Building a disaster recovery plan for private cloud

One of the most persistent and baseless misconceptions about private cloud is that companies don’t need a disaster recovery (DR) plan for their business applications.

Yes, private clouds are built with high availability to maximise up-time. But that doesn’t mean they’re immune to failure.

Whether the private cloud they’re using is hosted in their data centre or at a service provider offering them infrastructure as a service (IaaS), platform as a service (PaaS), or completely managed services, there’s a chance each can fail. The tipping point might come in the form of a cybersecurity threat like ransomware or malware, an equipment failure or even a natural disaster, like a flood.

And with recent research finding around 75% of enterprise workloads will continue to live in the private cloud, it is essential companies have a backup plan. No matter what its private cloud infrastructure looks like, businesses need a DR plan in place to guard against these risks.

Beyond the typical requirements of an effective DR plan, private cloud DR can present additional challenges. To address them, DR for the private cloud should have the following.

Seamless network transition

Regardless of whether a company is operating from its private cloud or its DR environment, the user experience should be completely seamless. No matter where an IP address travels, users shouldn’t be able to tell if the company is running at a different site.

What makes this so difficult to achieve is networking. Without the proper connectivity, a recovery environment might not be able to deliver the same application and workload performance users expect.

Companies would be wise to select a third-party provider that helps to ensure its customers have access to a globally available Software Defined Network (SDN) that delivers on-demand, scalable, and secure connectivity to leading cloud providers and top-tier data centres around the world.

Easily replicable backups

If a company’s backups are in its main production environment, but it starts running out of its recovery site, how does it recover these backups at its new location?

Like with the network transition, the goal here is that users will never know the difference between production and recovery. The ideal DR plan for private cloud enables replication and restore of backup data in a recovery site so businesses don’t miss a beat.

Granularity of control

Companies should have the ability to declare a disaster on their own, rather than be at the mercy of their provider. But it goes further than that – businesses should also be looking for the granularity within this control.

Crucially, companies should be able to declare a disaster without its entire site going down. For example, if a single database is corrupted, it’s important a company can declare a disaster for just that database. Or, if it is running 100 virtual machines (VMs) and declare a disaster but want 20 of those VMs to go to a particular DR site, it should have that capability as well.

It is also worth noting that some of the features and capabilities a company has in private cloud doesn’t necessarily match those in their recovery environment. Businesses therefore need to keep in mind exactly what services its private cloud provider offers.

So, in addition to knowing what DR for private cloud must include, business leaders and IT teams must also consider two main elements based on dependency on the infrastructure they’ve selected. They are the following:

Post-recovery management

Many private cloud providers are more than capable of taking care of a company’s recovery. However, it’s the “Day 2” management – what happens after it recovers – that businesses need to be concerned about.

Companies must consider if the private cloud vendor is capable of handling post-recovery management and if it is contractually covered to run at a DR site and receive the same service from all partners.

Companies must know where their provider’s capabilities end and what else they’ll need in place to manage the recovery environment.

Available controls

The controls a company has on its private cloud may be different than the controls it has on its recovery target.

For example, running your private cloud in a provider’s data centre may give you complete control of the stack. However, if you recover to a public cloud, you only have control from the operating system and above, meaning you’ve lost two layers of control. Organisations must make sure they know what controls are available to them.

It’s all in the detail

Private clouds are built with high availability in mind, but that doesn’t mean businesses can afford to overlook DR.

Often, incidents such as infrastructure failures, regional disasters, cyberattacks, or even fires – like the one that consumed OVHcloud’s SBG2 data centre in Strasbourg, France – occur outside a private cloud provider’s control. Each layer of a private cloud stack is subject to various elements of failure, making DR essential.

Companies need a DR plan tailored to their specific private cloud infrastructure, one that factors in how they can minimise disruption for users and ensure they have every element covered.

Related Articles

Top Stories