07 - Module 7

Module: Business Continuity
Upon completion of this module, you should be able to:

• Describe business continuity and cloud service availability
• Describe fault tolerance mechanisms for cloud infrastructure
• Discuss data protection solutions
• Describe the key design strategies for cloud application
resiliency
© Copyright 2014 EMC Corporation. All rights reserved. Module: Business Continuity 1
Cloud Computing Reference Model
Business Continuity Cross-layer Function
Lesson: Business Continuity Overview
This lesson covers the following topics:
• Business continuity
• Cloud service availability
• Causes of service unavailability
• Impact of cloud service unavailability
• Key methods to achieve the required cloud service
availability
What is Business Continuity?
Business Continuity
BC entails preparing for, responding to, and recovering from service outage that
adversely affects business operations.
• BC enables continuous availability of cloud services in the event

of failure
– Helps to meet the required service level
• BC involves various proactive and reactive measures
• Disaster recovery is a part of BC, which coordinates the process
of restoring infrastructure, including data
– Required to support ongoing cloud services, after a disaster occurs
Cloud Service Availability
Cloud Service Availability
Refers to the ability of a cloud service to perform its agreed function according to
business requirements and customer expectations during its specified time of
operation.
• Service availability is based on the agreed service time and the
downtime
Service availability (%) = Agreed service time – Downtime
Agreed service time
(Agreed service time is the period where the service is supposed to be available)
Causes of Cloud Service Unavailability
• Application failure
– For example, due to catastrophic exceptions caused
by bad logic
• Data loss
• Infrastructure component failure
• Failure of dependent services
• Data center or site down
• Refreshing IT infrastructure
Impact of Cloud Service Unavailability
• Cost of • Unavailability of • Loss of revenue

unavailability of service also - Direct loss,
services is affects reputation compensatory
greater than ever - Customers, payments, future
- Outages could financial markets, revenue loss, and
cost millions of banks, and investment loss
dollars per hour business partners
Methods to Achieve Required Cloud Service
Availability
• Building resilient cloud infrastructure facilitates meeting the
required service availability
• Building resilient cloud infrastructure requires various high
availability solutions
– Implementing fault tolerance mechanisms
• Deploying redundancy at both cloud infrastructure component level and
site level to avoid single point of failure
– Deploying data protection solutions such as backup and replication
– Implementing automated cloud service failover
– Architecting resilient cloud applications
Lesson Summary
During this lesson the following topics were covered:
• Causes of service unavailability
• Impact of cloud service unavailability
• Methods to achieve the required cloud service availability
Lesson: Building Fault Tolerance Cloud
Infrastructure – 1
• Avoiding single points of failure
• Key fault tolerance mechanisms
Single Points of Failure
Single Points of Failure
Refers to any individual component or aspect of an infrastructure whose failure can

make the entire system or service unavailable.
• Single points of failure may occur at

– Component level (compute, storage, and network)
– Site or data center level
Avoiding Single Points of Failure
• Single points of failure can be avoided by implementing fault
tolerance mechanisms such as redundancy
– Implement redundancy at component level
• Compute
• Storage
• Network
• Implement multiple service availability zones

– Avoids single points of failure at data center (site) level
– Enable service failover globally
• It is important to have high availability mechanisms that enable
automated service failover
Implementing Redundancy at Component
Level Key techniques to protect compute
Clustering
VM live migration
Key techniques to protect network connectivity
Link and switch aggregation
NIC teaming
Multipathing
In-service software upgrade
Configuring redundant hot swappable components
Key techniques to protect storage
RAID and erasure coding
Dynamic disk sparing
Configuring redundant storage system components
Compute Clustering
Compute Clustering
A technique where at least two compute systems (or nodes) work together and are
viewed as a single compute system to provide high availability and load balancing.
• Enables service failover in the event of compute system failure

to another system to minimize or avoid any service outage
• Two common clustering implementations are:
– Active/active
– Active/passive
• Hypervisor cluster is a common clustering implementation in
cloud environment
Hypervisor Cluster
• Multiple hypervisors running on different systems are clustered
• Provides continuous availability of services running on VMs
even if a physical compute system or a hypervisor fails
– Typically a live instance (i.e., a secondary VM) of a primary VM is
created on another compute system
Virtual Machine Live Migration
• Running services on VMs are moved from one physical compute
system to another without any downtime
– Allows scheduled maintenance without any downtime
– Facilitates VM load balancing
Link and Switch Aggregation
• Link aggregation
– Combines links between two switches and
also between a switch and a node
– Enables network traffic failover in the event
of a link failure in the aggregation
– Enables distribution of network traffic across
links in the aggregation
• Switch aggregation
– Provides fault tolerance against switch and
link failures
– Improves node performance by providing
more active paths and bandwidth
NIC Teaming
NIC Teaming
A link aggregation technique that groups NICs so that they appear as a single, logical
NIC to the OS or hypervisor.
• Provides network traffic failover

in the event of a NIC/link failure
• Distributes network traffic
across NICs
• NICs within a team can be
configured as active and
standby
Multipathing
• Enables a compute system to use multiple
paths for transferring data to a LUN
• Enables failover by redirecting I/O from a
failed path to another active path
• Performs load balancing by distributing I/O
across active paths
– Standby paths become active if one or more
active paths fail
In-Service Software Upgrade (ISSU)
• Allows updating software on network devices (switches and
routers) without impacting the network availability
– Eliminates the need to stop the ongoing process on a device
– Ensures network availability as a result of a network device
maintenance or upgrade processes
• Typically requires a network device with redundant control
plane elements (supervisor or routing engines)
– This setup allows the administrator to update the software image
on one engine while the other maintains network availability
RAID and Dynamic Disk Sparing
• RAID
– Combines multiple drives into a logical A1 A2 AP AQ
unit called a RAID set B1 BP BQ B2
– Provides data protection against drive CP CQ C1 C2
failure
RAID 6 -Dual Distributed Parity
• Dynamic disk sparing
– Automatically replaces a failed drive
with a spare drive to protect against
data loss
– Multiple spare drives can be configured
to improve availability
Erasure Coding
• Provides space-optimal data redundancy to protect data loss
against multiple drive failure
– A set of n disks is divided into m disks to hold data and k disks to
hold coding information
– Coding information is calculated from data
Storage Resiliency Using Mirrored LUN
• Mirrored LUN is created using
virtualization appliance
– Each I/O to the LUN is mirrored to the
LUNs on the storage systems
– Mirrored LUN is continuously available
to the compute system
• Even if one of the storage systems is
unavailable due to failure
Lesson Summary
• Single points of failure
• Clustering and VM live migration
• Aggregation and multipathing
• In-service software upgrade
• RAID, erasure coding, and dynamic drive sparing
• Storage resiliency using mirrored LUN
Lesson: Building Fault Tolerance Cloud
Infrastructure – 2
• Service availability zone
• Automated service failover across zones
• Active/passive and active/active zone configurations
• Live migrations across zones using stretched cluster
Service Availability Zones
• A service availability zone is a location with its own set of
resources and isolated from other zones
– A zone can be a part of a data center or may even be comprised
of the whole data center
• Enables running multiple service instances within and across zones to
survive data center or site failure
• In the event of outage, the service should seamlessly failover across
the zones
• Zones within a particular region are typically connected through

low-latency network
– Enables faster cloud service failover
Automated Service Failover Across Zones
• Automated service failover
– Ensures robust and consistent failover
– Enables to meet stringent service levels
• Reduces RTO
• Automated failover process primarily depends on:

– Replication across zones
– Live migration with stretched cluster (zones in different remote
locations)
– Reliable network infrastructure between zones
• Zones can be configured as active/passive and active/active
configuration
Active/Passive Zone Configuration
Active/Active Zone Configuration
VM Migration Across Zones Using Stretched
Cluster
Lesson Summary
• Service availability zones
• Active/passive and active/active zone configurations
• VM migration across zones using stretched cluster
Lesson: Data Protection Solution – Backup
• Backup and recovery
• Backup requirements in a cloud environment
• Guest-level and image-level backup method
• Backup as a Service
• Backup service deployment options
• Deduplication for backup environment
Data Protection Overview
• Protecting critical data ensures availability of services
– Seamless service failover requires the availability of data
• Businesses also implement data protection solutions in order to
comply with regulatory requirements
• Individual services and associated data sets have different
business values, require different data protection strategies
• Two common data protection solutions:
– Backup
– Replication
Introduction to Backup and Recovery
Backup
An additional copy of production data, created and retained for the sole purpose of
recovering lost or corrupted data.
• RPO and RTO are the primary considerations in selecting and

implementing a specific backup strategy
– RPO specifies the time interval between two backups
– RTO relates to the time taken to recover data from backup
• RTO influences the type of backup target that should be used
• To implement a successful backup and recovery solution

– Service providers need to evaluate the backup methods along with
their recovery considerations and retention requirements
Backup Requirements in a Cloud Environment
• Backup requires integration between backup application and
management server of virtualized environment
• Backup requirements may differ from one service to another
based on RTO and RPO
– Requires well-defined backup strategies to meet the requirements
• Recovery requires file level and/or full VM recovery
• Huge volume of redundant data in the backup environment
– Large number of VMs having identical data and configurations
• Backup and recovery operations need to be automated
Key Backup Components
• Backup client
– Gathers the data that is to be backed up
– Sends the data to the storage node
• Backup server
– Manages backup operations
– Maintains backup catalog
• Storage node
– Responsible for writing data to backup device
• Backup device (backup target)
– Tape library, disk library, and virtual tape library
Backup Targets
Backup Targets Description
Tape Library • Tapes are portable and can be used for long term offsite storage
• Must be stored in locations with a controlled environment
• Not optimized to recognize duplicate content
• Data integrity and recoverability are major issues with tape-based backup media
Disk Library • Enhanced backup and recovery performance
• Disks also offer faster recovery when compared to tapes
• No inherent off-site capability, and is dependent on additional technologies such as
replication to comply with off-site requirements
• Disk-based backup appliance includes features such as deduplication, compression,
encryption, and replication to support business objectives
Virtual Tape Library • Disks are emulated and presented as tapes to backup software
• Does not require any additional modules or changes in the legacy backup software
• Provides better performance and reliability over physical tape
• Does not require the usual maintenance tasks associated with a physical tape drive,
such as periodic cleaning and drive calibration
Backup Methods
• Two key backup methods:
– Guest-level
– Image-level
Guest-level Backup
• Backup agent is installed on each VM
– Performs file-level backup and recovery
– Does not backup VM configuration files
• Performing backup on multiple VMs on a compute system may
consume more resources and lead to resource contention
– Impacts performance of applications running on VMs
A A
A = Backup Agent
Application Servers Backup Server/ Backup Device

Storage Node Module: Business Continuity
© Copyright 2014 EMC Corporation. All rights reserved. 41
Image-level Backup
• Creates a copy of the entire virtual disk and configuration data
associated with a particular VM
– Backup is saved as a single entity called a VM image
• Provides VM image-level and file-level recovery
– No backup agent is required inside the VM to backup
– Backup processing is offloaded from VMs to a proxy server
A Proxy
Server
Create Mount the

Snapshot Snapshot Backup
VM Snapshot
Application FS Volume Backup Device

Servers
Backup as a Service
• Enables consumers to procure backup services on demand
– Provides offsite backup for consumer desktops, laptops, and
application servers
– Backs up data to the cloud storage
• Reduces the backup management overhead
– Transformation from CAPEX to OPEX
– Pay-per-use/subscription-based pricing
• Gives consumers the flexibility to select a backup technology
based on their current requirements
Backup Service Deployment Options
Local - Suitable when a cloud service provider already hosts consumer applications and data
Backup Service
- Backup service is offered by the provider to protect consumer’s data
- Backup is managed by the service provider
Replicated - Service provider only manages data replication and IT infrastructure at disaster
Backup recovery site
Service
- Local backups are managed by consumers
Remote - Service provider receives data from consumers

Backup Service
- Backup is managed by the service provider
Drivers for Optimizing Backup
Introduction to Data Deduplication
Data Deduplication
The process of detecting and identifying the unique data segments within a given set
of data to eliminate redundancy.
• Deduplication process
– Chunk the data set
Deduplication
– Identify duplicate chunk
– Eliminate the redundant chunk
After Deduplication
Unique segments = 3
Before Deduplication
Total segments = 39
Deduplication Granularity Level
• File-level deduplication
– Detects and removes redundant copies of identical files
– Only one copy of the file is stored; the subsequent copies are
replaced with a pointer to the original file
• Does not address the problem of duplicate content inside the files
• Sub-file level deduplication

– Breaks files down to smaller segments
• Detects redundant data within and across files
– Two methods:
• Fixed-length block
• Variable-length block
Deduplication Method
• Source-based deduplication
– Eliminates redundant data at the source (backup client)
– Client sends only new, unique segments across the network
– Reduces storage and network bandwidth requirements
– Increases overhead on the backup client
• Target-based deduplication
– Offloads deduplication process from the backup client
– Data is deduplicated at the target either inline or post-process
Lesson Summary
• Backup requirements in a cloud environment
• Guest-level and image-level backup methods
• Backup as a Service
• Backup service deployment options
• Source-based and target-based deduplication
Lesson: Data Protection Solution-Replication
• Replication and its types
• Snapshot and mirroring
• Synchronous and asynchronous remote replication
• Continuous Data Protection (CDP)
• Disaster Recovery as a Service (DRaaS)
Introduction to Replication
Replication
Process of creating an exact copy (replica) of the data for ensuring availability of
services.
• Replica copies are used to restore and restart services if data

loss occurs
– Based on the SLA for the service being offered to the consumers,
data can be replicated to one or more locations
• Replication can be classified
– Local replication
– Remote replication
• Synchronous and asynchronous
Local Replication: Snapshot
• A virtual copy of a set of files, or volume as they appeared in a
particular PIT
– Provides the ability to restore the files or volumes if there is a data
loss or corruption
• Virtual machine snapshot is a common snapshot technique,
that preserves the state and data of a VM at a specific PIT
– When a snapshot is created, a child virtual disk (delta disk file) is
created from the base image or parent virtual disk
– Successive snapshots generate a new child virtual disk from the
previous child virtual disk
– Snapshots hold only changed blocks
Local Replication: Mirroring
Remote Replication: Synchronous
• Write is committed to both the source and the remote replica before it
is acknowledged to the compute system
• Ensures that the source and the replica have identical data at all times
– Provides near zero RPO
Compute 1. Compute system writes data to source.

System
2. Data from source is replicated to replica
(target).
3. Target acknowledges back to source.
1 4 4. Source acknowledges write complete to the
compute system.
2
Storage Storage
(Source) (Replica)
3
Primary Zone Secondary Zone
(Source site) (Remote Site)
Remote Replication: Asynchronous
• A write is committed to the source and immediately
acknowledged to the compute system
– Data is buffered at the source and transmitted to the remote site
later
– Replica will be behind the source by a finite amount (finite RPO)
Compute 1. Compute system writes data to source.

System 2. Write is immediately acknowledged to
compute system.
3. Data is transmitted to the replica (target).
1 2 4. Target acknowledges back to source.
3
Storage Storage
(Source) (Replica)
4
Primary Zone (Source Site) Secondary Zone (Remote Site)
Advanced Replication Solution: CDP
• Provides the ability to restore data to any previous PIT
– Enables to meet the required recovery level for an application
• Data changes are continuously captured and stored in a
separate location from the production data
• Supports both local and remote replication
– To meet operational and disaster recovery respectively
Key CDP Components
• Journal volume
– Contains all the data that has changed from the time the
replication session started to the production volume
• Journal size determines how far back in time the recovery points can go
• CDP appliance
– Intelligent hardware platform that runs the CDP software
• Manages both the local and the remote replications
• Write splitter
– Intercept writes to the production volume from the compute
system and splits each write into two copies
• Can be implemented at the compute, fabric, or storage system
CDP Operations: Local and Remote Replication
Replication Use Case: DRaaS
• Service provider offers resources to enable consumers to run
their IT services in the event of a disaster
– Resources at the service provider location can be dedicated to the
consumer or they can be shared
• Replication is a key technique used by the service provider in
order to offer DRaaS to the consumers
• Service provider should design, implement, and document a
DRaaS solution specific to the customer’s infrastructure
DRaaS – Normal Production Operation
• IT services run at the consumer’s production data center
• Replication occurs from the consumer production environment
to the service provider’s data center over the network
– Data is usually encrypted while replicating to the provider’s
location VM instances are
not allocated
Network
Storage
Compute Systems Storage Replication

Cloud Service Provider
Consumer Production Data Center
DRaaS – Business Disruption
• Business operations failover to the provider’s infrastructure in
the event of a disaster at consumer’s data center
– Users at the consumer organization are redirected to the cloud
• Typically VM instances are created from a pool of compute
– Connect replicated storage to each of the newly activated VMs
VM instances are
invoked to run
the service
Disaster
Network
Compute Systems Storage

Cloud Service Provider
Consumer Production Data Center
Lesson Summary
• Synchronous and asynchronous remote replication
• Continuous Data Protection
• Disaster Recovery as a Service
Lesson: Application Resiliency for Cloud
• Resilient cloud application
• Key design strategies for application resiliency
• Monitoring applications for availability
Resilient Cloud Applications Overview
• Cloud applications have to be designed to deal with IT
resources failure to guarantee the required availability
• Fault resilient applications have logic to detect and handle
transient fault conditions to avoid application downtime
• Key application design strategies for improving availability
– Graceful degradation of application functionality
– Retry logic in application code
– Persistent application state model
– Event-driven processing
Graceful Degradation
• Application maintains the limited functionality even when some
of the modules or supporting services are not available
– Unavailability of certain application components or modules should
not bring down the entire application
• For example, an e-commerce site can continue to collect orders
even if its payment gateway is unavailable
– Provides the ability to process orders when the payment gateway
is once again available or after failing over to a secondary gateway
Fault Detection and Retry Logic
• Refers to a mechanism that implements a logic in the code of
an application to improve the availability
– To detect and retry the service that is temporarily down
• May result in successful restore of service
• A retry strategy must be defined to state how many retries can

be attempted before deciding the fault is not transient
• A successful retry attempt typically goes unnoticed to the
application users
Persistent Application State Model and Event-
driven Processing
• Persistent application state model
– Application state information is stored out of the memory
• Stored in a data repository
– If an instance fails, the state information is still available in the
repository
• Asynchronous event-driven processing
– Applications are written in a way to process the user request from
a queue asynchronously instead of synchronous call
• Allows multiple applications instances to process requests
• If an instance is lost, the impact is minimal
Monitoring Application Availability
• Specialized tools provide the capability to monitor the
availability of application instance that runs on VMs
– Minimizes downtime associated with the application failure
– Typically this tool is integrated with VM management software
• When there is an error or failure in an application
– The tool attempts to restart the application within the VM
– If the application does not restart successfully, the tool
communicates to VM management software
• VM management software in turn automatically restart the VM
Lesson Summary
• Graceful degradation of application functionality
• Retry logic in application code
• Persistent application state model
• Event-driven processing
• Monitoring application availability
Module Summary
Key points covered in this module:
• Fault tolerance mechanisms for cloud infrastructure
• Backup and deduplication
• Local and remote replication
• Fault resilient cloud application design strategies

07 - Module 7

Uploaded by

Copyright:

Available Formats

07 - Module 7

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

07 - Module 7

Uploaded by

Copyright:

Available Formats

Module: Business Continuity

Upon completion of this module, you should be able to:

• BC enables continuous availability of cloud services in the event

Service availability (%) = Agreed service time – Downtime

Agreed service time

• Cost of • Unavailability of • Loss of revenue

Refers to any individual component or aspect of an infrastructure whose failure can

• Single points of failure may occur at

• Implement multiple service availability zones

• Enables service failover in the event of compute system failure

• Provides network traffic failover

unit called a RAID set B1 BP BQ B2

– Provides data protection against drive CP CQ C1 C2

• Zones within a particular region are typically connected through

• Automated failover process primarily depends on:

• RPO and RTO are the primary considerations in selecting and

• To implement a successful backup and recovery solution

Application Servers Backup Server/ Backup Device

Create Mount the

Application FS Volume Backup Device

Remote - Service provider receives data from consumers

• Sub-file level deduplication

• Replica copies are used to restore and restart services if data

Compute 1. Compute system writes data to source.

Compute 1. Compute system writes data to source.

Compute Systems Storage Replication

Compute Systems Storage

• A retry strategy must be defined to state how many retries can

You might also like