AWS Webcast - Discover Disaster Recovery Solutions in the Cloud

Using the AWS Cloud for

Disaster Recovery

Gerard Ngo – Account Manager

Leo Zhadanovsky – Sr. Solutions Architect

Education and State/Local Government

What is AWS?

Basics of Disaster Recovery

Why AWS for Disaster Recovery?

AWS services that can be employed

Common DR architectures

Agenda

What is AWS?

Application Services

Compute Storage Databases

Networking

AWS Global Infrastructure

Deployment & Administration

AWS Platform

AWS Global Infrastructure

10 Regions

consisting of

26 Availability Zones

and

51 Edge Locations (CDN)

Customer Decides Where Applications and Data Reside

AWS Region View

- Independent/Separate Geographic Areas

- Isolated from other Regions (security boundary)

- = ~50 mile radius “clustered” data center architecture

- Comprised of multiple Availability Zones

- Availability Zone = 1 or more “data center”

- Availability Zones connected through redundant low-latency links

- Customer chooses a Region and Data stays within Region.

- Enables High-Availability Architecture

Availability

Zone A

Availability

Zone B

Availability

Zone C

Sample US Region

AWS Availability Zone (AZ) View

- Multiple Isolated locations within a Region

- Availability Zone = 1 or more “data center”

- Independent Failure Zone

- Physically separated

- On separate Low Risk Flood Plains

- Discrete UPS

- Onsite backup generation facilities

- Fed from different segments of utility provider

- Redundantly connected to multiple tier-1 ISP’s

- No “Disaster Recovery Datacenter”

- Built for Continuous Availability

- Customer decides Availability Zone for Compute

Availability

Zone A

Availability

Zone B

Availability

Zone C

Sample US Region

~ Data Center

Trusted by Enterprises Around the World

Public Sector Customers Worldwide

3800 public sector customers across the globe!

Certifications

SOC 2

ISO 27001

PCI DSS for EC2, S3, EBS,

VPC, RDS, ELB, IAM

FISMA Moderate Compliant

Controls

HIPAA & ITAR Compliant

Architecture

Physical Security

Datacenters in nondescript

facilities

Physical access strictly

controlled

Must pass two-factor

authentication at least twice

for floor access

Physical access logged and

audited

HW, SW, Network

Systematic change

management

Phased updates

deployment

Safe storage decommission

Automated monitoring and

self-audit

Advanced network

protection

Built to enterprise security standards

http://aws.amazon.com/security

Basics of Disaster

Recovery

DR is part of a wider set of policies and controls…

DR & business continuity

It’s not an all or nothing thing

Choose what needs to failover and what does not

Some things more important than others

Some things will still be working

High availability Backup Disaster recovery

Keep your applications

running 24x7

Make sure your data is protected

and can be recovered if it is lost

Get your applications and

data back after a major

disaster

Each set of IT assets will have different requirements…


Recovery Time Objective

(RTO)

How quickly you need this asset to be recovered?

e.g. 1min? 15min? 1hr? 4hrs? 1day?

Recovery Point Objective

(RPO)

How ‘fresh’ the recovery must be for the asset?

e.g. zero data loss, 15mins out of date?

Assets will sit on a spectrum of technical complexity…


Rebuild when

required from

offsite backup

Run hot-hot

configuration with

auto-failover

Why AWS for Disaster

Recovery?

The fundamental economic model…

Traditional, second datacenter

Primary Site Routers

Firewalls

Network

Application Licenses

Operating Systems

Hypervisor

Servers

SAN fabric

Primary Storage

Backup

Archive

Secondary Site Routers

Firewalls

Network


Operating Systems

Hypervisor

Servers

SAN fabric

Primary Storage

Backup

Archive

The fundamental economic model…

Utility, on-demand datacenter

Primary Site Routers

Firewalls

Network


Operating Systems

Hypervisor

Servers

SAN fabric

Primary Storage

Backup

Archive

AWS Routers

Firewalls

Network


Operating Systems

Hypervisor

Servers

SAN fabric

Snapshot Storage

Backup

Archive

Secondary

site costs

With utility services you might be able to:

Business & technical drivers

Reduce costs

Slash DR budgets by up to 50%

Reduce on-premise

Eliminate 30%+ of on-premise

physical equipment

Consolidate sites

Eliminate the need to run a

secondary site

Remove aging

technologies

Eliminate tape for backup and

archive

Challenges around Cost

Conventional DR Sites

High Cost

Low ROI

Implemented only for

most critical systems

Usually scaled down to

50% of production

Systems in a remote

region challenging

Cost Effective – On Demand Infrastructure

Disaster Recovery on AWS

Unprecedented

capabilities to implement

DR sites

Easily set up DR sites on

different geographic

regions

Cut down DR site cost by

up to 70%

Substantial savings on

software licenses

AWS services that can be

employed

Amazon

Simple

Storage

Service (S3)

AWS Import/Export

AWS Storage

Gateway Service

AWS Direct

Connect

Amazon Virtual

Private Cloud

(VPC)

Amazon

Route 53

Amazon Elastic

Compute Cloud

(EC2)

Amazon Relational

Database Service (RDS)

Amazon

Elastic Block

Storage (EBS)

Object storage &

transfer services

Networking services Foundation services

S3 and Elastic Block Store

AWS storage is ideal for DR

Simple Storage Service Highly scalable object storage

1 byte to 5TB in size

99.999999999% durability

Elastic Block Store High performance block storage device

Volumes of 1GB to 1TB in size

Mount as drives to instances with

snapshot/cloning functionalities

Glacier

Durable Designed for 99.999999999%

durability of archives

Cost effective Write-once, read-never. Cost effective for long

term storage. Pay for accessing data

3 to 5 hour Retrieval time

Direct Connect Dedicated connection between your IT

infrastructure and the AWS datacenters

Extend your network infrastructure and

VLANs into AWS

VPN Connection A Hardware VPN connection connects

amazon environment to your datacenter

Internet Protocol security (IPsec) VPN

connection

Commonly used hardware supported

Virtual Private Cloud Private, isolated section of the AWS Cloud

Launch resources in a virtual network that you

define

complete control over your virtual networking

environment

Internet

Internet

Connecting to AWS

4 main patterns


Backup & Restore Pilot light

Warm standby in

AWS

Multi-site solution in

AWS & on-premise

Let’s start with Backup & Restore



Warm standby in

AWS


AWS & on-premise

Advantages to starting a journey with this pattern

Backup & Restore pattern

Simple to get started

Easy starting point for exploring the AWS cloud

Low technical barrier to entry

Focus on incorporating cloud into your DR

strategy, not on complex technical issues

related to hot-hot systems

Cost effective

Very high levels of data durability at low price

Cost of storing snapshots in S3

Archiving possibilities beyond tape using Glacier

The preparation process…


Take backups of

current systems

Store backups

in S3

Move to long term

archive in Glacier

The process…


Take backups of

current systems

Store backups

in S3

Detail how you will restoring from backup or

recover from archive

Move to long term

archive in Glacier

Push backups to AWS

Recover servers during DR

Let’s look at the Pilot Light pattern…



Warm standby in

AWS


AWS & on-premise

Moving along the DR spectrum…

Pilot light architecture

Build resources

around replicated

dataset

Keep ‘pilot light’ on by replicating core

databases

Build AWS resources around dataset

and leave in stopped state

Scale resources in AWS

in response to a DR

event

Start up pool of resources in AWS when

events dictate

Match current production capacity

through auto-scaling policies

Pilot light

Let’s look at the Warm standby pattern…



Warm standby in

AWS


AWS & on-premise


Warm standby architecture

Build resources

around replicated

environment

Operate a warm standby by replicating

app servers and core databases


and run in limited capacity


Warm standby architecture

Build resources

around replicated

environment

Operate a warm standby by replicating

app servers and core databases


and run in limited capacity

Scale resources in AWS

in response to a DR

event

Scale up pool of resources in AWS when

events dictate

Match current production capacity

through auto-scaling policies

Warm standby - prep

Warm standby - recovery

Let’s look at the Multi-site pattern…



Warm standby in

AWS


AWS & on-premise


Multi-site architecture

Deploy resources

necessary to operate

full production

Operate a full stack by replicating app

servers and core databases

Fail over to AWS in

response to a DR event

Sufficient resources in AWS to handle full

peak load

Multi-site - prep

Multi-site - recovery

Where to learn more

Resources

Disaster Recovery on AWS: aws.amazon.com/disaster-recovery

Architecture Center: aws.amazon.com/architecture

Using AWS for Disaster Recovery

http://media.amazonwebservices.com/AWS_Disaster_Recovery.pdf

Backup and Recovery Approaches Using AWS

http://media.amazonwebservices.com/AWS_Backup_Recovery.pdf

http://aws.amazon.com/disaster-recovery/



http://aws.amazon.com/architecture





AWS Webcast - Discover Disaster Recovery Solutions in the Cloud

Technology

Transcript of AWS Webcast - Discover Disaster Recovery Solutions in the Cloud