Practical Review: Disaster Recovery (DR) in the AWS Cloud (Part 1)

DR feature image _0“Everything fails, all the time” Werner Vogels, CTO at Amazon.

The Cloud Will Fail

Hurricanes, BIOS updates, earthquakes, DNS failures, SSL certificates, storms … these were responsible for the last years cloud outage in cloud services and traditional data center infrastructure. What do they have in common?

Bad luck? Bad practice? Consequences? Maybe, what they teach us is that we need a “Plan B”.  If the core of our business is on the Internet, we need a disaster-proof infrastructure that enables us to stay on track (or recover) within a feasible time defined in our Business Continuity Plan. In this post I will focus on disaster recovery and its various facets. Before getting into the technical side, let me review some basics.

Amazon Cloud Inches Closer to the Enterprise with VPC

amazon-vpc-01Amazon’s AWS  VPC (Virtual Private Cloud) is like a canvas. It lets you define private networks, the way they interact with each other, routing, and security. Now, it even lets you terminate VPN connections from your main corporate network out-of-the-box and, best of all, it doesn’t cost you anything to use it.

Disaster Recovery on AWS Cloud by Emind Systems

DR on AWS 1_ dilbertIn case of a disaster we would like to make sure that our applications are still up and running, while taking advantage of our failover hosting/cloud provider. The Disaster Recovery (DR) architecture is driven by the criticality of applications and data. The decision regarding what to back up and deploy eventually translates into ongoing costs that can be extremely significant. Every IT organization has its own high level policy guidelines. These policies are eventually translated into the policy deployed for each of the different applications the enterprise runs. The CIO and its team need to make sure they define both the high level policies and the actual budget that can be spent for DR matters.

In Depth: AWS IAM and VPC

One of the most important leading features that Amazon Web Services released on 2011 was the VPC. Together with the IAM (Identity Access Management)  It helps the enterprise to deploy a more secure and  robust environment inside the amazing AWS public cloud. Before the VPC, all the AWS computing nodes were exposed to the internet without the option to protect specific instances that include critical service and data. The security groups were a good tool to support security separation of instances though it was never enough and include a great amount of custom work. With VPC the public cloud consumer can create a private secured portion that easily communicate with the public resources. These slides present best practice on how to manage IAM and an example of VPC deployment with a secure integration with the  the on-premise resources.

Hitchhiker's Guide to The Cloud

Newvem's eBook for Cloud Operations