Linx SAFE - Disaster Recovery in AWS

Evgeny Makaryin, Head of Product and Solution Development Group Linxdatacenter

Sooner or later, any equipment fails. Believing that IT equipment will work for years and that the server room in the office will never fall down is dangerous.

To prevent such incidents from coming as a surprise, it is important to build their probability into the disaster recovery (DR) plan. Evgeny Makaryin, head of Linxdatacenter project and solution development group, explains what role global cloud providers play in today's DR plans.

The axiom of business continuity today: only with the availability and regular testing of DR-plan, the company can count on the predictable timing of resumption of normal operation in case of failure of infrastructure and IT systems.

Creating and implementing a corporate DR plan requires a lot of resources, both during the development and launch phase and when maintaining systems and processes in a state of constant readiness.

If the recovery process is not automated to a high enough level, engineers will have to do too many manipulations manually during a disaster. And human errors in conditions of severe stress can lead to long delays, incorrect operation of IT systems and applications deployed in them. We should not forget about such situations as various kinds of business inspections by the authorities, execution of court decisions, and so on.

"Exorbitant" level of protection

In recent years, it has become increasingly common to implement a DR plan by leveraging the resources of public clouds, including global providers.

The triumvirate of "big clouds" - Amazon Web Services, Google Cloud Platform and Microsoft Azure - provides customers with maximum automation of processes at all stages from installation of the DR solution to further management, monitoring and incident response.

In principle, it is becoming increasingly profitable for companies to host in public clouds even for routine tasks, and in the event of a major disaster, public clouds have no competitors today for the fastest possible recovery.

Why can't we just do disaster recovery in Russia?

First of all, global cloud providers have essentially endless computing power and disk space, allowing them to host IT infrastructure for customers of virtually any size.

There is no need to pay for the provider to hold resources for guaranteed recovery specifically for the company. With the global cloud as a DR site, businesses can be assured that everything will work without having to overpay for resources the company does not use.

In Russia, providers of a similar scale are just beginning to emerge, and they do not yet have a comparable combination of capacity, experience, abundance of services available to customers, and quality of service.

Why would you want this

Suppose your IT infrastructure is in a data center that suddenly caught fire. The picture is real and very scary. In fact, everyone remembers the case of OVH in France - even companies that stored backups in remote data centers had to spend hours and days recovering from backups and bringing up the infrastructure.

This happens because of manual manipulation and lack of regular tests. That is, the team has an idea of what needs to be done, but if the system is not tested regularly and drills are not conducted, recovery often does not go according to plan.

Another scenario: your clients consume services from abroad, while your infrastructure is located in the cloud of a local provider in Russia. Because of possible political conflicts, access from abroad to sites in Russia and vice versa is blocked, and for an indefinite period of time.

If backups are also stored abroad, manual recovery will take hours or even days. If there are no backups there, and all data is stored only in Russia, then you need to urgently contract with a foreign hosting, somehow transfer the data there, raise the infrastructure manually, and only then fully recover from backups. Downtime in this scenario will be measured in weeks.

DR in the global cloud allows you to have a fully working infrastructure in an average of 20 minutes after initiating a disaster recovery plan.

Preparing

Many present the process of migrating to the global cloud as incredibly complex and costly. However, providers offer tools for painless migration for DR projects.

As a rule, such solutions consist of several main blocks - a console to manage the entire process and agents (special software) installed on the customer's original Windows or Linux servers. You need an account in a public cloud, where the so-called staging area with a replication server is automatically deployed. The data replicas are also stored there.

Nearby, a target zone is prepared where the client's virtual machines will start in the event of a test or "combat" launch of the DR-plan.

This solution allows maximum automation of the migration process for dozens or even hundreds of servers.

Ready, set, DR!

After server data is initially transferred to the global cloud, continuous block-by-block replication is enabled. This enables an RPO (target recovery point to which a "downed" IT system is recovered) of a few seconds.

In addition to data replication, it is important not to forget that during a disaster a lot of time is spent on setting up networks and security in the target area, so this work must be done in advance.

In global clouds, you create a security - group, virtual networks, preferably with internal addressing similar to the original infrastructure. And then in the console, you can configure granularly for each individual server the parameters with which this server will start when you activate the DR-plan.

For example, you can set the type of machine, i.e. how many cores and memory will be assigned, billing method, subnet, IP address, security groups and so on. For many settings, it is possible to automatically select parameters similar to the source server.

In addition, servers can be grouped together and the order in which these groups start can be configured as part of a disaster recovery plan. All of these operations in global clouds are automated and require minimal manual manipulation in the event of an incident or during testing.

Access issues

To access the DR capabilities of big clouds from Russia, you need to look for certified partners of global providers.

What are the advantages?

First, such a partner will audit the infrastructure. He will assess which components of the client's IT system require protection - hardware, virtualization, operating systems, applications. He will find out how much resources are allocated to them and how much is used. He will also assess how connectivity is organized and bandwidth utilization, which is also very important.

Second, the partner develops a disaster recovery plan, which will describe in detail what threats the company is protected from and how. Describes who is responsible for what, with whom and how to contact during testing or combat disaster recovery. Prescribes the procedure for updating the DR-plan.

Third, creates the infrastructure for the client in the global cloud. It prepares the right accounts, networks, access lists, security groups, routes, gateways, load balancers, and so on.

The partner also generates agents to be installed on the source servers and sends download links and instructions on how to install them. After the client installs the agents and opens the required ports, the servers are displayed in the control panel and replication begins. Next, a template is configured in the console, so that when restoring to the global cloud, virtual machines start with the right settings and in a certain order.

A DR plan cannot be considered valid until it has been tested. The partner will conduct tests, both in the form of a pilot and regular performance tests.

Next, the partner will take on the management of DR - infrastructure and keeping the DR-plan up to date. This is a very important and quite time-consuming part of the strategy to keep the business up and running.