Topics: •Availability metrics •Backup and restore •Pilot light •Warm standby •Multi-site active-active

1. Study Group: AWS SAA Guide
Chapter 08 -
Disaster Recovery Strategies
Sean
2020.May

2. AWS Certified Solutions
Architect Associate Guide
Chapter 8 Disaster Recovery Strategies

3. Topics
● Availability metrics
● Backup and restore
● Pilot light
● Warm standby
● Multi-site active-active

4. Availability Metrics
A quantitative perspective can be used to build a model to
represent the availability qualities of a system.
Availability = uptime ÷ (uptime + downtime)

5. A system's availability can be calculated by the number of nines in
the digits, representing the percentage of time a system is
operating, without downtime.

6. Disaster Recovery
災難恢復（Disaster recovery，也稱災備），指自然或人為災害後，重新啟用資
訊系統的資料、硬體及軟體裝置，恢復正常商業運作的過程。災難恢復規劃
是涵蓋面更廣的業務連續規劃的一部分，其核心即對企業或機構的災難性風
險做出評估、防範，特別是對關鍵性業務資料、流程予以及時記錄、備份、保
護。<維基 Disaster Recovery>

7. To design for resiliency (恢復能力), two terms come into play, as
follows:
● Recovery Time Objective (RTO) - 復原時間目標
● Recovery Point Objective (RPO) - 復原點目標
Business Impact Analysis

8. ● Once the service interruption is detected, the RTO is the time
from that point until the service is restored to its regular service
level.
● According to Organization(Operational) Level Agreement (OLA,
運行級別協議)
Recovery Time Objective (RTO)

9. Recovery Point Objective (RPO)
The Recovery Point Objective is the acceptable amount of data that
can be listed in the event of a downtime.

10. Recovery Point Objective (RPO)

11. AWS Disaster Recovery Pattern
● Backup and restore
● Pilot light
● Warm Standby
● Hot Standby (Multi-Site)

12. Disaster Prevention
● 災難已然發生，但是對於 IT 系統而言，能不能不用處理災難，而讓服務
照常運作。
● 實踐的關鍵：災難預防的關鍵在於資料 (data) 是否即時到位
● 複製 “Replication” 是將 DR 進化成 DP 的重要推手，也是災難預防的基
礎

13. Good Reference
Using Amazon Web Services for
Disaster Recovery (2014)

14. Backup and Restore (1)
Amazon S3 is the destination for
data backup. For long term data
storage, Amazon Glacier can be
used.

15. Backup and Restore (2)
If a disaster occurs, we need to
recover the data very quickly and
reliably. It can be executed by:
● Manual Intervention
● AWS Lambda performing the
health check of Route 53

16. Backup and Restore (3)

17. Pilot light(1)
In the Pilot Light method the core
piece of the system such as a
database is already running and up
to date in AWS.
The database is always activated
for data replication and for the
other layers, server images are
created and updated periodically.

18. Pilot light(2)
Route 53 will automatically fail
over to the warm standby, and,
with the use of Lambda
Amazon Cloud Formation can be
used to automate the provisioning
of these services. We can configure
load balancing and auto-scaling so
that when the traffic goes high the
service will scale up automatically.

19. Pilot light(3)

20. Warm Standby(1)
Warm Standby is an extended
version of Pilot Light
In the preparation phase, an on-site
solution and an AWS solution run
side-by-side. The warm standby is
always running and fully functional,
but with the minimal amount of
resources.

21. Warm Standby(2)
It uses Route 53 with the failover
routing policy, requiring to
implement a fail-fast code strategy,
to switch traffic to the new master
database.
Scale horizontally, to accommodate
for the current production traffic.
In order to build resiliency,
use multiple AZs.

22. Warm Standby(3)

23. Multi-site active-active (1)
In Multi-Site, the application runs
in AWS as well as on the existing
infrastructure also.
Here the DNS service supports
weighted routing. The traffic will go
to the standby infrastructure as
well as the existing infrastructure.

24. Multi-site active-active (2)
If a disaster occurs on the existing
system, the whole traffic is routed
to the new AWS environment. By
using auto-scaling, the capacity of
services rapidly increases to handle
the full production load.

25. Multi-site active-active (3)

26. AWS Route53
● Simple Routing
● Weighted Routing Policy
● Latency-based Routing
● Failover Routing
● Geolocation Routing
● Geoproximity Routing (Traffic Flow Only)
● Multivalue Answer Routing

27. Simple Routing

28. Weighted
Routing Policy

29. Latency-Based
Routing

30. Failover Routing

31. Geolocation
Routing Policy

32. Geoproximity
Routing

33. Multivalue
Answer Policy