Journey Through the AWS Cloud; Disaster Recovery

Journey through the Cloud: Disaster Recovery Ryan Shu3leworth – Technical Evangelist @ryanAWS

Journey through the cloud Common use cases & stepping stones into the AWS cloud Learning from customer journeys Best pracFces to bootstrap your projects

Disaster recovery Explore AWS for a ‘non-‐producFon’ use case Phase systems into ‘live’ DR use with relaFve ease Choose your success objecFves for a cloud project ‘out of band’

Agenda Why AWS for disaster recovery? AWS services that can be employed Common DR architectures Customer example Where to go next

Why AWS for Disaster Recovery?

AWS & Disaster Recovery AWS is used in a variety of ways… Fast, secure and cost eﬀec@ve DR and tes@ng environment reducing backup and DR for Oracle Apps IT overhead and increasing availability Backup and disaster recovery Disaster recovery solu@on to backup system for its remote sales oﬃces and store cri@cal medical image data

Business & technical drivers You might be able to: Reduce costs Reduce on-‐premise Slash DR budgets by up to 50% Eliminate 30%+ of on-‐premise physical equipment Consolidate sites Remove aging technologies Eliminate the need to run a secondary site Eliminate tape for backup and archive

DR & business conFnuity DR is part of a wider set of policies and controls… High availability Backup Disaster recovery Keep your applica@ons Make sure you data is safe Get your applica@ons and running 24x7 data back aPer a major disaster

DR & business conFnuity DR is part of a wider set of policies and controls… High availability Backup Disaster recovery Keep your applica@ons Make sure you data is safe Get your applica@ons and running 24x7 data back aPer a major disaster It’s not an all or nothing thing Choose what needs to failover and what does not Some things more important than others Some things will s@ll be working

DR & business conFnuity Each set of IT assets will have diﬀerent requirements… Recovery Time Recovery Point ObjecFve (RTO) ObjecFve (RPO) How quickly you need this asset to be How ‘fresh’ the recovery must be for the recovered? asset? e.g. 1min? 15min? 1hr? 4hrs? 1day? e.g. zero data loss, 15mins out of date?

DR & business conFnuity Assets will sit on a spectrum of technical complexity… Rebuild when Run hot-‐hot required from conﬁguraFon with oﬀsite backup auto-‐failover

UFlity, on-‐demand datacenter The fundamental economic model… Primary Site Secondary Site Routers Routers Firewalls Firewalls Network Network Applica@on Licenses Applica@on Licenses Opera@ng Systems Opera@ng Systems Hypervisor Hypervisor Servers Servers SAN SAN Primary Storage Primary Storage Backup Backup Archive Archive

UFlity, on-‐demand datacenter The fundamental economic model… Primary Site AWS Routers Routers Firewalls Firewalls Network Network Applica@on Licenses Applica@on Licenses Opera@ng Systems Opera@ng Systems Hypervisor Hypervisor Servers Servers SAN SAN Primary Storage Snapshot Storage Backup Backup Archive Archive

UFlity, on-‐demand datacenter The fundamental economic model… Primary Site AWS Routers Firewalls Secondary Routers Firewalls Network site costs Network Applica@on Licenses Applica@on Licenses Opera@ng Systems Opera@ng Systems Hypervisor Hypervisor Servers Servers SAN SAN Primary Storage Snapshot Storage Backup Backup Archive Archive

AWS is global Region Availability Zone

Built to enterprise security standards Cer6ﬁca6ons Physical Security HW, SW, Network SOC 1 Type 2 (formerly SAS70) Datacenters in nondescript SystemaFc change faciliFes management ISO 27001 Physical access strictly Phased updates deployment PCI DSS for EC2, S3, EBS, VPC, controlled RDS, ELB, IAM Safe storage decommission Must pass two-‐factor FISMA Moderate Compliant Automated monitoring and authenFcaFon at least twice Controls self-‐audit for ﬂoor access HIPAA & ITAR Compliant Advanced network protecFon Physical access logged and Architecture audited http://aws.amazon.com/security

AWS services that can be employed

Object storage & Networking services FoundaFon services transfer services Amazon Simple AWS Direct Amazon Elastic Storage Connect Compute Cloud Service (S3) (EC2) Amazon Virtual Private Cloud Amazon Relational AWS Import/Export (VPC) Database Service (RDS) Amazon Amazon AWS Storage Route 53 Gateway Service Elastic Block Storage (EBS)

AWS storage is ideal for DR S3 and Elas@c Block Store Simple Storage Service ElasFc Block Store Highly scalable object storage High performance block storage device 1 byte to 5TB in size 1GB to 1TB in size 99.999999999% durability Mount as drives to instances with snapshot/cloning func@onali@es

Objects in S3 1 Trillion 1000.000 750.000 500.000 250.000 0.000 750k+ peak transacFons per second

Networking options Internet Internet Direct Connect VPN ConnecFon Virtual Private Cloud Dedicated connec@on between your IT A Hardware VPN connec@on connects Private, isolated sec@on of the AWS Cloud infrastructure and the AWS datacenters amazon environment to your datacenter Launch resources in a virtual network that you Extend your network infrastructure and Internet Protocol security (IPsec) VPN deﬁne VLANs into AWS connec@on complete control over your virtual networking Commonly used hardware supported environment

Common DR architectures

Common DR architectures 4 main paherns Backup & Restore Pilot light Warm standby in Mul6-‐site solu6on AWS in AWS & on-‐ premise

Common DR architectures We’ll focus on 2 of them… Backup & Restore Pilot light Warm standby in Mul6-‐site solu6on AWS in AWS & on-‐ premise

Common DR architectures Let’s start with Backup & Restore Backup & Restore Pilot light Warm standby in Mul6-‐site solu6on AWS in AWS & on-‐ premise

Backup & Restore pa3ern Advantages to star@ng a journey with this pahern Simple to get started Cost eﬀecFve Easy star@ng point for exploring the Very high levels of data durability at AWS cloud low price Low technical barrier to entry Cost of storing snapshots in S3 Focus on incorpora@ng cloud into your Archiving possibili@es beyond tape DR strategy, not on complex technical using Glacier issues related to hot-‐hot systems

Backup & Restore pa3ern The prepara@on process… Take backups of Store backups Move to long term current systems in S3 archive in Glacier

Backup & Restore pa3ern The process… Take backups of Store backups Move to long term current systems in S3 archive in Glacier Detail how you will restoring from backup or recover from archive

Push backups to AWS

Store AMIs for servers

Recover servers during DR

Long term archive Amazon Glacier Glacier Long term cold storage From $0.01 per GB/Month 99.999999999% durability

AWS Storage Gateway and backup management

RDS and Oracle RMAN

Common DR architectures Let’s look at the Pilot Light pahern… Backup & Restore Pilot light Warm standby in Mul6-‐site solu6on AWS in AWS & on-‐ premise

Pilot light architecture Moving along the DR spectrum… Build resources around replicated dataset Keep ‘pilot light’ on by replica@ng core databases Build AWS resources around dataset and leave in stopped state

Pilot light architecture Moving along the DR spectrum… Build resources around Scale resources in AWS in replicated dataset response to a DR event Keep ‘pilot light’ on by replica@ng core Start up pool of resources in AWS when databases events dictate Build AWS resources around dataset and Match current produc@on capacity through leave in stopped state auto-‐scaling polcies

Pilot light architecture Moving along the DR spectrum… Build resources around Scale resources in AWS in replicated dataset response to a DR event Keep ‘pilot light’ on by replica@ng core Start up pool of resources in AWS when databases events dictate Build AWS resources around dataset and Match current produc@on capacity through leave in stopped state auto-‐scaling policies Switch-‐over to system in AWS

Pilot light Stopped instances

Pilot light Running instances

Customer example

EU region DR site for range of business applicaFons All running in a Virtual Private Cloud (VPC) DR provision for applicaFons dependent on Oracle and SQL Server databases Includes DR for AcFve Directory and Windows ﬁle shares

On-premise On-premise Data Centre A Data Centre B Internet AWS Direct Connect Active DirectoryBastion Host SmartSentinel Client-to-site VPN Site-to-site VPN Proxy Server VPC Subnet A VPC Subnet B VPC Subnet C Remote File Desktops Applications Databases ServersVPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G Availability Zone Region S3 Buckets with Objects

On-premise On-premise Data Centre A Data Centre B Dual route connectivity Internet AWS Direct Connect Active DirectoryBastion Host SmartSentinel Client-to-site VPN Site-to-site VPN Proxy Server VPC Subnet A VPC Subnet B VPC Subnet C Remote File Desktops Applications Databases ServersVPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G Availability Zone Region S3 Buckets with Objects

On-premise On-premise Data Centre A Data Centre B Active Directory Replication Internet AWS Direct Connect Active DirectoryBastion Host SmartSentinel Client-to-site VPN Site-to-site VPN Proxy Server VPC Subnet A VPC Subnet B VPC Subnet C Remote File Desktops Applications Databases ServersVPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G Availability Zone Region S3 Buckets with Objects

On-premise On-premise Data Centre A Data Centre BBastion Internet AWS Direct Connect Host Active Directory Bastion Host SmartSentinel Client-to-site VPN Site-to-site VPN Proxy Server VPC Subnet A VPC Subnet B VPC Subnet C Remote File Desktops Applications Databases Servers VPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G Availability Zone Region S3 Buckets with Objects

On-premise On-premise Data Centre A Data Centre B Internet AWS Direct Connect Active DirectoryBastion Host SmartSentinel Client-to-site VPN Site-to-site VPN Proxy Server VPC Subnet A VPC Subnet B VPC Subnet C Database replication Remote File Desktops Applications Databases ServersVPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G Availability Zone Region S3 Buckets with Objects

On-premise On-premise Data Centre A Data Centre B Internet AWS Direct Connect Active DirectoryBastion Host SmartSentinel Client-to-site VPN Site-to-site VPN Proxy Server VPC Subnet A VPC Subnet B VPC Subnet C Application images Remote File Desktops Applications Databases ServersVPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G Availability Zone Region S3 Buckets with Objects

On-premise On-premise Data Centre A Data Centre B Internet AWS Direct Connect Active Directory Bastion Host SmartSentinel Client-to-site VPN Site-to-site VPN Proxy Server VPC Subnet A VPC Subnet B VPC Subnet C Remote File Desktops Applications Databases Servers VPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G Availability Zone Region Desktopenvironments S3 Buckets with Objects

On-premise On-premise Data Centre A Data Centre B Internet AWS Direct Connect Active Directory Bastion Host SmartSentinel Client-to-site VPN Site-to-site VPN Proxy Server VPC Subnet A VPC Subnet B VPC Subnet C Remote File Desktops Applications Databases Servers VPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G Availability Zone RegionDurable data backups S3 Buckets with Objects

Where to go next

Rich partner ecosystem Technology and services organisa@ons

h3p://aws.amazon.com/backup-‐storage h3p://aws.typepad.com h3p://aws.amazon.com/whitepapers

Summary

The cloud makes backup and recovery easy You can get started for pennies per month The cloud will scale to accommodate all of your data You retain visibility and control of your informaFon

aws.amazon.com get started on the free Fer

Journey Through the AWS Cloud; Disaster Recovery

by Amazon Web Services on Oct 01, 2012

Accessibility

Categories

Upload Details

Usage Rights

Statistics

Journey Through the AWS Cloud; Disaster Recovery Presentation Transcript