Module 13 - Backup and Recovery

Question 1

What are some disasters you can prepare for?

Answer 1

hardware or software failure, 
a network outage, 
a power outage, 
physical damage to a building, 
human error, 
or natural disasters

Question 2

What are the key components of a DR plan?

Answer 2

Testing - make sure your needs are being met

Resources - run your recovery path in prod and verify your resources are sufficient

Planning - establish recovery patterns and regularly test them

Question 3

What are the concepts related to availability?

Answer 3

High availability - minimizing downtime

Fault-tolerance - built-in redundancy of components

Backup

Disaster recovery - plan for instances, AZs, and Regions failing

Question 4

What is RPO?

Answer 4

Recovery Point Objective: the acceptable amount of data loss measured in time. E.g. 12 hours. The maximum acceptable amount of time since the last data recovery point.

Question 5

What is RTO?

Answer 5

Recovery time objective: the time it takes after a disruption to restore a business process to its service level, as defined by the operational level agreement (OLA)

Question 6

What do you need to consider in case of disaster?

Answer 6

Not just code and content (instances and storage) but also DNS entries, network firewall rules, and virtual machines or instances.

Question 7

What are the data backup options?

Answer 7

S3, S3 Glacier, EBS, Snowball, DataSync to EFS.

Question 8

How does auto-recovery of an EC2 instance work?

Answer 8

The instance will be rebooted (on new hardware if necessary), but it will retain its Instance ID, IP address, Elastic IP addresses, EBS volume attachments, and other configuration details. For the recovery to be complete, you’ll need to make sure that the instance automatically starts up any services or applications as part of its initialization process

Question 9

What should you do with your AMIs to prepare for disaster?

Answer 9

Configure and identify your own AMIs so that they can launch as part of your recovery procedure. They should be preconfigured with your OS of choice, plus the appropriate pieces of the application stack.

Question 10

How can you quickly modify network settings in a disaster?

Answer 10

Route 53 - includes global load balancing

ELB - You can pre-allocate your load balancer to identify its DNS name and simplify running your DR plan

Question 11

Ho can you back up your databases?

Answer 11

Global tables with DynamoDB are cross-region and have replicas.

RDS - share snapshots,

Question 12

What services speed up your recovery?

Answer 12

CloudFormation templates

implement an Image Builder pipeline that creates the AMIs you need.

Use scripts to start instances or provision other resources

Question 13

What is AWS Backup?

Answer 13

A fully-managed backup service. Helps you meet regulatory compliance obligations and meet business continuity goals.

Works with AWS Organizations across accounts and regions. Centrally deploys data protection policies to configure, manage, and govern your backup activity.

Question 14

What kinds of environments does AWS Backup support?

Answer 14

Hybrid - with Storage Gateway (compatible with EBS)

Cloud-native - via a console. Supports Amazon EBS, Amazon RDS, DynamoDB, Amazon EFS, Amazon FSx, Amazon EC2, and Storage Gateway

Question 15

What is in an AWS Backup plan?

Answer 15

A set of rules that define your backup. The rules include when to start the backups, the duration of the backup window, and the retention period.

Automated backup scheduling.

Uses tags to affect certain resources.

Question 16

What is a backup vault?

Answer 16

A container in which you organize your backups.

Set the AWS KMS encryption key used to encrypt backups in the vault.

Question 17

How can I implement a backup strategy across AWS accounts?

Answer 17

Use Organizations.

Question 18

What do the backup rules in the backup plan identify?

Answer 18

• When to begin a backup process
• The type of backup (full or incremental)
• Backup frequency
• The backup window (time of day)
• The Region
• The retention policy

Question 19

What does setting a backup lifecycle do?

Answer 19

The lifecycle defines and automates when a backup is transitioned to cold storage and when it expires

Question 20

What if I create a new resource? How do I add it to my backup plan?

Answer 20

Tag newly created resources with the backup plan key-value pair. The resource will automatically begin to be backed up according to the attributes defined in the plan.

Question 21

What are 4 recovery strategies?

Answer 21

• Backup and restore
• Pilot light
• Fully working low-capacity standby
• Multi-site active-active

Question 22

How does the backup and restore model work?

Answer 22

1) Prepare: take backups off current systems and store them in Amazon S3.
• Know which AMI to use or build your own as needed.
• Know how to restore systems from backups, how to switch to a new system, and how to configure the deployment.

2) Recover: retrieve backups from Amazon S3 and bring up your required infrastructure.
• Use CloudFormation to automate deployment of core networking.
• Next, restore system from backup, switch over to the new system, and adjust DNS records to point to AWS.

Question 23

How does the pilot light model work?

Answer 23

You replicate your data from one Region to another and provision a copy of your core workload infrastructure. Resources required to support data replication and backup, such as databases and object storage, are always on.

Other elements, such as application servers, are loaded with application code and configurations, but are switched off and are only used during testing or when disaster recovery failover is invoked.

Relatively inexpensive.

You replicate your regularly changed data often. Things you don’t change often like OS and applications can up updated infrequently and stored as AMIs.

Question 24

How does the low-capacity standby model work?

Answer 24

Low-capacity standby is an elevated version of the pilot light. It’s a warm, but scaled down copy of the production environment. Decreases time to recovery.

Allows for continuous testing using a “trickle” of traffic.

Question 25

How does multi-site active-active work?

Answer 25

A fully functional system running in AWS at the same time as the on-premises systems. Ready to take full production load. Higher cost, less downtime.

Question 26

What is CloudEndure?

Answer 26

A service to automate your backup and recovery.

1) Install the CloudEndure Agent on your selected source machines. That connects to a web-based user console
2) CloudEndure issues an API call to the target AWS Region to create a staging area in your account designated to receive the source’s replicated data
3) The replication servers receive data from the CloudEndure Agent running on your source machine and writes this data onto staging EBS volumes.
4) You configure a Target Machine Blueprint in the CloudEndure console.
5) When the target machines are launched, CloudEndure Migration spins up a temporary machine converter. It is responsible for modifying the target machine to be able to boot and run natively in AWS.

Question 27

Which DR model offers RTO in minutes at lowest cost?

Answer 27

Pilot light

Question 28

Which of the following are highly available resources by default?

Route 53
ELB
NAT Gateway
Direct Connect

Answer 28

Route 53

ELB

Question 29

What method will make an Amazon RDS database highly available?

Answer 29

Run a secondary copy of the database in another AZ.