|
|
As an AWS developer, I worked with many business organizations that operate critical applications across several AWS regions. The key problem they often share is the lack of confidence in the strategy of taking services to take over the services – whether it work if necessary, whether all addictions and whether their teams have sufficiently practiced these procedures. Traditional approaches often leave them uncertain about their readiness for a regional switch.
Today I am enthusiastic that I can announce Amazon Application Recovery Controller (ARC) Switch, a fully managed, highly available ability that allows organizations to plan, practice and organize regions with confidence and eliminate uncertainty around the cross -country renewal operations. The Switch Region will help you orchestrate your applications for multiple AWS regions. It provides centralized solutions for coordination and automation of renewal renewal tasks and AWS accounts when you need to switch the application operation from one AWS area to another.
Many customers deploy business critical applications across several AWS regions to meet their availability requirements. If the operation affects the application in one region, switching operations to another region involves coordinating multiple steps across different AWS services such as compute, databases and DNS. This coordination usually requires building and maintaining complex scripts that require regular testing and updates as the application evolves. In addition, the organization and monitoring of the regional switches across multiple applications and providing evidence of successful recovery for compliance with regulations often involves manual data collection.
The region switch is built on the regional data plane architecture, where the regions switches are carried out from the activated area. This proposal eliminates dependence on the affected area during the switch, which provides a more resistant recovery process, as the implementation is independent of the region from which you switch.
Building a renewal plan using the Arc area switch
With the Arc Region switch, you can create renewal plans that define the specific steps needed to switch the application between regions. Each plan includes performing blocks that represent AWS resources. When starting, the Switch region supports nine types of implementing blocks:
- The Arc Region Switch Plan Plan Plan Block – open the order in which multiple applications switch to the area you want to activate, by linking to the plans of the switches of other regions.
- AMAZON EC2 Automatic scaling of block execution – Scales Amazon EC2 to calculate resources in your target area by corresponding to the specified percentage of the capacity of your source area.
- Control of ARC routing control Block -Mehangys routing states for redirecting traffic by DNS Health Controls.
- Amazon Aurora Global Database Block – Performs Database Compurs Compurs with potential loss or switching with zero data loss for global database Aurora.
- Control points Approval of manual approval – ADDS approval in your renewal workflow, where team members can check and approve before continuing.
- Own action AWS Lambda performing block – ADDS own steps restoration by Lambda functions in the activation or deactivation area.
- Amazon Route 53 BLOCK CHECKS – Set on which regions the transmission of your application will be redirected during services when failing. When carrying out the region switch plan, the Amazon Route 53 Health Check status is updated and the operation is redirected based on your DNS configuration.
- Amazon Elastic Kubernetes Service (Amazon ECS) Scaling of Block -Cales Kubernets Pods in your target area during recovery by comparing a specified percentage of the capacity of your source area.
- Amazon Elastic Container Service (AMAZON ECS) Rutting Resources Block -Cales ECS tasks in your target area by comparing the specified percentage of the capacity of your source area.
The region switch constantly verifies your plans by checking the AWS Identity and Access Management (IAM) configurations every 30 minutes. During the Switch region, it monitors the progress of every step and provides detailed protocols. You can view the condition of the execution via the control panel for switching the region and at the bottom of the details of the design.
To help you balance the costs and reliability, the Switch region offers flexibility in how you prepare your sources in standby mode. During recovery, you can configure the required percentage of computing capacity for targeting in your target area using blocks of the region’s scale. For critical applications that expect overvoltage during recovery, you may decide to expand above 100 % by capacity, and lower percentage settings can help achieve faster overall execution. However, it is important to note that the use of one of the blocks of scaling does not guarantee capacity and the actual availability of resources depends on the capacity in the target area at the time of recovery. To make it easier to make the best possible results, we recommend testing your recovery plans and maintain suitable service quotas in standby regions.
The Arc Region switch includes a global control panel that you can use to monitor the status of the region switches across the company and regions. In addition, there is a regional executive control panel that only shows execution in the current console area. This control panel is designed to be highly available in each region, so it can be used during operational actions.
The Switch Region allows you to host resources on an account that is separated from an account that contains a regional switch plan. If the plan uses sources from an account that differs from the account host, then the Switch Region uses executionRole assume crossAccountRole Access to these sources. In addition, the regional switch plans can be centralized and shared on multiple accounts using AWS Resource Access Manager (AWS RAM), allowing effective recovery plans to be effective across your organization.
Let’s see how it works
Allow me to show you how to create and make a region switch plan. There are three parts in this demo. First I create a region switch plan. Then I define the workflow. Finally, I configure the trigger.
Step 1: Create a plan
I will go to the section of the AWS Management Console Recovery controller. I choose Region switch in the left navigation offer. Then I choose Create a schedule of the region switches.
After I make the name of my plan, I determine and Access to recover with multiple regions (active/passive or active/active). In active/passive mode, two replicas of applications are deployed to two regions, while the operation is only routed to the active area. The replica in the passive area can be activated by the execution plan of the region switch.
Then I select Primary area and Emergency area. Optionally I can enter a Required Time of Recovery (RTO). The service will use this value to provide a look at how long the region switch plan in relation to my desired RTO.
I will enter Plan to make the roles of IAM. This is a role that allows the AWS calling regions to call the AWS. I assure myself that the role we choose has permission to be induced by the service and contains a minimum set of permissions that allows the ARC circuit. For details, see IAM in the documentation.
Step 2: Create a workflow
When the two Status assessment of the plan The announcements are green, I create a workflow. I choose Create workflows start.
Plans allow you to create specific workflows that will restore your applications using the region switch. You can create workflows using implementing blocks that run gradually or in parallel with an orchestration order in which multiple applications or resources are recovering into the activation area. The plan consists of these workflows that allow you to activate or deactivate a specific area.
For this demo I use a graphic editor to create a workflow. But you can also define a workflow in JSON. This format is more suitable for automation or if you want to save the workflow definition to the source code management system (SCMS) and your infrastructure as code (IAC) tools such as Cloudformation AWS.
Can i alternate between Design and Code View by selecting the corresponding card next to The creator of the workflow title. The view is only for reading. I proposed a workflow with a graphic editor and copied the equivalent of JSON to save it together with IAC projects.
The Switch region launches the rating to verify the renewal strategy every 30 minutes. It regularly checks that all actions defined in your workflows will be successful. These proactive validations evaluate different elements, including IAM authorization and resource states across accounts and regions. By constantly monitoring these addictions, the Switch region helps to ensure that your recovery plans remain viable and identify potential problems before your real switching operations affect.
However, as well as an untested deposit is not a reliable backup, an unprecedented recovery plan cannot be considered truly verified. While continuous evaluation provides a strong foundation, we strongly recommend that you make your plans in testing scenarios to verify their effectiveness, understand the real recovery time and ensure that your teams are familiar with recovery procedures. This practical testing is necessary to maintain trust in the restoration strategy after the disaster.
Step 3: Create a trigger
The trigger defines the conditions for activating the workflows just created. It is expressed as a set of cloudwatch alarms. Alarm triggers are optional. You can also use the region with manual triggers.
I will choose from the Region Switches Page in the console Triggers card and choose Add triggers.
I will choose for each area defined in my plan Add the trigger Define triggers that activate the area.
Finally, I choose alarms and their status (OK or alarm) that will use the region switch to start activation of the area.
Now I am ready to test the plan to switch regions using the region switch. It is important to make a plan from the area I activate (target area of workflow) and use the data plane in this particular area.
Here’s how to make a plan using the AWS command line (AWS CLI) interface:
aws arc-region-switch start-plan-execution \
--plan-arn arn:aws:arc-region-switch::111122223333:plan/resource-id \
--target-region us-west-2 \
--action activatePrices and availability
The Switch region is available in all AWS commercial regions for $ 70 per month for a plan. Each plan can include up to 100 performances, or you can create maternity plans for organizing up to 25 children’s plans.
After I saw first -hand engineering efforts devoted to building and maintaining a solution for more regions, I am excited to see how the Switch region will help automate this process for our customers. If you want to start with the Arc Region switch, visit the ARC console to create your first region switches. For more information about the Switch region, see Amazon Application Recovery Controller (ARC). You can also reach your AWS Account Team team with questions about using the Switch region for your applications for multiple regions.
I look forward to seeing how you use the region switch to strengthen the resistance of multiple regions.
– seb