In my previous post, Applying a Multicloud Strategy to Get Cloud Smart with Oracle Government Cloud,I discussed multicloud strategies with Oracle Government Cloud. One of the strategies to multicloud is disaster recovery. It’s timely that the conversation of high availability and disaster recovery also occurred recently as a topic of conversation with a customer of mine. In a 60-minute Zoom call with the customer, we addressed their requirements and came up with a plan to make their application highly available and create a disaster recovery plan.
If you’re already familiar with Oracle Government Cloud, then you’re familiar with the disaster recovery options. The combination of high-availability with disaster recovery allows you to run your applications with peace of mind.
By using the inherent capabilities of the Oracle Government Cloud, you spend less time worrying about failures, outages, and ‘keeping the lights on.’ You can instead turn your focus to improving your applications, enriching application features, and overall providing the best possible experience for your users.
Although recovery time objectives (RTOs) and recovery point objectives (RPOs) are important, I’m not going to bore you and repeat this information here. In fact, the RTOs and RPOs didn’t come up during my conversation with the customer. The conversation focused on capability and how to design for high availability and disaster recovery with the Oracle Government Cloud capabilities. We discussed the following list of topics, and they might help you make wise decisions for your disaster recovery plans.
I receive this question the most often. If you had “What is a failure domain?” then you have the daily double correct. If you look at your on-premises environment today, do you have availability domains? You probably have one data center in a single building, in the basement somewhere, and so far, your applications have mostly survived. Do you have fault domains in your data center? Probably not. It’s intentional that you don’t have fault domains or rack failure design in your data center, most likely because of costs.
Storage area networks aren’t designed for this purpose either. You’re likely now exploring the use of software defined storage, which gives you this capability. However, even with software-defined storage, the more resilience you need, the more nodes you need, which can become costly.
Why invest money in hardware or redesign your data center to accomplish this goal when Oracle Government Cloud already has this option available?
Oracle Government Cloud has three fault domains per availability domain. Fault domains let you distribute your instances, so that they’re not on the same physical hardware and within a single availability domain, essentially giving you rack failure capability. The likelihood of someone in your data center pulling on a power cable or a network cable is more likely to happen than your data center being unavailable entirely.
How many times has that happen in your data center? Our data centers are designed to minimize outages (see our Oracle Cloud Infrastructure SLAs). We perform maintenance occasionally; that’s what fault domains are for. To your benefit, you can use fault domains to spread your resources across multiple sets of hardware eliminating single points of failure. For example, if you require instance high availability, place your resources in separate fault domains.
If you’re going to take advantage of fault domains, you need load balancers. Oracle Government Cloud provides load balancing as a service. If you separate your instances across fault domains, the Load Balancing service helps direct your users to the available instances, if you have to perform maintenance, an instance becomes unavailable, or if a fault domain becomes unavailable.
The Load Balancing service is optional; here is where your RTO comes in. My customer chose to use the Load Balancing service to take advantage of the fault domains and have high-availability in their frontend web and application servers.
My customer opted not to use the Oracle Database Cloud services, but I want to discuss it here, because it comes up in many of my conversations. If you’re a long-time Oracle Database customer, you already know the answer. You can use Oracle Real Application Clusters (RAC). Nothing changes when your Oracle databases are hosted in Oracle Government Cloud. All the features remain the same.
The one thing that does change is that Oracle Government Cloud configures everything for you. If you choose the two-node virtual machine Oracle Database Cloud Service option or Exadata Cloud Service option, it can be configured for you automatically. If you require Oracle Database high availability, Oracle RAC is the way to go.
Let’s hope it never happens, but if in a case some unforeseen event happens and your application is inoperable, you can invoke your disaster recovery plans. My customer’s concern focused on how often they can back up their instances, and then how long can they retain the backups. They required that they retain their backups for 90 days, and their recovery time was 24 hours. You can back up instances and databases according to a schedule tied to a policy. You can set the schedule on a daily, weekly, or monthly basis, along with the ability to perform incremental or full back ups. You can set retention times for up to 52 weeks (one year). You can apply these policies to boot volumes, block volumes, and databases.
While we’re talking about backups, Oracle Government Cloud backs up your data to Object Storage. By default, Object Storage is also highly durable: 99.999999999% (11 nines!). A copy of your backup data exists in all three fault domains in the availability domain. Oracle Government Cloud Object Storage is also encrypted at rest, so you can rest assured that your backup data is encrypted and secure.
My customer needed to store backups at an alternate site located more than 30 miles from the primary data center. With Oracle Government Cloud, once your backups are created, you can copy your backups to any other region. The Oracle Government Cloud regions in Ashburn, VA and Phoenix, AZ are approximately 2300 miles apart. That should give adequate distance to meet any government requirements for offsite storage. For your Oracle databases, to get the data across regions, you can use Oracle Recovery Manager (RMAN) to schedule backups across regions or use Oracle Data Guard to replicate the database to a stand by instance.
We covered a little bit of the customer’s RPOs and RTOs. They didn’t have an RPO yet, but we discovered their application needed to be highly available and their RTO was 24 hours. We came up with the following plan:
Eliminate single points of failure with their application.
Use separate fault domains for instances to ensure hardware affinity.
Use a load balancer to check for failures and to redirect traffics for maintenance windows, instance interruptions, or if a fault domain becomes unavailable.
Their application is designed around a third-party database, so they didn’t need Oracle databases. If they wanted to use Oracle Database Cloud services, Oracle RAC for high availability of databases is an option.
Back up data to Oracle Object Storage.
Build backup and retention policies around RPOs.
Copy backup data to another region, to meet offsite backup requirements.
The customer didn’t plan to keep anything on-premises, but these best practices apply to Oracle Government Cloud and on-premises. If you plan to keep your on-premises data center as your primary and use Oracle Government Cloud as your disaster recovery site, that too is a viable option. Use Oracle Government Cloud Object Storage as your backup target. Restore from Oracle Cloud Object Storage to Oracle Government Cloud. This scenario might require third part tools. Optionally, for your Oracle Databases, you can enable Oracle Data Guard and maintain disaster recovery for your Oracle Databases.
I hope this addresses your questions regarding Oracle Government Cloud capabilities around high availability and disaster recovery, as it did for my customer.
We know that every use case is different. The only way to know if Oracle Cloud Infrastructure is right for you is to try it. You can select either the Oracle Cloud Free Tier or a 30-day free trial in our commercial regions which includes US$300 in credits to get you started with a range of services, including compute, storage, and networking. The Oracle Cloud Infrastructure regions dedicated for the Government consist of FedRAMP high federal and civilian authorized regions and IL5 Department of Defense (DoD) authorized regions. If you prefer the Oracle Government Cloud, consult your Oracle sales representative for a proof of concept in the appropriate region.