… disasters such as this particular Azure outage.
- Implement Availability Sets (Fault Domains/Update Domains): In this scenario, even if you built Failover Clusters, or leveraged Azure Load Balancers and Availability Sets, it seems the entire region went offline, so you still would have been out of luck. While it is a best practice to leverage Availability Sets, especially for planned downtime, they aren’t bulletproof.
- Define Availability Zones: While not available in the South Central U.S. region yet, the Availability Zones being rolled out in Azure could have minimized the impact of the outage. Assuming the lightning strike impacted only one data center, the other data center in the other Availability Zone should have remained operational. However, outages of other non-regional services, such as Azure Active Directory (AAD), seem to have impacted multiple regions, so he doesn’t think Availability Zones would have isolated customers completely.
- Use global load balancers and cross-region failover clusters: Whether you are building SANLess clusters that cross regions or using global load balancers to spread the load across multiple regions, you could have minimized the impact of the larger outage, but you may have still been susceptible to the AAD outage.
- Adopt hybrid- and cross-cloud architectures: About the only way you could guarantee resiliency in a cloudwide failure scenario such as the one Azure just experienced is a DR plan that includes real-time replication of data to a target outside of the primary cloud provider and a plan in place to bring applications online quickly in this other location. These two locations should be entirely independent and should not rely on services, such as AAD, from your primary location to be available. The DR location could be another cloud provider; in this case AWS or Google Cloud Platform seem like logical alternatives, or it could be your own or a secondary customer data center — although that kind of defeats the purpose of running in the cloud in the first place. Also, look into new “backup as a service” offerings that can be sold by partners.
- Examine your SaaS options: While software as service such as Azure Active Directory, Azure SQL Database and the many other SaaS offerings from major cloud providers seem enticing, you need to plan for the worst-case scenario. Because you are trusting a business-critical application to a single vendor, you may have very little control in terms of DR options. That includes recovery outside of the current cloud service provider.
For partners, this miight be one of the more difficult truths to present to customers. Partners should vet the SaaS provider’s DR options before implementing any critical service. If recovery outside of the cloud isn’t an option, line-of-business decision makers need to be aware of that before you sign them up for that service. Minimally, make the business stakeholders aware that if the cloud service provider has a really bad day and that service is offline, there might be nothing you or they can do about it other than call and complain.
According to Birmingham, in the not too distant future, cloud-service customers will start hear more and more about hybrid cloud options and cross-cloud availability, which he says are the only ways an organization can insulate itself from downtime like this latest Azure outage. Partners need to educate themselves and customers on solutions that can create robust high availability, business continuity and DR solutions.
Pages: Previous 1 2