Solutions Architect
  2. 2. AGENDA Why AWS for disaster recovery AWS services that can be employed Common DR architectures Customer example Where to go next
  3. 3. HOT TOPIC FOR ENTERPRISES
  4. 4. HOT TOPIC FOR ENTERPRISES Floods in Europe Hurricane Sandy in USA Typhoons in South East Asia Earthquake in New Zealand Tsunami and flooding in Japan
  5. 5. « Everything fails all the time » Werner Vogels CTO of Amazon
  6. 6. WHY AWS FOR DISASTER RECOVERY?
  7. 7. REDUCE COSTS Reduce DR budgets considerably
  8. 8. REDUCE ON-PREMISE Reduce on-premise physical equipment
  9. 9. CONSOLIDATE SITES Eliminate the need to run a secondary site
  10. 10. REMOVE AGING TECHNOLOGIES Eliminate tape for backup and archive
  11. 11. FAST, SECURE AND COST EFFECTIVE BACKUP AND DR FOR ORACLE APPS
  12. 12. DR & BUSINESS CONTINUITY
  13. 13. DR IS PART OF A WIDER SET OF POLICIES AND CONTROLS HIGH AVAILABILITY Keep your applications running 24x7
  14. 14. DR IS PART OF A WIDER SET OF POLICIES AND CONTROLS HIGH AVAILABILITY BACKUP Keep your applications Make sure you data is running 24x7 safe
  15. 15. DR IS PART OF A WIDER SET OF POLICIES AND CONTROLS HIGH AVAILABILITY BACKUP DISASTER RECOVERY Keep your applications Make sure you data is Get your applications running 24x7 safe and data back after a major disaster
  16. 16. DR IS PART OF A WIDER SET OF POLICIES AND CONTROLS HIGH AVAILABILITY BACKUP DISASTER RECOVERY Keep your applications Make sure you data is Get your applications running 24x7 safe and data back after a major disaster IT’S NOT AN ALL OR NOTHING THING
  17. 17. EACH SET OF IT ASSETS WILL HAVE DIFFERENT REQUIREMENTS RECOVERY TIME OBJECTIVE (RTO) RECOVERY POINT OBJECTIVE (RPO) How quickly you need this How fresh the recovery asset to be recovered? must be for the asset? e.g. 1min? 15min? 1hr? e.g. zero data loss, 15mins 4hrs? 1day? out of date?
  18. 18. LEVEL OF AVAILABILITY REQUIRED REBUILD WHEN REQUIRED FROM OFFSITE BACKUP RUN HOT-HOT CONFIGURATION WITH AUTOFAILOVER
  19. 19. UTILITY, ON-DEMAND DATACENTER PRIMARY SITE SECONDARY SITE Routers Routers Firewalls Firewalls Network Network Application Licenses Application Licenses Operating Systems Operating Systems Hypervisor Hypervisor Servers Servers SAN SAN Primary Storage Primary Storage Backup Backup Archive Archive
  20. 20. UTILITY, ON-DEMAND DATACENTER PRIMARY SITE AWS Routers Routers Firewalls Firewalls Network Network Application Licenses Application Licenses Operating Systems Operating Systems Hypervisor Hypervisor Servers Servers SAN SAN Primary Storage Snapshot Storage Backup Backup Archive Archive
  21. 21. UTILITY, ON-DEMAND DATACENTER PRIMARY SITE Routers Firewalls Network Application Licenses Operating Systems $ AWS Routers Firewalls Network Application Licenses Operating Systems Hypervisor Hypervisor Servers Servers SAN SAN Primary Storage Snapshot Storage Backup Backup Archive Archive
  22. 22. AWS IS GLOBAL US-WEST (Oregon) EU-WEST (Ireland) GOV CLOUD ASIA PAC (Tokyo) US-EAST (Virginia) ASIA PAC (Sydney) US-WEST (N. California) ASIA PAC (Singapore) SOUTH AMERICA (Sao Paulo)
  23. 23. BACKUP AND DISASTER RECOVERY SYSTEM FOR ITS REMOTE SALES OFFICES
  24. 24. BUILT TO ENTERPRISE SECURITY STANDARDS CERTIFICATIONS PHYSICAL SECURITY HW, SW, NETWORK ISO 27001 Datacenters in nondescript Systematic change SOC 1 Type 2 (formerly facilities management SAS70), SOC 2, SOC 3 Physical access strictly Phased updates deployment PCI DSS Level 1 controlled Safe storage decommission DIACAP, FISMA, FIPS 140-2 Must pass two-factor Automated monitoring and HIPAA & ITAR Compliant authentication at least twice for self-audit Architecture floor access Advanced network protection Physical access logged and audited http://aws.amazon.com/security
  25. 25. AWS SERVICES THAT CAN BE EMPLOYED
  26. 26. STORAGE & TRANSFER SERVICES NETWORKING SERVICES FOUNDATION SERVICES Amazon Simple Storage Service (S3) AWS Direct Connect Amazon Elastic Compute Cloud (EC2) AWS Import/Export Amazon Virtual Private Cloud (VPC) Amazon Relational Database Service (RDS) AWS Storage Gateway Service Amazon Route 53 Amazon Elastic Block Storage (EBS)
  27. 27. AWS STORAGE IS IDEAL FOR DR SIMPLE STORAGE SERVICE ELASTIC BLOCK STORAGE Highly scalable object storage High performance block storage device 1 byte to 5TB in size 1GB to 1TB in size 99.999999999% durability Mount as drives to instances with snapshot/cloning functionalities
  28. 28. AWS STORAGE IS IDEAL FOR DR SIMPLE STORAGE SERVICE ELASTIC BLOCK STORAGE Highly scalable object storage High performance block storage device 1 byte to per GB/Month From $0.095 5TB in size 1GB to 1TB GB/Month From $0.10 per in size 99.999999999% durability Mount as drives to instances with snapshot/cloning functionalities
  29. 29. LONG TERM ARCHIVE AMAZON GLACIER Long term cold storage From $0.01 per GB/Month 99.999999999% durability
  30. 30. NETWORKING OPTIONS Internet Internet DIRECT CONNECT VPN CONNECTION VIRTUAL PRIVATE CLOUD Dedicated connection between your A Hardware VPN connection Private, isolated section of the AWS Cloud IT infrastructure and the AWS connects amazon environment to Launch resources in a virtual network that datacenters your datacenter you define Extend your network infrastructure Internet Protocol security (IPsec) Complete control over your virtual and VLANs into AWS Commonly used hardware supported networking environment
  31. 31. DISASTER RECOVERY SOLUTION TO BACKUP AND STORE CRITICAL MEDICAL IMAGE DATA
  32. 32. COMMON DR ARCHITECTURES
  33. 33. 4 MAIN PATTERNS Backup & Restore Pilot light Hot standby in AWS Multi-site solution in AWS & onpremise
  34. 34. BACKUP & RESTORE PATTERN
  35. 35. ADVANTAGES TO STARTING A JOURNEY WITH THIS PATTERN SIMPLE TO GET STARTED Very high levels of data durability Easy starting point for exploring the at low price AWS cloud COST EFFECTIVE Cost of storing snapshots in S3 Low technical barrier to entry Archiving possibilities beyond Focus on incorporating cloud into tape using Glacier your DR strategy, not on complex technical issues related to hot-hot systems
  36. 36. THE PREPARATION PROCESS TAKE BACKUPS OF CURRENT SYSTEMS
  37. 37. THE PREPARATION PROCESS TAKE BACKUPS OF CURRENT SYSTEMS STORE BACKUPS IN S3
  38. 38. THE PREPARATION PROCESS TAKE BACKUPS OF CURRENT SYSTEMS STORE BACKUPS IN S3 MOVE TO LONG TERM ARCHIVE IN GLACIER
  39. 39. THE PROCESS TAKE BACKUPS OF CURRENT SYSTEMS STORE BACKUPS IN S3 MOVE TO LONG TERM ARCHIVE IN GLACIER DETAIL HOW YOU WILL BE RESTORING FROM BACKUP OR RECOVER FROM ARCHIVE
  40. 40. PUSH BACKUPS TO AWS
  41. 41. STORE AMIS FOR SERVERS
  42. 42. RECOVER SERVERS DURING DR
  43. 43. AWS STORAGE GATEWAY AND BACKUP MANAGEMENT
  44. 44. RDS AND ORACLE RMAN
  45. 45. RESTORE TIMES REDUCED FROM 15 TO 2½ HOURS
  46. 46. PILOT LIGHT ARCHITECTURE
  47. 47. MOVING ALONG THE DR SPECTRUM BUILD RESOURCES AROUND REPLICATED DATASET Keep pilot light on by replicating core databases Build AWS resources around dataset and leave in stopped state
  48. 48. MOVING ALONG THE DR SPECTRUM BUILD RESOURCES AROUND REPLICATED DATASET SCALE RESOURCES IN AWS IN RESPONSE TO A DR EVENT Keep pilot light on by replicating Start up pool of resources in AWS core databases when events dictate Build AWS resources around dataset Match current production capacity and leave in stopped state through auto-scaling policies
  49. 49. MOVING ALONG THE DR SPECTRUM BUILD RESOURCES AROUND REPLICATED DATASET SCALE RESOURCES IN AWS IN RESPONSE TO A DR EVENT Keep pilot light on by replicating Start up pool of resources in AWS core databases when events dictate Build AWS resources around dataset Match current production capacity and leave in stopped state through auto-scaling policies SWITCH-OVER TO SYSTEM IN AWS
  50. 50. PILOT LIGHT Database replication Stopped instances
  51. 51. PILOT LIGHT Running instances
  52. 52. DR AND TESTING ENVIRONMENT REDUCING IT OVERHEAD AND INCREASING AVAILABILITY
  53. 53. HOT STANDBY ARCHITECTURE
  54. 54. WHY USE HOT STAND BY? LOW RESTORING TIME EXPECTED CONSISTENT DATA SET When the Recovery Time Objective And when the Recovery Point has a low time for recovery policy Objective has a higher level of consistency expected
  55. 55. HOT STANDBY
  56. 56. HOT STANDBY Redirect traffic
  57. 57. MULTI-SITE SOLUTION ON AWS AND ON PREMISE ARCHITECTURE
  58. 58. OBJECTIVES OF A MULT-SITE SOLUTION DOWNTIME IS CRITICAL SCALABILITY IS REQUIRED When almost no downtime is When primary site can not handle expected heavy loads
  59. 59. MULTI-SITE SOLUTION
  60. 60. MULTI-SITE SOLUTION Health Checkups
  61. 61. CUSTOMER EXAMPLE
  62. 62. EU region DR site for range of business applications All running in a Virtual Private Cloud (VPC) DR provision for applications dependent on Oracle and SQL Server databases Includes DR for Active Directory and Windows file shares
  63. 63. On-premise Data Centre A Internet On-premise Data Centre B AWS Direct Connect Active Directory Bastion Host SmartSentinel Client-to-site VPN VPC Subnet A Remote Desktops VPC Subnet D Proxy Server Site-to-site VPN VPC Subnet B Applications VPC Subnet C Databases VPC Subnet E VPC Subnet F Availability Zone Region S3 Buckets with Objects File Servers VPC Subnet G
  64. 64. On-premise Data Centre A On-premise Data Centre B Dual route connectivity Internet AWS Direct Connect Active Directory Bastion Host SmartSentinel Client-to-site VPN VPC Subnet A Remote Desktops VPC Subnet D Proxy Server Site-to-site VPN VPC Subnet B Applications VPC Subnet C Databases VPC Subnet E VPC Subnet F Availability Zone Region S3 Buckets with Objects File Servers VPC Subnet G
  65. 65. On-premise Data Centre A On-premise Data Centre B Active Directory Replication Internet AWS Direct Connect Active Directory Bastion Host SmartSentinel Client-to-site VPN VPC Subnet A Remote Desktops VPC Subnet D Proxy Server Site-to-site VPN VPC Subnet B Applications VPC Subnet C Databases VPC Subnet E VPC Subnet F Availability Zone Region S3 Buckets with Objects File Servers VPC Subnet G
  66. 66. On-premise Data Centre A Bastion Host Internet On-premise Data Centre B AWS Direct Connect Active Directory Bastion Host SmartSentinel Client-to-site VPN VPC Subnet A Remote Desktops VPC Subnet D Proxy Server Site-to-site VPN VPC Subnet B Applications VPC Subnet C Databases VPC Subnet E VPC Subnet F Availability Zone Region S3 Buckets with Objects File Servers VPC Subnet G
  67. 67. On-premise Data Centre A Internet On-premise Data Centre B AWS Direct Connect Active Directory Bastion Host SmartSentinel Client-to-site VPN VPC Subnet A Proxy Server Site-to-site VPN VPC Subnet B VPC Subnet C Database replication Remote Desktops VPC Subnet D Applications Databases VPC Subnet E VPC Subnet F Availability Zone Region S3 Buckets with Objects File Servers VPC Subnet G
  68. 68. On-premise Data Centre A Internet On-premise Data Centre B AWS Direct Connect Active Directory Bastion Host SmartSentinel Client-to-site VPN VPC Subnet A Proxy Server Site-to-site VPN VPC Subnet B VPC Subnet C Application images Remote Desktops VPC Subnet D Applications Databases VPC Subnet E VPC Subnet F Availability Zone Region S3 Buckets with Objects File Servers VPC Subnet G
  69. 69. On-premise Data Centre A Internet On-premise Data Centre B AWS Direct Connect Active Directory Bastion Host SmartSentinel Client-to-site VPN VPC Subnet A Remote Desktops VPC Subnet D Proxy Server Site-to-site VPN VPC Subnet B Applications VPC Subnet C Databases VPC Subnet E VPC Subnet F Availability Zone Region Durable data backups S3 Buckets with Objects File Servers VPC Subnet G
  70. 70. WHERE TO GO NEXT
  71. 71. RICH PARTNER ECOSYSTEM TECHNOLOGY AND SERVICES ORGANIZATIONS
  72. 72. http://aws.amazon.com/backup-storage http://aws.typepad.com http://aws.amazon.com/whitepapers
  73. 73. INFRASTRUCTURE IS NO LONGER A BARRIER
  74. 74. NO UP-FRONT EXPENSE On-Premise $ $ $ $ $ Physical Space Power Network Servers Certification Amazon Web Services 0 $ To get started
  75. 75. THE CLOUD MAKES BACKUP AND RECOVERY EASY ✔
  76. 76. YOU CAN GET STARTED FOR CENTS PER MONTH
  77. 77. THE CLOUD WILL SCALE TO ACCOMMODATE ALL OF YOUR DATA
  78. 78. FOCUS ON YOUR BUSINESS
  79. 79. aws.amazon.com get started on the free tier

×