Disaster Recovery Flashcards

1
Q

GCP Basics of DR planning: metrics

A

Recovery Time Objective (RTO)
-Max acceptable lenfth of time that application can be offline
Recovery Point Objective (PTO)
-Max acceptable length of time during whichdata might be lost from your application
- varies by data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Cost relationship to RTO & RPO

A

Lower RTO/RPO = Higher cost

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Tradinional DR Requirements

A

Capacity -securing enough resources to scale as needed
Security - providing physical security to protect assets
Network Infrastructure -including firewalls and load balancers
Support -Human resources to maintain hardware
Bandwidth - planning suitable bandwidth for peak load
Facilities - ensure physical infrastructure: equipment and power/AC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Cloud features relevant to DR

A

Global Network - global computer network: software defined and edge cachine services deliver fast, consistent and scalable performance
Redundancy- Global Point Of Presence -> strong redundancy. Storage automatically mirrored across locations
Scalability - Scalable services
Security -
Compliance - Regular third party audits to verify alignment with
* security
* privacy
* compliance regulations
* best practies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

DR Patterns

A
  1. Cold
  2. Warm
  3. Hot
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cold DR Pattern

A
  • No Standby
  • Manual start up
  • App down until remediation is completed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Warm DR Pattern

A
  • Stand by Active / Passive
  • manual switch to stand by
  • App down until switch is completed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Hot DR Pattern

A
  • Active/Active
  • Automatic load sent to healthy zone/region
  • No application Downtime
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

DR Detailed Plan

A
  1. Design according to your recovery goals
  2. Design for end-to-end recovery
  3. Make your tasks specific
  4. Make your tasks specific
  5. Preparing your software
  6. Design continuous deployment for recovery
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

DR Security and compliance controls

A

Validate VPCs Firewalls
Least privilege
service accounts as part of firewall rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Ways to synchronize permissions between environmentsLink

A

Replicate IAM policies - Use IAC methods Cloud Deploy Manager
on-prem to cloud - Map functional rules to IAM policies with appropriate IAM roles
Configure IAM policies to grant appropriate premissions to products
OTher cloud to GCP - map permissions in provider’s IAM policies to GCP IAM policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Compute and Storage:
Compute Engine

A
  • Scalable compute resources
  • Predefined and custom machine types
  • Fast boot times
  • Snapshots
  • Instance templates
  • Managed instance groups
  • Reservations
  • Persistent disks
  • Live migration
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Compute and Storage:
Cloud Storage

A
  • Highly durable object store
  • Geo-redundant storage
  • Storage classes
  • Object lifecycle management
  • Data transfer from other sources
  • Encryption at rest by default
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Compute and Storage:
Cloud Storage

A
  • Managed environment for deploying and scaling containerized applications
  • Node auto-repair
  • Liveness and readiness probes
  • Persistent volumes
  • Multi-zone and regional clusters
  • Command-line tool for managing cross-regional clusters
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

GCP DR Building Blocks: Compute Engine

A

Compute Engine: delete protection flag
Instance template save config details of VM and create new instances
instance template from custom image or existing VM
Managed instance groups
Reservations Create reservations in your DR target zone to avoid not having capacity on demand [Link]
Persistent disks and snapshots
Persistent disks- durable network storage devices, independent of instances.. detach and move to keep data after instances are deleted
Persistent disks zonal or regional depending on HA otions
Live Migration
Virtual Disk Import Tool import VMDK, VHD and Raw. Same configuration as on-prem VM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
A

Cloud Data Dashboard
Cloud Monitoring:
Deployment Manager - Lets you define cloud environment in a set of templates

17
A

Cloud Interconnect provides several options to connect to Google and Google Cloud:
**Cloud VPN

enables the creation of IPsec VPN tunnels between a Google Cloud VPC network and target network.
Traffic traveling between the two networks is encrypted by one VPN gateway, then decrypted by the other VPN gateway.
*HA VPN enables you to create high-availability VPN connections with a SLA of 99.99%, plus a simplified setup compared to creating redundant VPNs.
**Direct peering**
*provides minimal network hops to Google’s public IP addresses. You can use direct peering to exchange internet traffic between your network and Google’s edge points of presence (PoPs).
**Dedicated Interconnect** provides a **
direct physical connection
between your on-premises network and Google’s network.
*It provides an SLA along with more consistent throughput for large data transfers. Circuits are either 10 Gbps or 100 Gbps and are terminated at one of Google’s colocation facilities. With larger bandwidth, you can reduce the time it takes to transfer data from on-premises to Google Cloud. The following table illustrates the speed gains when upgrading from 10 Gbps to 100 Gbps.

18
Q

Transfer method Diagram

A
19
Q

Maintaingin images consistency across hybrid environments

A

*If a fully configured image is required, consider something like Packer, which can create identical machine images for multiple platforms.
*As another option, you can use configuration management tools such as Chef, Puppet, Ansible, or Saltstack to configure instances with finer granularity, creating base images, minimally-configured images, or fully-configured images as needed. For a discussion of how to use these tools effectively, see Zero-to-Deploy with Chef on Google Cloud.

20
A

Data Backups
Database backups