Creating a Disaster Recovery Plan for your Magento Site
Backups have a false sense of security in a way. They are a prominent and an essential component of a Disaster Recovery Plan. But while taking a simple backup is easy (a hosting provider will do it for you for example), creating a disaster recovery plan is not.
A disaster recovery plan drives what is backed up and where. It also guides with the restoration process.
Since it is difficult to actually know what disasters can happen, it is much easier to break down the problem and consider what scenarios we will consider. Examples could include :
- Data Disk failure
- Server failure – a server critical to functioning of the web site has failed. This could be our only server, db server, app server, etc.
- Data corruption – either of the database or application
- Operating system issues
- Compromised system – we were hacked – but all data is safe
Each scenario decides what data would be needed to recover. Often forgotten items to backup are system configuration files modified for our site such as nginx or apache configuration, email configuration, external search engine configuration, etc.
- Not all data has to be backed up – some files can be versioned allowing a restoration from a previous known working version.
- Location of backup is another crucial factor – we always backup customer data off-site – at a cloud location other than the primary hosting location. For example a different AWS region or a completely different cloud provider. Versioned data is also stored in a known location.
- Access to backup up data should be available – so pem keys, usernames, passwords, etc.
- It is also important to store information of the system services installed and from where (the rpms, versions and yum repos). As with versioned items these should be updated when changed.
It should be clear what data would be lost. Is your database replicated or backed up periodically? How about media files – are they backed up immediately or on a schedule?
Many times, a service may be down temporarily and a decision may need to be made on either waiting for the repair.
The tradefoff may be between the hours of data lost vs the hours of service that will be lost.
Who has the switch to initiate the process?Also the process may be initiated but the final switch may require a second confirmation.
All such process should be documented.
Just because you have a backup does not mean the restoration will be instantaneous. Human factors may also need to be considered. An estimate per scenario will help the decision maker and set the expectations.
Recovery services charge on initiating the recovery process. The charges may apply even if the final go ahead is not given.
To get you started we have a template for a disaster recovery plan. Click here to download.
Alternatively signup for our service and get a bespoke plan for your situation.