Discussion on the level and level of the design of it disaster recovery system

I. Level of disaster tolerance

Disaster tolerance from the degree of protection generally divided into three levels: data level, system level, business level.

Data-level disaster-tolerant concerns are data that ensures that the user's original data is not lost or compromised after a disaster occurs. Data-level disaster recovery differs from backup, which requires backups of data to be stored offsite, or offsite backups. The primary data disaster recovery is to save the data of backup to offsite; The advanced data disaster is to set up an offsite data center, asynchronous or synchronized data synchronization between two data centers, reduce the difference between backup data and actual data. Data level disaster tolerance is the basic bottom line of disaster tolerance, because to wait for the recovery of the main system, so also the longest recovery time of a disaster-tolerant way.

System-level disaster tolerance is based on the data-level disaster, and then the execution of the application processing capacity (Business Server area) to copy, that is, in the backup site also build a set of support system. System-level disaster-tolerant system can provide uninterrupted application services, allowing users to use the service request can continue to operate transparently, and do not feel the occurrence of disaster, to ensure the integrity of the system services, reliable and safe.

Data-level disaster recovery and system-level disaster recovery are within the IT category, but for normal business, it is not enough to guarantee IT systems. Some users need to build the highest levels of business-level disaster recovery. Business-level disaster-recovery includes many non-IT systems, such as telephones, office locations, and so on. When a big disaster occurs, the user's original office site will be destroyed, the user in addition to the original data, the original application system, but also need staff in a backup of the workplace can normally carry out business. In fact, business-level disaster recovery is also concerned with the backup of the business access network, not only considering the service delivery capability of the support system, but also considering the access ability of the service users and even the backup staff.

Ii. levels of disaster-tolerant systems

Disaster tolerance is for the recovery of services after the catastrophe, and disaster recovery to the original system depends on the way the data backup, that is, the synchronization of the main standby system, referring to IBM's seven-tier theory of disaster-tolerant solutions, we have analyzed and collated, and made appropriate simplification, from the domestic practical point of view, In view of the design of it disaster-tolerant system, the disaster-tolerant system is divided into six levels from the layer of recovery:

1) One layer: Data backup, no standby system

Disaster tolerance, which belongs to the data level. The backed-up data is periodically manually stored offsite, offline storage. When disaster occurs, a new set of IT support systems is used to restore backup data and continue to provide service support.

2) Two layers: Data backup, standby system, no network connection

The system disaster tolerance is established, but there is no network connection between the primary standby system and the backup data is stored manually in the backup system. When a disaster occurs, the backup system is started and the data restored to the most recent backup is available for service. This reduces the search for the system and increases the assurance of the system's ability to provide services.

3) Three layer: main standby system has network connection, asynchronous storage connection

The network connection between the primary standby system, the automatic backup technology of storage system and the automatic data backup can save the work of manual backup, and also can improve the speed of backup and reduce the time skylight of backup. When a disaster occurs, the backup system can automatically become the primary system to provide services.

This column more highlights: http://www.bianceng.cnhttp://www.bianceng.cn/Network/Security/

At that time, when the data volume of the system was relatively large, the speed of remote backup data could not be synchronized with the actual system, so the asynchronous backup mode and synchronous backup mode appeared. This layer of disaster recovery is asynchronous backup, usually to the regular backup data sent to the backup system. The time difference between two backups is called a backup skylight, which is the maximum length of data loss if a disaster occurs.

4) Four layer: main standby system has network connection, synchronous storage connection

To reduce the backup skylight, you must speed up the backup, but storage capacity is generally very large, backup to the efficiency of the system is very large, in order not to affect the actual business services, storage manufacturers take snapshots of the way incremental backup, the first to do a basic full backup, in the data changes in the regular generation of space snapshots snapshot, For snapshot backups only, the backup skylight is much smaller.

With the reduction of backup skylight, the difference between primary and standby data is reduced, which has negative effect on the destruction of the data due to misoperation, virus modification and so on, so it is necessary to establish the local data backup mechanism in the main system while establishing the disaster tolerance in this layer.

5) Five layers: business synchronous write

In the storage level of disaster recovery backup, always to the storage space to copy offsite, there is always a time lag, backup skylight can not be zero. The process of business services is that the business process processes the resulting data to the storage system, which is then stored on the physical disk. A storage backup is the storage system that reads the data to be backed up from disk and writes it to the backup system. If the business processing process in the submission of data at the same time, the data also submitted to the backup system, then you can achieve the main standby system data synchronization, this is the business of synchronous writing, data synchronization update. This level can realize the data backup skylight is zero.

Synchronous writes are implemented in a variety of ways: first, the business system directly submitted data to the master and standby database system, while success for write success, read out from the main system can be read. Second, the business system is only submitted to the main system database, when the database is written to the system, the operation log of the data directly to the backup system, in the backup system to perform the same database operations.

6) Six layers: Business system synchronization work

The main system is characterized by the main systems work, standby system, not directly accept the business. If the primary standby system accepts the business data at the same time, it does business processing, but the standby system does not output to the user. There is a separate "heartbeat" connection between the primary standby system and the "working environment" inside the primary standby system, which is actually a hot standby of two machines in different places. When a disaster occurs, the standby system directly extends the main system to provide services. This level can achieve close to "0 delay" business switching, but the user's business needs to reconnect, the business system does not submit business to resubmit, for users, the business will not be lost because of disaster.