Backup on the Cloud Mike Izumi Cloud Architect 2nd Watch
Jan 15, 2015
Backup on the Cloud
Mike IzumiCloud Architect2nd Watch
Confidential. Property of 2nd Watch, Inc. 2
Backups - Traditional vs. Cloud AWS Backup, Archival & DR Tools DR – Traditional vs. AWS Solutions HA Using AWS Solutions Q&A
Agenda
Confidential. Property of 2nd Watch, Inc. 3
Long/slow recovery time
Low durability (higher probability for data loss)
What’s wrong with Traditional Backups?
Confidential. Property of 2nd Watch, Inc. 4
Requires Tape Museums Expensive Tech Refresh Disaster Recovery– Complex and highly cost-prohibitive
What’s wrong with Traditional Backups? (Cont.)
5
Eleven 9s (that’s 99.999999999%) of durability (S3/Glacier)
Seamless integration with existing AWS infrastructure Lifecycle Management built in via “Lifecycle Policies”
What makes AWS better than Traditional Solutions?
6
Numerous options for transferring data in/out and syncing
The typical reasons for using AWS apply (e.g. Reduce CapEx, Reduce TCO, industry compliances)
Affordable and manageable DR with “Pilot Light”
What makes AWS better than Traditional Solutions? (Cont.)
Confidential. Property of 2nd Watch, Inc. 7
S3 (backup/recovery) Glacier (archival) EBS snapshots AWS Import/Export (used for seeding large
data sets)
AWS Backup, Archival, and DR tools
Confidential. Property of 2nd Watch, Inc. 8
Storage Gateway Pilot Light (Disaster Recovery) Warm Standby (taking Pilot Light a step
further to achieve fault tolerance between on premise and AWS DR resources)
AWS Backup, Archival, and DR tools (Cont.)
9
Amazon S3 – Simple Storage Service
Durable and low cost (1GB < $0.10 per month)
Unlimited number of objects and volume
Backup from any system directly to S3 buckets via HTTP/HTTPS– Create scripts using PowerShell, Perl, Python…
– Numerous solutions for data copy and synch
10
Amazon S3 – Simple Storage Service (cont.)
Easily create lifecycle rules− Delete or archive to Glacier− Single rule for the bucket or multiple based on object prefix
Security− Control access thru policies and ACLs− Auditable access− Encryption in flight and at rest (SSL & SSE)− Versioning in case of accidental
deletion
11
Amazon Glacier – Infinite Archival Storage
• Secure and Cost effective Offsite data archiving
• Tape Replacement for backup and recovery
• Long term digital preservation for historical and digital information
12
EBS Snapshots
“SAN like snapshots” of EBS storage allow recovery to a point in time – replicated across the entire region (3+ AZ/datacenters)
Auto-scaling and scripting allow backup server to be fully cost optimized
Example: 2W Backup Server < $1 per month
Confidential. Property of 2nd Watch, Inc. 13
Quickly migrate large amounts of data in/out of AWS– Seeding initial datasets– Copying offsite backups into S3, EBS, Glacier– Retrieval of offsite backups and datasets
AWS Import/Export
14
Storage Gateway
Cloud backed storage running as an on premise software appliance
Utilizes durable Amazon S3 for primary storage and EBS Snapshots
Confidential. Property of 2nd Watch, Inc. 15
Storage Gateway – Cached or Stored
Gateway-Cached• Frequently accessed data is
cached on premise• Cost savings on storage• Mount volumes up to 32TB• With up to 150 TBs total
storage
Gateway-Stored• Low-latency access to all
your data• Asynchronous backup to S3
as EBS Snapshots• Mount volumes up to 1TB• Up to 12TBs of total storage
Confidential. Property of 2nd Watch, Inc. 16
Average fully managed costs of DR > $1 per GB of protected data
Recovering from backups can take days Backup tapes add risk and time to recovery– Do you have all the tapes you need– Are the resources available to do the restorations
Disaster Recovery
Confidential. Property of 2nd Watch, Inc. 17
Did you know?– Businesses spend over 80% of their IT budget on keeping
the lights on
If you have an outage will it be a disaster?
Disaster Recovery (cont.)
18
Disaster Recovery on AWS
Classes of RTOs
Critical – Real-time availability or near real-time (minutes) – Tier 0 infrastructure, critical apps
Major – Applications to run the business (hours) – Tier 1 infrastructure and apps
Minor – Applications that can withstand a longer downtime (hours - days)
AWS Solution
• High Availability or Warm Standby
• Pilot Light DR in AWS
• Backup and Recovery in AWS
Confidential. Property of 2nd Watch, Inc. 19
Disaster Recovery on AWS
Classes of RTOs Critical – Real-time availability or
near real-time (minutes) – Tier 0 infrastructure, critical apps
Major – Applications to run the business (hours) – Tier 1 infrastructure and apps
Minor – Applications that can withstand a longer downtime (hours - days)
AWS Solution High Availability or Warm
Standby
Pilot Light DR in AWS
Backup and Recovery in AWS
20
A word on High Availability on AWS Plan for failure at any level
Services within a Datacenter (AZs) can fail
Regions are N+2 (minimum)
Reserve capacity (the other side of Reserved Instances)
Use AWS Services that scale across AZs
− VPC, S3, ELB, RDS, ...
Chaos Monkey – Now Available!
Confidential. Property of 2nd Watch, Inc. 21
HA Example
HA at each tier Can lose entire
datacenter and maintain production load
Auto-scaling at web and API tier to support dynamic site load
High Data security requirements – HA at IDS, Log Mgmt. and auditing tiers
Confidential. Property of 2nd Watch, Inc. 22
Pilot Light
Confidential. Property of 2nd Watch, Inc. 23
Pilot Light
Confidential. Property of 2nd Watch, Inc. 24
Advantages of a Pilot Light DR Scenario
Warm standby for the price of cold storage− Or Less!
Super fast recovery time− Entire recovery process could be 1-3 hours
Data replication can keep critical systems in sync
Tip: include full domain controller to ensure all accounts are replicated and can be used at time of event for definitive source.
Confidential. Property of 2nd Watch, Inc. 25
Q & A
Thank you for your time
Keep in TouchMike Izumi | [email protected] | www.2ndwatch.com
[email protected] | 1-888-317-7920