Best Practices for Backup and Recovery: Windows Workload on AWS

©2015,  Amazon  Web  Services,  Inc.  or  its  affiliates.  All  rights  reserved

Backup and Recovery for Windows workloads on AWS

Rich Uhl

Enterprise Solutions Architect

Terminology Archiving

Long term retention of data, generally for legal, compliance or regulatory requirements. Details often determined by business or industry.

Disaster Recovery Disaster Recovery (DR) enables the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster.

Backup and Restore Backup, or the process of backing up, refers to the copying and archiving of computer data to restore the original after a data loss event.

History of backup and recovery

•  Poor funding for backup systems •  Organizational dynamics

•  No clear ownership •  Focused on backup not recovery

•  Bad experiences determine changes •  Backup systems change slowly

•  Always try to work with existing platforms •  Equipment lifecycle

•  Data lifecycle is longer than equipment lifecycle

No one cares about backups. Everyone cares about recovery.

Operating System

Backup Agent

Data

Backup Master

Backup Database

Media Server Media

Hypervisor

Backup Agent

Guest Guest Guest

Network

Off Site

Configuration & Metadata

Data

Data

Data

Data Center backup software platform

Remote and branch office backups

Clients

Field Office Internet

Home Office Client

Hotel Client

Airport Client

Coffee Shop Client Data Center

Amazon WorkSpaces

Amazon WorkDocs

Backup and recovery challenges •  Data growth spiraling out of control •  Challenges with backup windows •  Technology, process and people don’t scale •  Prediction of storage needs •  Bandwidth / WAN constraints for remote and branch offices •  RPOs / RTOs can be difficult to achieve •  Backup and archive HW + SW is expensive •  Tape is unreliable, cumbersome, error prone, with low durability •  Off-site vaulting

Days or Weeks

Value of backups on AWS

Metered usage: Pay as you go

No capital investment No commitment

No risky capacity planning

Avoid Opex and risks of physical media

handling

Control your geographic locality for

performance and compliance

11 Regions

28 Availability Zones

Select the regions that meets you business needs

AWS global infrastructure

Backup and restore service mapping

EBS Snapshot

Virtual Tape Library

S3 Bucket

Volume Snapshot

Tape Library

Your Data Centers

Online Repository

S3 Bucket

Glacier archive

S3 region replicas

AWS Marketplace 3rd Party

Regional Archives

Offline Tape Media

Online Tape Media

Storage and archive options

Simple  Storage  Service  (S3)  Highly  scalable  object  storage  

Up  to  5  TB  in  size  99.999999999%  durability  

Elas4c  Block  Store  (EBS)  High-performance block storage

Up to 16 TB in size Mount as drives with snapshot

functionality

Amazon  Glacier  Long-­‐term  object  archive  

Extremely  low  cost  per  gigabyte  99.999999999%  durability  

Very fast ‘instance’ disks

Fast Web object storage

Slow, Rare access

Built-in redundancy designed for

99.999999999% durability

Store backups in Amazon S3

Internet-scale storage grow without

limits

Benefit from AWS’s massive security

investments

Low price per GB per month No commitment No up-front cost

Long term backup retention in Glacier

Stop managing physical media

Amazon Glacier has lower cost than

Amazon S3 with the same durability

Amazon Glacier is optimized for

infrequent retrieval

Data transfer mechanisms

AWS Direct Connect Dedicated connectivity

to AWS Edge Locations

AWS Import/Export Data transfer using portable disk drives

Transfer data in a secure SSL tunnel

over the public Internet

S3 and Glacier Backup Master

Backup Database

Media Server

Media

Amazon S3

WAN

Bou

ndar

y

Amazon Glacier

or

Client

Client

HTTPS

HTTPS

HTTPS

AWS Storage Gateway

Backup Master

Backup Database

Media Server

Media

Amazon S3

AWS Storage Gateway

cached

volume

virtual tape library

VTL

WAN

Bou

ndar

y

Caching disk

Amazon Glacier

iSCSI

Hybrid cloud backup

VPC – Datacenter #4

Single GUI for Management

Branch office backup to cloud

Considerations: •  Backup software •  Storage / caching gateway •  WAN or internet •  Deduplication •  Compression •  Encryption •  WAN acceleration

Core data center backup to cloud

Considerations: •  Backup software •  Storage / caching gateway •  DirectConnect or internet •  Telco burst models •  Deduplication •  Compression •  Encryption •  WAN acceleration

Cloud backup inside AWS Applications running on EC2 backing up to S3 / Glacier

Considerations: •  Backup software •  Encryption •  Deduplication •  Compression •  Native S3 and Glacier

integration •  AMI backup appliance

•  AMI = Golden Master •  EBS snapshot + scripting

Recovery Solutions

Common Recovery Architectures

Backup and

restore Pilot light

Warm standby

Multi-site

Backup and restore (into AWS)

On-site infrastructure

S3 Bucket

Over the Internet

AWS Import/Export & AWS Storage

Gateway

AWS region

Corporate data center

Using AWS Direct

Connect

Availability Zone

Amazon EC2

Amazon S3 bucket

Backup and

restore

Pilot light architecture

Pilot light

www.example.com

Data Mirroring/ Replication

Not Running

Database

Server

Data Volume

Corporate data center

Web

Application Server

Master Database Server

Pilot light architecture – Failover

Pilot light

Not Running

Database Server

Data Volume

Corporate data center

Web

Application Server

Master Database Server

www.example.com

Application Server

Web Server Server

Warm standby architecture

Warm standby

Data Mirroring/ Replication

Application Data

Source Cut Over

Elastic Load

Balancer

Active Production

Amazon Route 53

www.example.com

Corporate data center

Data Volume

Application Server

Slave Database Server

Web

AWS region

Web

Application Server

Master Database Server

Non Production Traffic

Warm standby architecture – Failover

Warm standby Elastic

Load Balancer

Active Production

Amazon Route 53

www.example.com

Corporate data center

Data Volume

Application Server

Slave Database Server

Web

AWS region

Web

Application Server

Master Database Server

Windows OS backup and recovery

•  System backup to a dedicated EBS volume •  Periodic snapshots of EBS volumes

•  Leverage AMI’s for everything you can •  OS snapshot -> EBS snapshot via PowerShell

•  VSSAdmin •  Code as recovery •  VM Import as a backup of an existing VM •  AWS CLI and developer tools •  AWS Management Portal for vCenter •  AWS Systems Manager for Microsoft System Center VMM

Microsoft Active Directory

•  AWS Directory Service •  AD Connector •  Simple AD

•  Native directory options •  Connect your Microsoft Active Directory to AWS cloud •  Extend you AD into AWS

•  Integrate with your existing RADIUS-based MFA infrastructure

•  AD in multiple AZ’s •  Refer to AWS AD whitepaper

Microsoft SQL Server

•  Amazon RDS for SQL Server •  Fully managed backups

•  EBS volume with SQL dumps •  Snapshot of EBS volumes

•  Import your data •  Import & Export wizard •  Bulk copy •  3rd party and marketplace offerings

Partner backup offerings •  Symantec NetBackup & Backup Exec •  Microsoft Data Protection Manager 2012 R2 •  Others

AVAILABLE IN

Summary

•  Use managed services •  Leverage partner ecosystem

•  Marketplace and consulting partners

•  Code as a recovery mechanism •  Backup only what is necessary

©2015,  Amazon  Web  Services,  Inc.  or  its  affiliates.  All  rights  reserved

Questions