Zerto In-Cloud for AWS – Part One
Adoption of the public cloud is growing exponentially, and with this growth comes the need for technologies that go beyond traditional backup and disaster recovery. Cloud adoption is centered around ensuring the availability of the application. Public cloud providers offer users access to services that make up their application and run on their IT resources through a shared responsibility model. These services are hosted in multiple data centers across a geographic region. While cloud architects are able to design applications to operate as highly available, they can be resource intensive, costly, and difficult to manage and monitor.
What happens if a region goes down? In AWS, availability zones (AZs) are the multiple physical data centers within a particular region. These data centers are interconnected with high-bandwidth, low-latency networking that is fully hardware redundant and typically geographically close (about 60 miles) to each other. While this offers protection locally within a region, it does not offer protection from regional disruption. Cross-region protection with native tools can be a challenge, for instance, if you are using AWS Snapshots, it is recommended to copy the snapshots and Amazon Machine Images (AMIs) between regions as part of a separate manual or scripted process that you design. In doing so, you are slowing down your recovery time from a failure.
Additional challenges then arise in managing and monitoring the protection status, testing capabilities, and orchestration. This can be difficult if there are multi-instance dependencies, these also need to be taken into consideration, especially if you’re not able to group dependencies together simply or have consistency in recovery point timestamps across disks.
The key to successful cloud adoption and digital transformation is the ability to monitor, manage, protect, and recover data applications within public cloud providers like AWS, using purpose-built disaster recovery technologies native to the public cloud provider.
Why Zerto for Amazon EC2 Workloads
Zerto, a Hewlett Packard Enterprise company, can help. Zerto In-Cloud for AWS is ideal for protecting EC2 workloads because it provides the orchestration needed for the native protection capabilities built into the AWS platform. Managed through a simple interface, Zerto In-Cloud for AWS gives users the ability to experience failover tests, initiate a live failover, and recover thousands of EC2 instances across regions and availability zones.
The Zerto In-Cloud solution takes an application-centric approach, giving users the ability to logically select all EC2 instances that make up a particular application. This protects groups of instances as single logical entity and recovers them together to meet or greatly reduce application downtime in case of a disaster. The ability to test failovers frequently and non-disruptively in an isolated environment provides users with confidence in creating a recovery workflow and enabling them to set clearer expectations for stakeholders.
Overall, this solution addresses the challenges of disaster recovery in AWS by providing:
- Simple implementation, configuration, and management
- A flexible way to manage your disaster recovery, aligning with existing solutions and automation workflows
- Integrates with CloudWatch enabling DR operations & resources to be monitored alongside all other AWS resources
- Effortless scale to protect thousands of EC2 instances and petabytes of data without agents and without additional replication appliances
- Global region coverage enables protection to, from, and between 17 major regions and zones around the world, which supports disaster recovery from one-to-many regions (up to 3 targets simultaneously)
- Visibility to monitor performance and protection of all your Zerto-protected environments from a single user interface with Zerto Analytics
Managing Zerto In-Cloud for AWS
The Zerto In-Cloud Manager is the management interface of Zerto In-Cloud. What makes it unique is how lightweight and efficient it is. It leverages native AWS services, which is in part makes the service resilient. The Zerto In-Cloud Manager can be deployed in any region, adding a layer of resilience to a regional or zonal outage that may affect protected workloads and your recoverability. All data in the Zerto In-Cloud is backed by its highly available NoSQL database service from AWS, DynamoDB. This means that if the appliance itself were compromised or disrupted, it could be redeployed and reconnected to the database, which itself can be backed up and replicated to another region for more recoverability options.
Architecturally, the Zerto In-Cloud Manager is Linux-based, making it immune to vulnerabilities generally associated and designed to affect Windows servers while reducing licensing costs. It takes advantage of an elastic architecture built on top of Docker, which means every component in the Zerto In-Cloud Manager is containerized.
Key components of the Zerto In-Cloud Manager:
- Keycloak is deployed for authentication and includes functionality, such as multi-factor authentication support and role-based access controls, giving users a granular level of control over who accesses the solution.
- Traefik is a cloud-native application proxy. We mainly leverage it for its simplicity for reverse proxy operations and networking with the various containers within the Zerto In-Cloud Manager.
- NGINX is used to provide the web-based graphical user interface, which looks just like the other Zerto products, maintaining familiarity and eliminating the need to learn another user interface.
At any time, updates and new functionality can be added to Zerto In-Cloud for AWS and its components without disruption, so users know that they always have the most recent stable releases.
Zerto In-Cloud tackles challenges as a single, lightweight disaster recovery solution built in and for AWS. We’ve detailed the inner workings of the Zerto In-Cloud Manager, an easily deployed, containerized management interface endowing users with the power to logically group and failover (both as a test and live) their EC2 instances as a single cohesive application.