Backup And Recovery Approaches Using Aws (detailed)

Bckup And Recovery Approches Usg Aws (detiled) AWS Whitepper: Bckup Recovery Approches Usg AWS [PDF] http://medi.mzwebservices.com/aws_bckup_recovery.pdf Decemr 09, 2014 Amz Web Services Bckup Recovery Approches Usg AWS Decemr 2012 Pge 4 12 In this cse, re is no need bck up server itself. Amz Web Services Bckup Recovery Approches Usg AWS Decemr 2012 Bckup Recovery Approches Usg Amz Web Services Decemr 2012 Sim Elish Pge 1 12 Amz Web Services Bckup Recovery Approches Usg AWS Decemr 2012 Abstrct Trditil enterprise bckup recovery strtegies typiclly tke n gent-bsed pproch whereby entire ctents server re bcked up over eir locl re network (LAN) or srge re network (SAN). Trditil rchitectures hve required this pproch cuse replcg d compents is complex, time csumg, opertilly tensive. This hs, turn, creted bckup envirment tht is complex mnge resource tensive operte requirg technologies such s dt de-duplicti virtul tpe librries cope with evercresg worklods. The AWS pltm enbles fr more lightweight pproch bckup recovery due, prt, followg chrcteristics: Computers re now virtul bstrct resources stntited vi code rr thn g hrdwre-bsed. Cpcity is vilble t crementl cost rr thn up-frt cost. Resource provisig tkes plce mutes, lendg itself rel-time cfigurti. Server imges re vilble -dem, cn mted by n orgnizti, cn ctivted immeditely. These chrcteristics fer you opportunities recover deleted or corrupted dt with less frstructure overhed. This pper is tended descri some high-level ccepts you cn leverge deliver less complex, lightweight dt bckup recovery cpbilities. Pge 2 12 Amz Web Services Bckup Recovery Approches Usg AWS Decemr 2012 Protectg Cfigurtis Rr Thn Servers The Amz Elstic Compute Cloud (Amz EC21) service enbles bckup recovery strd server, such s web server or pplicti server, so tht you cn focus protectg cfigurti stteful dt rr thn server itself. This set dt is much smller thn ggregte set server dt, which typiclly cludes vrious pplicti s, opertg system s, temporry s, so. This chnge pproch mens tht regulr nightly crementl or weekly full bckups cn tke fr less time csume less srge spce. When compute stnce is strted Amz EC2, it is bsed up n Amz Mche Imge (AMI)2 cn lso cnect existg srge volumes exmple, Amz Elstic Block Sre (Amz )3. In dditi, when lunchg new stnce, it is possible pss user dt 4 stnce tht cn ccessed ternlly s dynmic cfigurti prmeters. A smple workflow is s follows: Lunch new stnce web server, pssg it identity web server ny security credentils required itil setup. The stnce is bsed up pre-built AMI tht cts opertg system relevnt web-server pplicti (e.g., Apche or IIS). Up strtup, boot script ccesses designted secured Amz Simple Srge Service (Amz S3)5 bucket tht cts specified cfigurti (s). The cfigurti cts vrious structis settg up server (e.g., web server prmeters, loctis relted servers, dditil stwre stll, ptch updtes). The server executes specified cfigurti is redy service. An open source ol permg this process, clled cloud-it6, is lredy stlled Amz Lux AMIs is lso vilble numr or Lux distributis. Figure 1: Trditil Bckup Approch Figure 2: Amz EC2 Bckup Approch 1 http://ws.mz.com/ec2/ 2 http://docs.mzwebservices.com/awsec2/ltest/userguide/dex.html?amis.html 3 http://ws.mz.com/ebs/ 4 http://docs.mzwebservices.com/awsec2/ltest/userguide/dex.html?aesdg-chpter-stncedt.html 5 http://portfold.com/prt/detiled/62/ 1/136

http://ws.mz.com/s3/ 6 https://lunchpd.net/cloud-it Pge 3 12 Amz Web Services Bckup Recovery Approches Usg AWS Decemr 2012 In this cse, re is no need bck up server itself. The relevnt cfigurti is cted combti AMI cfigurti (s). So ly compents requirg bckup recovery re AMI cfigurti (s). Csider web frm 10 servers, ech with n opertg system relted cfigurti s 5 GB per server requirg 50 GB srge network cpcity do full bckup. (Web ctent is typiclly sred seprte reposiry tht is bcked up dependently.) Ctrst this AWS pproch where you need protect ly AMI (, sy, 5 GB) relevnt cfigurti s (typiclly tens KB). This drmticlly reduces overhed bckup recovery, elimtes bckup wdows, provides effective versi ctrol envirment. GB Per Full Weekly Bckup 50 40 30 20 10 0 Cventil AWS Figure 3: Exmple reducti bckup dt volume Self-Cfigurg Instnces Cretg Flexibility Deployment Optis Becuse you cn strt sp stnces t will, hve different versis n pplicti runng ccurrently, you cn leverge more sophisticted flexible deployment optis. The self-cfigurti stnces enbles you implement techniques such s rollg-upgrdes A/B testg envirment. For exmple, implement new versi n pplicti server rchitecture, you cn tke followg pproch: 1. Crete new stnce pplicti bsed up correct AMI versi relevnt cfigurti s. In our exmple, we cll this Applicti Versi 2.0. 2. Mp Applicti Versi 2.0 relevnt lod blncer so it is now rotti servers vilble service cusmer request. 3. Once you cfirm tht Applicti Versi 2.0 is producti, you cn sp or termte existg Applicti Versi 1.0 stnces. 4. At this pot, entire pplicti is opertg versi 2.0 mode without outges with simple rollbck cpbility versi 1.0 usg spped stnces. Pge 4 12 Amz Web Services Bckup Recovery Approches Usg AWS Decemr 2012 To tke this exmple furr, you my wnt utilize A/B testg new pplicti cpbilities or fetures. In sme wy tht you were ble troduce new versi pplicti server rchitecture rollg upgrde, you cn use lod blncer direct cert cusmers prticulr (new versi) stnces pplicti, while remg cusmers ctue use existg versi pplicti. Figure 4: Rollg Upgrde Addg new versi stnces Figure 5: Rollg Upgrde Decommissi termte old versis Or importnt spects csider re security remediti compromises. Becuse stnces re esily replced, you cn focus strtegy replce rr thn repir. This strtegy significntly reduces respse speed complexity. For exmple, csider ctent mngement system (CMS) tht hosts your Internet presence. For some res, ltest versi code hs not en deployed, hckers know bout re exploitg security brech your site. Forensiclly nlyzg which stnces re compromised is time csumg, tryg snitize ech e is ten impossible do with 100% certty. Insted, you simply termte compromised stnces replce m with fresh es. These new stnces would n leverge updted cfigurti s ensure tht ltest ptched versis stwre re lwys deployed. By tkg this pproch, you elimte risk security brech tht is not completely remedited gurntee tht new stnces re not compromised. This pproch lso provides n effective wy rchitect filure, which is key design pttern when deployg distributed systems t scle. Becuse you cn umticlly replce compents t will, unexpected filures need not ffect service delivery. Pge 5 12 Amz Web Services Bckup Recovery Approches Usg AWS Decemr 2012 http://portfold.com/prt/detiled/62/ 2/136

Bckup Recovery Amz Mche Imge (AMI) AMIs tht you register re umticlly sred your ccount usg Amz snpshots. These snpshots reside Amz S3 re highly durble7. This mens tht underlyg srge mechnism AMIs is protected from multiple filure scenrios. It is lso possible shre AMIs tween seprte AWS ccounts. Csequently, you cn crete tlly dependent copies AMI by: Shrg origl AMI nor specified AWS ccount tht you ctrol Strtg new stnce bsed up shred AMI Cretg new AMI from tht runng stnce The new AMI is n sred secd ccount is n dependent copy origl AMI. Of course, you cn lso crete multiple copies AMI with sme ccount. Bckup Recovery Cfigurti Files Cusmers use vriety versi mngement pproches cfigurti s, you cn follow sme regime s used cfigure your Amz EC2 stnces. For exmple, you could sre different versis cfigurti s designted loctis securely ctrol m like ny or code. You n bck up se code reposiries usg pproprite bckup cycle (e.g., dily, weekly, mthly) snpshots protected loctis. Furrmore, you could use Amz S3 sre your cfigurti s, tkg dvntge durbility service e dditi bckg up s n lternte locti regulr bsis. Bootstrp pproches re limited ly by your imgti. We recommend usg AWS CloudFormti templtes s you cn descri your AWS resources, ny ssocited dependencies or runtime prmeters simple JSON. Bckg Up Dtbse File Servers Bckg up dt dtbse servers differs from web pplicti lyers. In generl, dtbse servers ct lrger mounts busess dt (tens GB multiple TB) tht must reted protected t ll times. In se cses, you cn leverge efficient dt movement techniques such s snpshots crete bckups tht re fst, relible, spce efficient. For dtbses tht re built up RAID-sets Amz volumes ( hve tl srge less thn 1 TB), n lterntive bckup pproch is synchrously replicte dt nor dtbse stnce built usg sgle Amz volume. While destti Amz volume will hve slower permnce, it is not g used dt ccess cn esily snpshotted Amz S3 usg Amz snpshot cpbility (see Snpshot Optis Amz secti). 7 http://ws.mz.com/s3/ - protectg Pge 6 12 Amz Web Services Bckup Recovery Approches Usg AWS Decemr 2012 Alterntive Bckg Up Sttic Ctent If you mnge lrge dt sets sttic mti (e.g., mp tiles or web site grphics), you cn opt migrte tht dt Amz S3, which is designed provide 99.999999999% durbility object srge. This enbles dt both highly durble while lso g served directly from Amz S3 rr thn vi web servers potentilly improvg pplicti permnce. To protect gst logicl corrupti, you cn lso use techniques such s object versig8, MFA Delete9 simply copyg dt nor Amz S3 bucket. Snpshot Optis Amz Amz EC2 volumes use Amz sre block-bsed dt. Exmples this re systems dtbses. Amz ntively enbles you crete snpshot volume Amz S3 usg AWS Mngement Csole, comm le terfce (CLI), or APIs. Usg csole, clickg Crete Snpshot opti commences creti snpshot Amz S3. Figure 3 Cretg snpshot from Amz usg csole. You cn lso crete snpshot usg ec2-crete-snpshot comm. When you pply se comms bckup strtegy, you protect your dt directly durble disk-bsed srge. You cn schedule issue comms regulr bsis, due ecomicl pricg Amz S3, you cn ret mny genertis dt. Furr, cuse snpshots re block-bsed, you csume spce ly chnged dt fter itil snpshot is creted. 8 9 http://docs.mzwebservices.com/amzs3/ltest/dev/versig.html http://docs.mzwebservices.com/amzs3/ltest/dev/usgmfadelete.html Pge 7 12 Amz Web Services Bckup Recovery Approches Usg AWS Decemr 2012 To resre dt from snpshot, use csole or CLI comm ec2-crete-volume crete new volume from n existg snpshot. For exmple, resre volume prior pot--time bckup, you could use followg sequence: 1. Crete new volume from bckup snpshot usg followg comm: http://portfold.com/prt/detiled/62/ 3/136

ec2-crete-volume z us-west-1b snpshot MySnpshotNme 2. With Amz EC2 stnce, un-mount existg volume (e.g., by usg umount Lux or Logicl Volume Mnger Wdows). 3. Detch existg volume from stnce usg followg comm: ec2-detch-volume OldVolume 4. Attch new volume tht ws creted from snpshot usg followg comm: ec2-ttch-volume VolumeID I InstnceID d Device 5. Remount volume runng stnce. This process enbles fst relible wy resre full volume dt s needed. If you need ly prtil resre, you cn ttch volume runng stnce under different device nme, mount it, n use opertg system copy comms copy dt from bckup volume producti volume. Amz snpshots cn lso copied tween AWS Regis usg Amz snpshot copy cpbility vi Csole, API or GUI10. This enbles dt protected out regi without hvg mnge underlyg replicti technology. Cretg Csistent or Hot Bckups When you bck up system, it is idel hve system quiet stte where it is not permg ny processg. From bckup perspective, idel stte is mche tht is cceptg no trffic but this idel is cresgly rre s 24/7 IT opertis come norm. As such, it is necessry quiesce system or dtbse order tke clen bckup. How you do this depends your dtbse /or system so due diligence is required. To summrize process dtbse: If possible, put dtbse hot bckup mode. Alterntively, crete red replic copy dtbse; this is copy dtbse tht is up dte, but runs seprte stnce. Keep md tht, AWS, you cn run this stnce durti required perm bckup n close it down svg resources. Also note tht re my permnce impct primry dtbse durg existence red replic due dditil replicti worklod. Issue relevnt Amz snpshot comms. Tke dtbse out hot bckup mode, or if usg red replic, termte red replic stnce. Bckg up system works similrly, depends highly cpbilities prticulr opertg system or system. An exmple system tht cn flush its dt csistent bckup is xfs (xfs_freeze). If system questi does not support bility freeze, you should un-mount it, issue snpshot comm, 10 http://docs.ws.mz.com/awsec2/ltest/userguide/ebs-copy-snpshot.html Pge 8 12 Amz Web Services Bckup Recovery Approches Usg AWS Decemr 2012 n re-mount system. Alterntively, you cn fcilitte this process by usg logicl volume mnger tht supports freezg I/O. Becuse snpshot process is fst execute, cptures pot time, volumes you re bckg up ly need un-mounted mtter secds. This ensures tht bckup wdow is s smll s possible, tht outge time is predictble cn effectively scheduled. While dt copy process cretg snpshot my tke lger, snpshot ctivity requirg volume un-mounted is very quick. D t cfuse two processes when structurg your bckup regime. Bckups Amz Reltil Dtbse Service The Amz Reltil Dtbse Service (Amz RDS)11 cludes umted bckups. This mens tht you do not need issue specific comms crete bckups your dtbse. Amz RDS provides two different methods bckg up resrg your DB Instnce(s); umted bckups dtbse snpshots (DB Snpshots). Aumted bckups enble pot--time recovery your DB Instnce. When umted bckups re turned your DB Instnce, Amz RDS umticlly perms full dily bckup your dt (durg your preferred bckup wdow) cptures trnscti logs (s updtes your DB Instnce re mde). When you itite pot--time recovery, trnscti logs re pplied most pproprite dily bckup order resre your DB Instnce specific time you requested. Amz RDS rets bckups DB Instnce limited, user-specified period time clled retenti period, which by defult is e dy but cn set up thirty-five dys. You cn itite pot--time resre specify ny secd durg your retenti period, up Ltest Resrble Time. You cn use DescriDBInstnces cll return ltest resrble time your DB Instnce(s), which is typiclly with lst five mutes. Alterntively, you cn fd Ltest Resrble Time DB Instnce by selectg it AWS Mngement Csole lookg Descripti tb lower pnel csole. DB Snpshots re user-itited enble you bck up your DB Instnce known stte s frequently s you wish, n resre tht specific stte t ny time. DB Snpshots cn creted with AWS Mngement Csole or by usg CreteDBSnpshot cll re kept until you explicitly delete m with csole or DeleteDBSnpshot cll. Note tht when you resre pot time or from DB Snpshot, new DB Instnce is creted with new endpot. (If you wnt, you cn delete old DB Instnce by usg AWS Mngement Csole or DeleteDBInstnce cll.) You do this so you cn crete multiple DB Instnces from specific DB Snpshot or pot time. Multi-Volume Bckups In some cses, you my stripe dt cross multiple Amz volumes usg logicl volume mnger order crese potentil throughput. When usg logicl volume mnger (e.g., mddm or LVM), it is importnt perm bckup from volume mnger lyer rr thn underlyg devices. This ensures ll metdt is csistent tht vrious sub-compent volumes re coherent. In se cses, you cn use ec2-crete-snpshot comm this type bckup with logicl volume mnger. You cn tke numr pproches ccomplish this, n exmple g script creted by lestic.com (http://lestic.com/2009/09/ec2-csistent-snpshot). 11 http://ws.mz.com/rds/ Pge 9 12 http://portfold.com/prt/detiled/62/ 4/136

Amz Web Services Bckup Recovery Approches Usg AWS Decemr 2012 You cn lso perm bckups this nture from logicl volume mnger or system level. In se cses, usg trditil bckup gent enbles dt bcked up over network. When usg ols such s Zm, NetBckup, or CommVult, it is importnt rememr tht y expect csistent server nme/ip ddress. As result, usg se ols ccert with stnces deployed Virtul Privte Cloud (VPC)12 is st method ensure relibility. An lterntive pproch is crete replic primry system volumes tht exist sgle lrge volume. This simplifies bckup process, s ly e lrge volume needs bcked up, bckup does not tke plce primry system. However, it is importnt scert wher sgle volume cn perm sufficiently mt chnges durg bckup wher mximum volume size is pproprite pplicti. Or Bckup Recovery Integrti Pots Orcle Bckup Usg Orcle Secure Bckup Cloud Module Amz S3 Dtbse dmistrrs re lwys seekg efficient wys protect dt cted Orcle dtbses. Orcle hs mde vilble bility bckup dt directly from Orcle dtbse Amz S3 buckets. This mens tht bckups tke dvntge ecomicl durble srge mde vilble by Amz S3 with ntive tegrti Orcle dtbse frmework opertil procedures usg RMAN. Furr mti bout stllti operti OSB Cloud Module cn found t http://ws.mz.com/orcle. This pproch bckup Orcle enbles low-cost, relible f-premise bckup Orcle dtbses, cn pply Orcle dtbses hosted both -premise Amz EC2. Sendg On-Premises Bckups Amz S3 Mny bckup stwre vendors now support Amz S3 s bckup destti (e.g., CommVult Simpn Stwre Cloud Srge Cnecr, SecoBckup, Zm). Furr, mny srge gtewys fer tegrti tween existg bckup stwre Amz S3 srge (e.g., Nsuni Riverd). This is useful providg n f-site bckup tht is both durble cost effective elimtg complexity security risks f-site tpe mngement. You cn lso leverge AWS Direct Cnect13 provide dedicted lk Amz S3 over which your dt is sent. This provides potentil both higher dedicted bwidth privte cnectivity. AWS Srge Gtewy14 lso provides useful method send bckups Amz S3, enblg semless dt migrti tween AWS s cloud srge -premises pplictis. AWS Srge Gtewy sres volume dt loclly your frstructure, AWS. In dditi srge replicti, it sres dt s n Amz Snpshot, which you cn use 12 http://ws.mz.com/vpc/ 13 http://ws.mz.com/directcnect/ 14 http://ws.mz.com/srgegtewy Pge 10 12 Amz Web Services Bckup Recovery Approches Usg AWS Decemr 2012 recover dt present it your Amz EC2 stnces. This mkes recovery processes efficient repetble. Mngg Bckup Genertis Security When permg bckups n gog bsis, it is importnt implement effective bckup rotti strtegies reduce srge overhed, ensure correct versis dt re mted s per busess requirements. A detiled discussi bckup rotti procols is yd scope this pper. Procols side, if your dt is sensitive, you should encrypt it while it s trnsit t rest s prt bckup process. An terestg soluti bckup rotti encrypti requirement is s3npbck ol: http://dev.dvidsoergel.com/trc/s3npbck/. When usg Amz RDS, your bckups re creted umticlly reted up 8 dys enblg recovery DB Instnces ny secd with tht period up lst 5 mutes. Lg-Term Dt Archivl Mny cusmers hve requirement ret digitl mti lg periods time (e.g., 7 yers, 21 yers, life ptient, or determte durti) mt whereby it cn retrieved when needed, lit frequently. This presents chllenge g ble sre lrge ( ctully growg) volumes mti mnner tht is durble, ecomicl, low-mtennce. The Amz Glcier15 service is designed enble cusmers efficiently relibly sre unlimited mounts rchivl dt t low cost, with high durbility (i.e., designed provide verge nnul durbility 99.999999999%), lg periods time. You cn choose retrieve your dt nytime with 3 5 hour time wdow, rr thn stntneously. This enbles you effectively meet dul ( ten cflictg) gols cost effective lg-term srge ner rel-time dt retrievl. In Amz Glcier, dt is sred s rchives tht re uploded Amz Glcier orgnized vults, which cusmers cn ctrol ccess usg AWS Identity Access Mngement (IAM)16 service. You retrieve dt by schedulg job, which typiclly completes with 3 5 hours. Amz Glcier tegrtes semlessly with or AWS services such s Amz S3 AWS srge dtbse services. Amz S3 enbles you crete lifecycle policies tht will rchive dt Glcier ( llow retrievl) umticlly.17 http://portfold.com/prt/detiled/62/ 5/136

Cusmers cn tegrte Amz Glcier ir existg bckup 15 http://ws.mz.com/glcier 16 http://ws.mz.com/im 17 http://docs.ws.mz.com/amzs3/ltest/dev/object-rchivl.html Pge 11 12 Amz Web Services Bckup Recovery Approches Usg AWS Decemr 2012 rchive ols processes such tht it represents new tier srge useful ny dt kept lg periods time. Furrmore, if you hve existg tpe-bsed rchives, you cn migrte m Amz Glcier usg AWS Import/Export service18 whereby physicl devices cn shipped AWS direct gesti relevnt Amz Glcier vults. Cclusi The AWS pltm provides new more flexible optis frstructure cfigurti tht enble fr more efficient cost-effective bckup recovery regime enterprise cusmers. By evolvg cert processes procedures from current legcy pproches stte---rt frstructure s code pproch, you cn chieve correct level bckup recovery your pplictis while reducg bckup frstructure complexity. Furr Redg 1. Bckup Srge Webpge - https://ws.mz.com/bckup-srge/ 2. Step-by-step video series how bckup your Orcle Dtbses Amz S3 usg Orcle Secure Bckup Cloud Module - https://ws.mz.com/bckup-srge/gsg-orcle-rmn/ 18 http://ws.mz.com/importexport Pge 12 12 Usg Amz Web Services Disster Recovery http://d36cz9buwru1tt.cloudfrt.net/aws_disster_recovery.pdf Decemr 09, 2014 Key steps recovery: 1. Strt your pplicti Amz EC2... followg steps outle different fil-bck pproches: Bckup... Amz Web Services Usg... Amz Web Services Usg AWS Disster Recovery Ocr 2014 Usg Amz Web Services Disster Recovery Ocr 2014 Glen Robs, Attil Nr, Chris Ellemn Pge 1 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 Ctents Introducti......3 Recovery Time Objective Recovery Pot Objective...4 Trditil DR Investment Prctices...4 AWS Services Fetures Essentil Disster Recovery...5 Exmple Disster Recovery Scenrios with AWS...9 Bckup Resre......9 Pilot Light Quick Recovery AWS... 11 Wrm Stby Soluti AWS... 14 http://portfold.com/prt/detiled/62/ 6/136

Multi-Site Soluti Deployed AWS On-Site... 16 AWS Producti n AWS DR Soluti Usg Multiple AWS Regis... 18 Replicti Dt...... 18 Filg Bck from Disster...... 19 Improvg Your DR Pln...... 20 Stwre Licensg DR.... 21 Cclusi...... 21 Furr Redg...... 22 Document Revisis...... 22 Pge 2 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 Abstrct In event disster, you cn quickly lunch resources Amz Web Services (AWS) ensure busess ctuity. This whitepper highlights AWS services fetures tht you cn leverge your disster recovery (DR) processes significntly mimize impct your dt, your system, your overll busess opertis. The whitepper lso cludes scenrios tht show you, step-by-step, how improve your DR pln leverge full potentil AWS cloud disster recovery. Introducti Disster recovery (DR) is bout preprg recoverg from disster. Any event tht hs negtive impct compny s busess ctuity or fnces could termed disster. This cludes hrdwre or stwre filure, network outge, power outge, physicl dmge buildg like fire or floodg, humn error, or some or significnt event. To mimize impct disster, compnies vest time resources pln prepre, tr employees, document updte processes. The mount vestment DR plnng prticulr system cn vry drmticlly dependg cost potentil outge. Compnies tht hve trditil physicl envirments typiclly must duplicte ir frstructure ensure vilbility spre cpcity event disster. The frstructure needs procured, stlled, mted so tht it is redy support nticipted cpcity requirements. Durg norml opertis, frstructure typiclly is under-utilized or over-provisied. With Amz Web Services (AWS), your compny cn scle up its frstructure n s-needed, py-s-you-go bsis. You get ccess sme highly secure, relible, fst frstructure tht Amz uses run its own globl network websites. AWS lso gives you flexibility quickly chnge optimize resources durg DR event, which cn result significnt cost svgs. This whitepper outles st prctices improve your DR processes, from miml vestments full -scle vilbility fult lernce, shows you how you cn use AWS services reduce cost n d ensure busess ctuity durg DR event. Pge 3 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 Recovery Time Objective Recovery Pot Objective This whitepper uses two comm dustry terms disster plnng: Recovery time objective (RTO) 1 The time it tkes fter disrupti resre busess process its service level, s defed by opertil level greement (OLA). For exmple, if disster occurs t 12:00 PM (no) RTO is eight hours, DR process should resre busess process cceptble service level by 8:00 PM. Recovery pot objective (RPO) 2 The cceptble mount dt loss mesured time. For exmple, if disster occurs t 12:00 PM (no) RPO is e hour, system should recover ll dt tht ws system e 11:00 AM. Dt loss will spn ly e hour, tween 11:00 AM 12:00 PM (no). A compny typiclly decides n cceptble RTO RPO bsed fncil impct busess when systems re unvilble. The compny determes fncil impct by csiderg mny fcrs, such s loss busess dmge its reputti due downtime lck systems vilbility. IT orgniztis n pln solutis provide cost-effective system recovery bsed RPO with timele service level estblished by RTO. Trditil DR Investment Prctices A trditil pproch DR volves different levels f-site duplicti dt frstructure. Criticl busess services re set up mted this frstructure tested t regulr tervls. The disster recovery envirment s locti source frstructure should significnt physicl distnce prt ensure tht disster recovery envirment is isolted from fults tht could impct source site. At mimum, frstructure tht is required support duplicte envirment should clude followg: Fcilities house frstructure, cludg power coolg. http://portfold.com/prt/detiled/62/ 7/136

Security ensure physicl protecti ssets. Suitble cpcity scle envirment. Support repirg, replcg, refreshg frstructure. Ctrctul greements with n Internet service provider (ISP) provide Internet cnectivity tht cn sust bwidth utilizti envirment under full lod. Network frstructure such s firewlls, routers, switches, lod blncers. Enough server cpcity run ll missi-criticl services, cludg srge pplces supportg dt, servers run pplictis bckend services such s user unticti, Dom Nme System (DNS), Dynmic Host Cfigurti Procol (DHCP), mirg, lertg. 1 From http://en.wikipedi.org/wiki/recovery_time_objective 2 From http://en.wikipedi.org/wiki/recovery_pot_objective Pge 4 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 AWS Services Fetures Essentil Disster Recovery Bee we discuss vrious pproches DR, it is importnt review AWS services fetures tht re most relevnt disster recovery. This secti provides summry. In preprti phse DR, it is importnt csider use services fetures tht support dt migrti durble srge, cuse y enble you resre bcked-up, criticl dt AWS when disster strikes. For some scenrios tht volve eir scled-down or fully scled deployment your system AWS, compute resources will required s well. When rectg disster, it is essentil eir quickly commissi compute resources run your system AWS or orchestrte filover lredy runng resources AWS. The essentil frstructure pieces clude DNS, networkg fetures, vrious Amz Elstic Compute Cloud (Amz EC2) fetures descrid lter this secti. Regis Amz Web Services re vilble multiple regis round glo, so you cn choose most pproprite locti your DR site, dditi site where your system is fully deployed. AWS hs multiple g enerl purpose regis Americs, EMEA, Asi Pcific tht nye with n AWS ccount cn ccess. Specil-use regis re lso vilble government gencies Ch. See full list vilble regis here. Srge Amz Simple Srge Service (Amz S3) provides highly durble srge frstructure designed missicriticl primry dt srge. Objects re redundntly sred multiple devices cross multiple fcilities with regi, designed provide durbility 99.999999999% (11 9s). AWS provides furr protecti dt retenti rchivg through versig Amz S3, AWS multi-fcr unticti (AWS MFA), bucket policies, AWS Identity Access Mngement (IAM). Amz Glcier provides extremely low-cost srge dt rchivg bckup. Objects (or rchives, s y re known Amz Glcier) re optimized frequent ccess, which retrievl times severl hours re dequte. Amz Glcier is designed sme durbility s Amz S3. Amz Elstic Block Sre (Amz ) provides bility crete pot--time snpshots dt volumes. You cn use snpshots s strtg pot new Amz volumes, you cn protect your dt lg-term durbility cuse snpshots re sred with Amz S3. After volume is cre ted, you cn ttch it runng Amz EC2 stnce. Amz volumes provide f-stnce srge tht persists dependently from life n stnce is replicted cross multiple servers n Avilbility Ze prevent loss dt from filure ny sgle compent. AWS Import/Export ccelertes movg lrge mounts dt out AWS by usg portble srge devices trnsport. AWS Import/Export bypsses Internet trnsfers your dt directly f srge devices by mens high-speed ternl network Amz. For dt sets significnt size, AWS Import/Export is ten fster thn Internet trnsfer more cost effective thn upgrdg your cnectivity. You cn use AWS Import/Export migrte dt out Amz S3 buckets Amz Glcier vults or Amz snpshots. AWS Srge Gtewy is service tht cnects n -premises stwre pplce with cloud-bsed srge provide semless highly secure tegrti tween your -premises IT envirment srge frstructure AWS. Pge 5 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 AWS Srge Gtewy supports three different cfigurtis: Gtewy-cched volumes You cn sre your primry dt Amz S3 ret your frequently ccessed dt loclly. Gtewy-cched volumes provide substntil cost svgs primry srge, mimize need scle your srge -premises, ret low-ltency ccess your frequently ccessed dt. Gtewy-sred volumes In event tht you need low-ltency ccess your entire dt set, you cn cfigure your gtewy sre your primry dt loclly, synchrously bck up pot--time snpshots this dt Amz S3. Gtewy-sred volumes provide durble expensive f-site bckups tht you cn recover loclly or from Amz EC2 if, exmple, you need replcement cpcity disster recovery. Gtewy-virtul tpe librry (gtewy-vtl) With gtewy-vtl, you cn hve n lmost limitless collecti virtul tpes. You cn sre ech virtul tpe virtul tpe librry (VTL) bcked by Amz S3 or virtul tpe shelf (VTS) bcked by Amz Glcier. The virtul tpe librry exposes n dustry strd iscsi terfce tht provides your bckup pplicti with -le ccess virtul tpes. When you no lger require immedite or frequent ccess dt cted virtul tpe, you cn use your bckup pplicti move it from its VTL your VTS furr reduce your srge costs. Compute Amz Elstic Compute Cloud (Amz EC2) provides resizble compute cpcity cloud. With mutes, you cn crete Amz EC2 stnces, which re virtul mches over which you hve complete ctrol. In th e ctext DR, bility rpidly crete virtul mches tht you cn ctrol is criticl. To descri every feture Amz EC2 is outside scope this document; sted; we focus spects Amz EC2 tht re most relevnt DR. Amz Mche Imges (AMIs) re precfigured with opertg systems, some precfigured AMIs might lso http://portfold.com/prt/detiled/62/ 8/136

clude pplicti stcks. You cn lso cfigure your own AMIs. In ctext DR, we strgly recommend tht you cfigure identify your own AMIs so tht y cn lunch s prt your recovery procedure. Such AMIs should precfigured with your opertg system choice plus pproprite pieces pplicti stck. Avilbility Zes re distct loctis tht re engeered sulted from filures or Avilbility Zes. They lso provide expensive, low-ltency network cnectivity or Avilbility Zes sme regi. By lunchg stnces seprte Avilbility Zes, you cn protect your pplictis f rom filure sgle locti. Regis csist e or more Avilbility Zes. The Amz EC2 VM Import Cnecr virtul pplce enbles you import virtul mche imges from your existg envirment Amz EC2 stnces. Networkg When you re delg with disster, it s very likely tht you will hve modify network settgs s you r system is filg over nor site. AWS fers severl services fetures tht enble you mnge modify network settgs. Amz Route 53 is highly vilble sclble Dom Nme System (DNS) web service. It gives developers busesses relible, cost-effective wy route users Internet pplictis. Amz Route 53 cludes numr globl lod-blncg cpbilities (which cn effective when you re delg with DR scenrios such s DNS endpot helth checks) bility filover tween multiple endpots even sttic websites hosted Amz S3. Elstic IP ddresses re sttic IP ddresses designed dynmic cloud computg. However, unlike trditil sttic IP ddresses, Elstic IP ddresses enble you msk stnce or Avilbility Ze filures by progrmmticlly remppg Pge 6 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 your public IP ddresses stnces your ccount prticulr regi. For DR, you cn lso pre -llocte some IP ddresses most criticl systems so tht ir IP ddresses re lredy known e disster strikes. This cn simplify executi DR pln. Elstic Lod Blncg umticlly distributes comg pplicti trffic cross multiple Amz EC2 stnces. It enbles you chieve even greter fult lernce your pplictis by semlessly providg lod-blncg cpcity tht is needed respse comg pplicti trffic. Just s you cn pre-llocte Elstic IP ddresses, you cn pre-llocte your lod blncer so tht its DNS nme is lredy known, which cn simplify executi your DR pln. Amz Virtul Privte Cloud (Amz VPC) lets you provisi privte, isolted secti AWS cloud where you cn lunch AWS resources virtul network tht you defe. You hve complete ctrol over your virtul networkg envirment, cludg selecti your own IP ddress rnge, creti subnets, cfigurti route tbles network gtewys. This enbles you crete VPN cnecti tween your corporte dt center your VPC, leverge AWS cloud s n extensi your corporte dt center. In ctext DR, you cn use Amz VPC extend your existg network pology cloud; this cn especilly pproprite when recoverg enterprise pplictis tht re typiclly ternl network. Amz Direct Cnect mkes it esy set up dedicted network cnecti from your premises AWS. In mny cses, this cn reduce your network costs, crese bwidth throughput, provide more csistent n etwork experience thn Internet-bsed cnectis. Dtbses For your dtbse needs, csider usg se AWS services: Amz Reltil Dtbse Service (Amz RDS) mkes it esy set up, operte, scle reltil dtbse cloud. You cn use Amz RDS eir preprti phse DR hold your criticl dt dtbse tht is lredy runng, or recovery phse run your producti dtbse. When you wnt look t multiple regis, Amz RDS gives you bility snpshot dt from e regi nor, lso hve red replic runng nor regi. Amz DynmoDB is fst, fully mnged NoSQL dtbse service tht mkes it simple cost-effective sre retrieve ny mount dt serve ny level request trffic. It hs relible throughput sgle-digit, millisecd ltency. You cn lso use it preprti phse copy dt DynmoDB nor regi or Amz S3. Durg recovery phse DR, you cn scle up semlessly mtter mutes with sgle click or API cll. Amz Redshift is fst, fully mnged, petbyte-scle dt wrehouse service tht mkes it simple cost-effective efficiently nlyze ll your dt usg your existg busess telligence ols. You cn use Amz Redshift preprti phse snpshot your dt wrehouse durbly sred Amz S3 with sme regi or copied nor regi. Durg recovery phse DR, you cn quickly resre your dt wrehouse sme regi or with nor AWS regi. You cn lso stll run your choice dtbse stwre Amz EC2, you cn choose from vriety ledg dtbse systems. For more mti bout dtbse optis AWS, see Runng Dtbses AWS. Pge 7 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 Deployment orchestrti Deployment umti post-strtup stwre stllti/cfigurti processes ols cn used Amz EC2. We highly recommend vestments this re. This cn very helpful recovery phse, enblg you crete required set resources n umted wy. AWS CloudFormti gives developers systems dmistrrs n esy wy crete collecti relted AWS resources provisi m n orderly predictble fshi. You cn crete templtes your envirments deploy ssocited collectis resources (clled stck) s needed. AWS Elstic Benstlk is n esy--use service deployg sclg web pplictis services developed with Jv,.NET, PHP, Node.js, Pyth, Ruby, Docker. You cn deploy your pplicti code, AWS Elstic Benstlk will provisi opertg envirment your pplictis. AWS OpsWorks is n pplicti mngement service tht mkes it esy deploy operte pplictis ll types sizes. You cn defe your envirment s series lyers, cfigure ech lyer s tier your pplicti. AWS OpsWorks hs umtic host replcement, so event n stnce filure it will umticlly replced. You cn use AWS OpsWorks preprti phse templte your envirment, you cn com it with AWS http://portfold.com/prt/detiled/62/ 9/136

CloudFormti recovery phse. You cn quickly provisi new stck from sred cfigurti tht supports defed RTO. Security complce There re mny security-relted fetures cross AWS services. We recommend tht you review Security Best Prctices whitepper. AWS lso provides furr risk complce mti AWS Security Center. A full discussi security is out scope this pper. Pge 8 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 Exmple Disster Recovery Scenrios with AWS This secti outles four DR scenrios tht highlight use AWS compre AWS with trditil DR methods. The followg figure shows spectrum four scenrios, rrnged by how quickly system cn vilble users fter DR event. Figure 1: Spectrum Disster Recovery Optis AWS enbles you cost-effectively operte ech se DR strtegies. It s importnt note tht se re just exmples possible pproches, vritis combtis se re possible. If your pplicti is lredy runng AWS, n multiple regis cn employed sme DR strtegies will still pply. Bckup Resre In most trditil envirments, dt is bcked up tpe sent f -site regulrly. If you use this method, it cn tke lg time resre your system event disrupti or disster. Amz S3 is n idel destti bckup dt tht might needed quickly perm resre. Trnsferrg dt from Amz S3 is typiclly de through network, is ree ccessible from ny locti. There re mny commercil open-source bckup solutis tht tegrte with Amz S3. You cn use AWS Import/Export trnsfer very lrge dt sets by shippg srge devices directly AWS. For lger-term dt srge where retrievl times severl hours re dequte, re is Amz Glcier, which hs sme durbility model s Amz S3. Amz Glcier is low-cost lterntive strtg from $0.01/GB per mth. Amz Glcier Amz S3 cn used cjuncti produce tiered bckup soluti. AWS Srge Gtewy enbles snpshots your -premises dt volumes trnsprently copied Amz S3 bckup. You cn subsequently crete locl volumes or Amz volumes from se snpshots. Srge-cched volumes llow you sre your primry dt Amz S3, but keep your frequently ccessed dt locl low-ltency ccess. As with AWS Srge Gtewy, you cn snpshot dt volumes give highly durble bckup. In event DR, you cn resre cche volumes eir secd site runng srge cche gtewy or Amz EC2. You cn use gtewy-vtl cfigurti AWS Srge Gtewy s bckup trget your existg bckup mngement stwre. This cn used s replcement trditil mgnetic tpe bckup. For systems runng AWS, you lso cn bck up Amz S3. Snpshots Amz volumes, Amz RDS dtbses, Amz Redshift dt wrehouses cn sred Amz S3. Alterntively, you cn copy s directly Amz S3, or you cn choose crete bckup s copy those Amz S3. There re mny bckup solutis tht sre dt directly Amz S3, se cn used f rom Amz EC2 systems s well. Pge 9 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 The followg figure shows dt bckup optis Amz S3, from eir -site frstructure or from AWS. Figure 2: Dt Bckup Optis Amz S3 from On-Site Infrstructure or from AWS. Of course, bckup your dt is ly hlf sry. If disster strikes, you ll need recover your dt quickly relibly. You should ensure tht your systems re cfigured ret secure your dt, you should test your dt recovery processes. The followg digrm shows how you cn quickly resre system from Amz S3 bckups Amz EC2. Figure 3: Resrg System from Amz S3 Bckups Amz EC2 Pge 10 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 Key steps bckup resre: 1. Select n pproprite ol or method bck up your dt AWS. 2. Ensure tht you hve n pproprite retenti policy this dt. 3. Ensure tht pproprite security mesures re plce this dt, cludg encrypti ccess policies. 4. Regulrly test recovery this dt resrti your system. Pilot Light Quick Recovery AWS The term pilot light is ten used descri DR scenrio which miml versi n envirment is lwys runng cloud. The ide pilot light is n nlogy tht comes from gs heter. In gs heter, smll flme tht s lwys cn quickly ignite entire furnce het up house. This scenrio is similr bckup--resre scenrio. For exmple, with AWS you cn mt pilot light by cfigurg runng most criticl core elements your system AWS. When time comes recovery, you cn rpidly provisi full-scle producti envirment round criticl core. Infrstructure elements pilot light itself typiclly clude your dtbse servers, which would replict e dt Amz EC2 or Amz RDS. Dependg system, re might or criticl dt outside dtbse tht http://portfold.com/prt/detiled/62/ 10/136

needs replicted AWS. This is criticl core system ( pilot light) round which ll or frstructure pieces AWS ( rest furnce) cn quickly provisied resre complete system. To provisi remder frstructure resre busess-criticl services, you would typiclly hve some precfigured servers bundled s Amz Mche Imges (AMIs), which re redy strted up t moment s notice. When strtg recovery, stnces from se AMIs come up quickly with ir pre-defed role ( exmple, Web or App Server) with deployment round pilot light. From networkg pot view, you hve two m optis provisig: Use Elstic IP ddresses, which cn pre-llocted identified preprti phse DR, ssocite m with your stnces. Note tht MAC ddress-bsed stwre licensg, you cn use elstic network terfces (ENIs), which hve MAC ddress tht cn lso pre-llocted provisi licenses gst. You cn ssocite se with your stnces, just s you would with Elstic IP ddresses. Use Elstic Lod Blncg (ELB) distribute trffic multiple stnces. You would n updte your DNS records pot t your Amz EC2 stnce or pot your lod blncer usg CNAME. We recommend this opti trditil web-bsed pplictis. For less criticl systems, you cn ensure tht you hve ny stllti pckges cfigurti mti vilble AWS, exmple, m n Amz snpshot. This will speed up pplicti server setup, cuse you cn quickly crete multiple volumes multiple Avilbility Zes ttch Amz EC2 stnces. You cn n stll cfigure ccordgly, exmple, by usg bckup--resre method. The pilot light method gives you quicker recovery time thn bckup--resre method cuse core pieces system re lredy runng re ctully kept up dte. AWS enbles you umte provisig cfigurti frstructure resources, which cn significnt nefit sve time help protect gst humn errors. However, you will still need perm some stllti cfigurti tsks recover pplictis fully. Pge 11 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 Preprti phse The followg figure shows preprti phse, which you need hve your regulrly chngi ng dt replicted pilot light, smll core round which full envirment will strted recovery phse. Your less frequently updted dt, such s opertg systems pplictis, cn periodiclly updted sred s AMIs. Figure 4: The Preprti Phse Pilot Light Scenrio Key steps preprti: 1. Set up Amz EC2 stnces replicte or mirror dt. 2. Ensure tht you hve ll supportg cusm stwre pckges vilble AWS. 3. Crete mt AMIs key servers where fst recovery is required. 4. Regulrly run se servers, test m, pply ny stwre updtes cfigurti chnges. 5. Csider umtg provisig AWS resources. Recovery phse To recover remder envirment round pilot light, you cn strt your systems from AMIs with mutes pproprite stnce types. For your dynmic dt servers, you cn resize m hle producti volumes s needed or dd cpcity ccordgly. Horiztl sclg ten is most cost-effective sclble pproch dd cpcity system. For exmple, you cn dd more web servers t pek times. However, you cn lso choose lrger Amz EC2 stnce types, thus scle verticlly pplictis such s reltil dtbses. From networkg perspective, ny required DNS updtes cn de prllel. Pge 12 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 After recovery, you should ensure tht redundncy is resred s quickly s possible. A filure your DR envirment shortly fter your producti envirment fils is unlikely, but you should wre this risk. Ctue tke regulr bckups your system, csider dditil redundncy t dt lyer. The followg figure shows recovery phse pilot light scenrio. Figure 5: The Recovery Phse Pilot Light Scenrio. Key steps recovery: 1. Strt your pplicti Amz EC2 stnces from your cusm AMIs. 2. Resize existg dtbse/dt sre stnces process cresed trffic. 3. Add dditil dtbse/dt sre stnces give DR site resilience dt tier; if you re usg Amz RDS, turn Multi-AZ improve resilience. 4. Chnge DNS pot t Amz EC2 servers. 5. Instll cfigure ny n-ami bsed systems, idelly n umted wy. Pge 13 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 Wrm Stby Soluti AWS The term wrm stby is used descri DR scenrio which scled-down versi fully functil envirment is lwys runng cloud. A wrm stby soluti extends pilot light elements preprti. It furr decreses recovery time cuse some services re lwys runng. By identifyg your busess-criticl systems, you cn fully duplicte se systems AWS hve m lwys. These servers cn runng mimum-sized fleet Amz EC2 stnces smllest sizes possible. This soluti is not scled tke full-producti lod, but it is fully functil. It cn used n-producti work, http://portfold.com/prt/detiled/62/ 11/136

such s testg, qulity ssurnce, ternl use. In disster, system is scled up quickly hle producti lod. In AWS, this cn de by ddg more stnces lod blncer by resizg smll cpcity servers run lrger Amz EC2 stnce typ es. As stted precedg secti, horiztl sclg is preferred over verticl sclg. Preprti phse The followg figure shows preprti phse wrm stby soluti, which n -site soluti n AWS soluti run side-by-side. Figure 6: The Preprti Phse Wrm Stby Scenrio. Pge 14 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 Key steps preprti: 1. Set up Amz EC2 stnces replicte or mirror dt. 2. Crete mt AMIs. 3. Run your pplicti usg miml footprt Amz EC2 stnces or AWS frstructure. 4. Ptch updte stwre cfigurti s le with your live envirment. Recovery phse In cse filure producti system, stby envirment will scled up producti lod, DNS records will chnged route ll trffic AWS. Figure 7: The Recovery Phse Wrm Stby Scenrio. Key steps recovery: 1. Increse size Amz EC2 fleets service with lod blncer (horiztl sclg). 2. Strt pplictis lrger Amz EC2 stnce types s needed (verticl sclg). 3. Eir mnully chnge DNS records, or use Amz Route 53 umted helth checks so tht ll trffic is routed AWS envirment. 4. Csider usg Au Sclg right-size fleet or ccommodte cresed lod. 5. Add resilience or scle up your dtbse. Pge 15 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 Multi-Site Soluti Deployed AWS On-Site A multi-site soluti runs AWS s well s your existg -site frstructure, n ctive-ctive cfigurti. The dt replicti method tht you employ will determed by recovery pot tht you choose. For more mti bout recovery pot optis, see Recovery Time Objective Recovery Pot Objective secti this whitepper. In dditi recovery pot optis, re re vrious replicti methods, such s synchrous synchrous methods. For more mti, see Replicti Dt secti this whitepper. You cn use DNS service tht supports weighted routg, such s Amz Route 53, route producti trffic different sites tht deliver sme pplicti or service. A proporti trffic will go your frstructure AWS, remder will go your -site frstructure. In n -site disster situti, you cn djust DNS weightg send ll trffic AWS servers. The cpcity AWS service cn rpidly cresed hle full producti lod. You cn use Amz EC2 Au Sclg umte this process. You might need some pplicti logic detect filure primry dtbse services cut over prllel dtbse services runng AWS. The cost this scenrio is determed by how much producti trffic is hled by AWS durg norml operti. In recovery phse, you py ly wht you use durti tht DR envirment is required t full scle. You cn furr reduce cost by purchsg Amz EC2 Reserved Instnces your lwys AWS servers. Preprti phse The followg figure shows how you cn use weighted routg policy Amz Route 53 DNS route porti your trffic AWS site. The pplicti AWS might ccess dt sources -site producti system. Dt is replicted or mirrored AWS frstructure. Figure 8: The Preprti Phse Multi-Site Scenrio. Pge 16 22 Amz Web Services Usg AWS Disster Recovery 2014 Ocr Key steps preprti: 1. Set up your AWS envirment duplicte your producti envirment. 2. Set up DNS weightg, or similr trffic routg technology, distribute comg requests both sites. Cfigure umted filover re-route trffic wy from ffected site. Recovery phse The followg figure shows chnge trffic routg event n -site disster. Trffic is cut over AWS frstructure by updtg DNS, ll trffic supportg dt queries re supported by AWS frstructure. http://portfold.com/prt/detiled/62/ 12/136

Figure 9: The Recovery Phse Multi-Site Scenrio Involvg On-Site AWS Infrstructure. Key steps recovery: 1. Eir mnully or by usg DNS filover, chnge DNS weightg so tht ll requests re sent AWS site. 2. Hve pplicti logic filover use locl AWS dtbse servers ll queries. 3. Csider usg Au Sclg umticlly right-size AWS fleet. You cn furr crese vilbility your multi-site soluti by designg Multi-AZ rchitectures. For more mti bout how design pplictis tht spn multiple vilbility zes, see Buildg Fult-Tolernt Applictis AWS whitepper. Pge 17 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 AWS Producti n AWS DR Soluti Usg Multiple AWS Regis Applictis deployed AWS hve multi-site cpbility by mens multiple Avilbility Zes. Avilbility Zes re distct loctis tht re engeered sulted from ech or. They provide expensive, low-ltency network cnectivity with sme regi. Some pplictis might hve n dditil requirement deploy ir compents usg multiple regis; this cn busess or regulry requirement. Any precedg scenrios this whitepper cn deployed usg seprte AWS regis. The dvntges both producti DR scenrios clude followg: You d t need negotite ctrcts with nor provider nor regi You cn use sme underlyg AWS technologies cross regis You cn use sme ols or APIs For more mti, see Migrtg AWS Resources New Regi whitepper. Replicti Dt When you replicte dt remote locti, you should csider se fcrs: Distnce tween sites Lrger distnces typiclly re subject more ltency or jitter. Avilble bwidth The bredth vribility tercnectis. Dt rte required by your pplicti The dt rte should lower thn vilble bwidth. Replicti technology The replicti technology should prllel (so tht it cn use network effectively). There re two m pproches replictg dt: synchrous synchrous. Synchrous replicti Dt is miclly updted multiple loctis. This puts dependency network permnce vilbility. In AWS, Avilbility Zes with regi re well cnected, but physiclly seprted. For exmple, when deployed Multi-AZ mode, Amz RDS uses synchrous replicti duplicte dt secd Avilbility Ze. This ensures tht dt is not lost if primry Avilbility Ze comes unvilble. Asynchrous replicti Dt is not miclly updted multiple loctis. It is trnsferred s network permnce vilbility llows, pplicti ctues write dt tht might not fully replicted yet. Mny dtbse systems support synchrous dt replicti. The dtbse replic cn locted remotely, replic does not hve completely synchrized with primry dtbse server. This is cceptble mny scenrios, exmple, s bckup source or reportg/red-ly use cses. In dditi dtbse systems, you cn lso extend it network systems dt volumes. We recommend tht you underst replicti technology used your stwre soluti. A detiled nlysis replicti technology is yd scope this pper. Pge 18 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 AWS regis re completely dependent ech or, but re re no differences wy you ccess m use m. This enbles you crete DR processes tht spn ctentl distnces, without chllenges or costs tht this would normlly cur. You cn bck up dt systems two or more AWS regis, llowg service resrti even fce extremely lrge-scle dissters. You cn use AWS regis serve your users round glo with reltively low complexity your opertil processes. Filg Bck from Disster Once you hve resred your primry site workg stte, you will need resre your norml service, which is ten referred s fil bck. Dependg your DR strtegy, this typiclly mens reversg flow dt replicti so tht ny dt updtes received while primry site ws down cn replicted bck, without loss dt. The followg steps outle different fil-bck pproches: Bckup resre 1. Freeze dt chnges DR site. 2. Tke bckup. 3. Resre bckup primry site. 4. Re-pot users primry site. 5. Unfreeze chnges. Pilot light, wrm stby, multi-site 1. Estblish reverse mirrorg/replicti from DR site bck primry site, ce primry site hs cught up with chnges. 2. Freeze dt chnges DR site. http://portfold.com/prt/detiled/62/ 13/136

3. Re-pot users primry site. 4. Unfreeze chnges. Pge 19 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 Improvg Your DR Pln This secti descris importnt steps you should follow estblish strg DR pln. Testg After your DR soluti is plce, it needs tested. You cn test frequently, which is e key dvntges deployg AWS. Gme dy is when you exercise filover DR envirment, ensurg tht sufficient documentti is plce mke process s simple s possible should rel event tke plce. Spng up duplicte envirment testg your gme-dy scenrios is quick cost-effective AWS, you typiclly d t need uch your producti envirment. You cn use AWS CloudFormti deploy complete envirments AWS. This uses templte descri AWS resources ny ssocited dependencies or runtime prmeters tht re required crete full envirment. Differentitg your tests is key ensurg tht you re covered gst multitude different types dissters. The followg re exmples possible gme-dy scenrios: Power loss site or set servers Loss ISP cnectivity sgle site Virus impctg core busess services tht ffects multi-sites User error tht cuses loss dt, requirg pot--time recovery Mirg lertg You need hve regulr checks sufficient mirg plce lert you when your DR envirment hs en impcted by server filure, cnectivity issues, pplicti issues. Amz CloudWtch provides ccess metrics bout AWS resources, s well s cusm metrics tht cn pplicti centric or even busess-centric. You cn set up lrms bsed defed thresholds ny metrics, where required, you cn set up Amz SNS send lerts cse unexpected hvior. You cn use ny mirg solutis AWS, you cn lso ctue use ny existg mirg lertg ols tht your compny uses mir your stnce metrics, s well s guest OS stts pplicti helth. Bckups After you hve switched your DR envirment, you should ctue mke regulr bckups. Testg bckup resre regulrly is essentil s fll-bck soluti. AWS gives you flexibility perm frequent, expensive DR tests without needg DR frstructure lwys. User ccess You cn secure ccess resources your DR envirment by usg AWS Identity Access Mngement (IAM). With IAM, you cn crete role-bsed user-bsed security policies tht segregte user respsibilities restrict user ccess specified resources tsks your DR envirment. Pge 20 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 System ccess You cn lso crete roles your Amz EC2 resources, so tht ly users who re ssigned specified roles cn perm defed ctis your DR envirment, such s ccessg n Amz S3 bucket or re-potg n Elstic IP ddress. Aumti You cn umte deployment pplictis AWS-bsed servers your -premises servers by usg cfigurti mngement or orchestrti stwre. This llows you hle pplicti cfigurti chnge mngement cross both envirments with ese. There re severl populr orchestrti stwre optis vilble. For list soluti providers, see AWS Prtner Direcry.3 AWS CloudFormti works cjuncti with severl ols provisi frstructure services n umted wy. Higher levels bstrcti re lso vilble with AWS OpsWorks or AWS Elstic Benstlk. The overll gol is umte your stnces s much s possible. For more mti, see Architectg Cloud: Best Prctices whitepper. You cn use Au Sclg ensure tht your pool stnces is ppropritely sized meet dem bsed metrics tht you specify AWS CloudWtch. This mens tht DR situti, s your user bse strts use envirment more, soluti cn scle up dynmiclly meet this cresed dem. After event is over usge potentilly decreses, soluti cn scle bck down mimum level servers. Stwre Licensg DR Ensurg tht you re correctly licensed your AWS envirment is s importnt s licensg ny or envirment. AWS provides vriety models mke licensg esier you mnge. For exmple, Brg Your Own License is possible severl stwre compents or opertg systems. Alterntely, re is rnge stwre which cost license is cluded hourly chrge. This is known s License cluded. Brg your Own License enbles you leverge your existg stwre vestments durg disster. License cluded mimizes up-frt license costs DR site tht doesn t get used dy--dy bsis. If t ny stge you re doubt bout your licenses how y pply AWS, ctct your license reseller. Cclusi Mny optis vritis DR exist. This pper highlights some comm scenrios, rngg from simple bckup resre fult lernt, multi-site solutis. AWS gives you fe-gred ctrol mny buildg blocks build pproprite DR soluti, given your DR objectives (RTO RPO) budget. The AWS services re vilble -dem, you py ly wht you use. This is key dvntge DR, where significnt frstructure is needed quickly, but ly event disster. http://portfold.com/prt/detiled/62/ 14/136

This whitepper hs shown how AWS provides flexible, cost-effective frstructure solutis, enblg you hve more effective DR pln. 3 Soluti providers cn found t http://ws.mz.com/solutis/soluti-providers/ Pge 21 22 Amz Web Services Usg AWS Disster Recovery Ocr 2014 Furr Redg Amz S3 Gettg Strted Guide: http://docs.mzwebservices.com/amzs3/ltest/gsg/ Amz EC2 Gettg Strted Guide: http://docs.mzwebservices.com/awsec2/ltest/gettgstrtedguide/ AWS Prtner Direcry ( list AWS soluti providers): http://ws.mz.com/solutis/soluti-providers/ AWS Security Complce Center: http://ws.mz.com/security/ AWS Architecture Center: http://ws.mz.com/rchitecture Whitepper: Designg Fult-Tolernt Applictis AWS Cloud Or AWS technicl whiteppers: http://ws.mz.com/whiteppers Document Revisis We ve mde followg chnges this whitepper sce its origl publicti Jnury, 2012: Updted mti bout AWS regis Added mti bout new services: Amz Glcier, Amz Redshift, AWS OpsWorks, AWS Elstic Benstlk, Amz DynmoDB Added mti bout elstic network terfces (ENIs) Added mti bout vrious fetures AWS services DR scenrios usg multiple AWS regis Added mti bout AWS Srge Gtewy virtul tpe librries Pge 22 22 4 Approches Bckup DR Techniques usg Amz Cloud http://blog.blzecln.com/4-pproches-bckup-disster-recovery-expled-mz-cloud/ Decemr 09, 2014 For tter understg Amz Web Services red white ppers AWS fetures. Acknowledgements: Bckup Disster Recovery by Glen Robs, Inni Vmvdelis... Wht cn I expect lern from this blog? This blog fers n troducti 4 types Bckup DR solutis tht AWS hs fer. Enterprises use mixture se techniques. If you underst bsics cloud computg, wnt know how you cn protect your dt from disster, ensure busess ctuity; you hve come right plce. A disster cn defed s ny phenomen tht disrupts busess ctuity. It is not ly ny nturl clmity such s n erthquke or flood, it cn ny hrdwre or stwre filure, network or power outge, physicl dmge buildg like fire or humn error. Our dt is most precious sset tht we hve protectg it is our p priority. Cretg bckups our dt n f shore dt center, so tht event n premise filure we cn switch over our bckup, is prime focus busess ctuity. As AWS sys, â Disster recovery is ctul process nlysis improvement, s busess systems evolve.â For ech busess service, cusmers need estblish n cceptble recovery pot time, n build n pproprite DR soluti.â Bckup DR Cloud reduces costs by hlf s compred mtg your own redundnt dt centers. And if you thk bout it, itâ s relly not tht surprisg. Imge kd cost you would entil buyg mtg servers dt centers, providg secure stble cnectivity not menti keepg m secure. You would lso under utilizg severs; times unpredictble trffic rise it would strenuous set up new es. To ll se cloud provides semless trnsiti reducg cost drmticlly. 4 strd Approches Bckup Disster Recovery usg Amz Cloud:Â Â 1. Bckup Recovery: To recover your dt event ny disster, you must first hve your dt periodiclly bcked up from your system AWS. Bckg up dt cn de through vrious mechnisms your choice will bsed RPO (Recovery Pot Objective- So if your disster struck t 2 pm your RPO is 1 hr, your Bckup & DR will resre ll dt till 1 pm.) tht will suit your busess needs. AWS fers AWS Direct cnect Import Export services tht llow fster bckup. For exmple, if you hve frequently chngg dtbse like sy sck mrket, n you will need very high RPO. However if your dt is mostly sttic with low frequency chnges, you cn opt periodic crementl bckup. Once your bckup mechnisms re ctivted you cn pre-cfigure AMIs (opertg systems & pplicti stwre). Now when disster strikes, EC2Â (Elstic Compute Cpcity) Â stnces Cloud usg (Elstic Block Sre) coupled with AMIs cn ccess your dt from S3 (Simple Srge Service) buckets revive your system keep it gog. 2. Pilot Light Approch: The nme pilot light comes from gs heter nlogy. Just s heter you hve smll flme tht is lwys, cn quickly ignite entire furnce; similr pproch cn thought bout your dt system. In preprry phse your premise dtbse server mirrors dt dt volumes AWS. The dtbse server cloud is lwys ctivted frequent or ctuous crementl bckup. This core re is pilot from our gs heter nlogy. The pplicti cchg server replic envirments re creted cloud kept stby mode s very few chnges tke plce over time. These AMIs cn updted periodiclly. This is entire furnce from our exmple. If premise system fils, n pplicti cchg servers get ctivted; furr users re rerouted usg elstic IP ddresses d hoc envirment cloud. Your Recovery tkes just few mutes. 3. Wrm Stby Approch: This Technique is next level pilot light, reducg recovery time lmost zero. Your pplicti cchg servers re set up lwys ctivted bsed your busess criticl ctivities but ly mimum sized fleet EC2 stnces re dedicted. The bckup system is not cpble hlg producti lod, but cn used testg, qulity ssurnce or ternl uses. In event disster, when your premise dtâ centerâ fils, two thgs hppen. Firstly multiple EC2 stnces re dedicted (verticl horiztl sclg) brg your pplicti cchg envirment up producti lod. ELB Au Sclg ( distributg trffic) re used ese sclg up. Secdly usg Amz Route 53 user trffic is rerouted stntly usg elstic IP ddresses re is stnt recovery your system with lmost zero down time. 4. Multi-Site Approch:Â Well this is optimum technique bckup DR is next step fter wrm stby. All ctivities http://portfold.com/prt/detiled/62/ 15/136

preprry stge re similr wrm stby; except tht AWS bckup Cloud is lso used hle some portis user trffic usg Route 53. When disster strikes, rest trffic tht ws potg premise servers re rerouted AWS usg u sclg techniques multiple EC2 stnces re deployed hle full producti cpcity. You cn furr crese vilbility your multi-site soluti by designg Multi-AZ rchitectures. The digrm low shows exctly how Pilot Light Approch works, occurrence disster : For tter understg Amz Web Services red white ppers AWS fetures. To see more bout our Bckup DR soluti or solutis visitâ our website. Bckup Resre Systems Amz Web... http://wsmedi.s3.mzws.com/bckup recovery sp_systems ws lux_mxdb db2_v1.6.pdf Decemr 09, 2014 Amz Web Services Infrstructure... note1377148 66!FAQ:!MxDB!bckup/recovery! Answers!Frequently!Asked!Questis!!MxDB!bckup!!recovery! Bckup Resre Systems Amz Web Services Infrstructure MxDB DB2 LUW Dtbses Lux For Authors: Amz Web Services sp- - ws@mz.com Technologies Proter http://www.proter.biz Versi: 1.6 Mrch 2012 Tble Ctents Prerequisite Documents... 4 Amz Web Services... 4 http://portfold.com/prt/detiled/62/ 16/136

http://portfold.com/prt/detiled/62/ 17/136 MxDB.... 4 DB2 UDB... 4 Scope this Document... 5 Compents Bckup Resre AWS frstructure... 5 Amz Elstic Compute Cloud (EC2)... 5 Amz Simple Srge Service (Amz S3)... 5 Amz Elstic Block Srge ()... 6 Amz Virtul Privte Cloud (VPC)... 6 Srge lyout systems volumes... 6 Bckup Resre procedures usg AWS frstructure... 8 MxDB bckups usg AWS Infrstructure... 8 DB2 bckups usg

http://portfold.com/prt/detiled/62/ 18/136 AWS Infrstructure... 10 Resre...... 11 Comm bckup resre opertis Amz EC2 stnces volumes... 11 Bckup: cretg new volume with n empty system... 11 Bckup: cretg n snpshot Amz S3 n volume... 12 Bckup: dismountg system(s) detchg n Volume... 12 Bckup: cretg full fle Amz EC2 Amz Mche Imge (AMI)... 12 Detiled steps crete Amz Mche Imge (AMI)... 13 Exmples bckg up System compents usg AWS frstructure... 14

http://portfold.com/prt/detiled/62/ 19/136 Exmple 1: dtbse bckup n bckup system... 14 Exmple 1: full le dt log bckup MxDB... 15 Crete MxDB bckup templtes... 15 Bck up dtbse usg Dtbse Studio... 16 Bck up dtbse trnscti logs usg Dtbse Studio... 16 Bck up dtbse usg DBMCLI... 16 Bck up dtbse log usg DBMCLI... 16 Pge 2 31 Schedule hourly umtic log bckup usg Dtbse Studio... 16 Crete snpshot send bckup Amz

http://portfold.com/prt/detiled/62/ 20/136 S3... 17 Exmple 1b: full le bckup DB2 LUW... 17 Steps enble rollwrd recovery set up DB2 log mngement:... 17 Opti 1: bck up dtbse directly from system... 18 Opti 2: bck up dtbse usg CLI... 18 DB2 trnscti log mngement... 19 Crete snpshot send bckup Amz S3... 19 Exmple 2: OS bckup S3 usg TAR comm... 20 Exmples resrg systems usg AWS frstructure... 22 Exmple 1: resre OS