My apologies in advance, starting a blog with a quote seems like a very cliched way of writing. However, when Benjamin Franklin said the following, he may as well have been talking about many businesses approach to IT disaster recovery:
“By failing to prepare, you are preparing to fail”
Preparing for failure is an essential part of any IT strategy as a failure of some kind is always lurking around the corner and failures have a really nasty habit of occurring at the worst possible moment.
I spent the formative years of my career working in large IT departments for investment banks and as a result have lost countless weekends and nights of sleep dealing with both IT disasters and disaster recovery tests.
With the advent of the cloud, the ability to prepare for disaster has never been easier, however the cloud is immeasurably more resilient than the average on premise data center. The result being that we are even more complacent, albeit this time the odds of a failure causing issues to our IT environments are lower. But that doesn’t mean an unexpected failure will not occur. It will. In recent years I’ve worked with clients who have had issues due to AWS outages, ransomware attacks, DDoS, Windows corruption, database crashes and good old fat fingered typing!
The best way to avoid a disaster is to build resiliance and redundancy into your applications. AWS makes this easy as they provide multiple regions to host your IT environments and within each region are multiple Availability Zones, which are basically separate data centers. The idea being that if one Availability Zone has an outage, your resources will carry on running in another Availability Zone.
But what if there were a regional outage? This is unlikely to happen and if it does, it would be a very rare event, however this is where you would start to look at regional replication and design your applications to be available in a different region should an outage occur.
Let’s take a look at some of the tools and features available to protect your environment from disaster in the AWS cloud.
This service was a long time coming and is now the centralized place to configure backups for EBS volumes, RDS instances, DynamoDB tables, EFS file systems and Storage Gateway volumes.
The service manages backups, retention periods and has been updated very recently to provide cross region replication. Meaning you can now automatically push your backups to a different region for easy recovery in the event of a regional outage.
CloudEndure Disaster Recovery
AWS purchased CloudEndure, the disaster recovery, continuous backup and live migration company, in early 2019 and a year later announced an integrated version of the service that simplifies the process.
The new service allows you to replicate the contents of your on-premises, virtual or cloud-based systems to a low-cost staging area in the AWS region of your choice within your AWS account. From an AWS perspective you can setup cross-region disaster recovery to create duplicate environments as and when they are needed.
And this wouldn’t be an AWS service without a dramatic price reduction. The service is available at a discount of 80% meaning that it costs around $20 per month per server you choose to replicate.
RDS Cross region Replication
Amazon RDS has long been a staple database service of AWS and the multi-AZ feature can provide resilience within a region. It also has capabilities to launch read replicas, these can exist within the same region or in a different region altogether using cross-region replication.
This means you can have standby replicas in your disaster recovery region that can be promoted to standalone instances, and become the primary, if an outage occurs.
The Amazon storage service offers automatic, asynchronous copying of your Amazon S3 buckets between different AWS regions or within the same region. Also, replicated data can be owned by the same AWS account or different accounts.
Databasable Lambda Functions
Another good option for disaster recover is to store copies of your backups in a backup AWS account. Some of the services listed above allow you to do just that, for example RDS read replicas and S3 cross region replication.
But, what if you wanted to store only your source EC2 and RDS backups in a backup account without running expensive, underutilized resources? Well it can be done, but it is a manual process. However, here at databasable we developed our own set of Lambda functions that can automatically copy your snapshots to a backup account for safe keeping on a pre-defined schedule and will keep the snapshots for a specified retention period.