Pilot Light Disaster Recovery Strategy

Running Bare Minimum Infrastructure To Aid Rapid Recovery

Production Operations

The term pilot light is often used to describe a Disaster Recovery scenario in which a minimal version of an environment is always running in the cloud. The idea of the pilot light is an analogy that comes from the gas heater. In a gas heater, a small flame that’s always on can quickly ignite the entire furnace to heat up a house.

With AWS you can maintain a pilot light by configuring and running the most critical core elements of your system in AWS. When the time comes for recovery, you can rapidly provision a full–scale production environment around the critical core.

The pilot light method gives you a low cost option for DR since you only pay for the pilot light resources during normal operations, and only pay for all resources required to run your operation during a DR event.

Running Production

1. Infrastructure elements for the pilot light itself typically include your database servers, which would replicate data to Amazon EC2 or Amazon RDS. Depending on the system, there might be other critical data outside of the database that needs to be replicated to AWS. This is the critical core of the system (the pilot light) around which all other infrastructure pieces in AWS (the rest of the furnace) can quickly be provisioned to restore the complete system.
2. To provision the remainder of the infrastructure to restore business–critical services, you would typically have some pre–configured servers bundled as Amazon Machine Images (AMIs), which are ready to be started up at a moment’s notice. When starting recovery, instances from these AMIs come up quickly with their pre–defined role (for example, Web or App Server) within the deployment around the pilot light.
3. The pilot light method gives you a quicker recovery time than the backup/restore method because the core pieces of the system are already running and are continually kept up to date.
4. AWS enables you to automate the provisioning and configuration of the infrastructure resources, which can be a significant benefit to save time and help protect against human errors. However, you will still need to perform some installation and configuration tasks to recover the applications fully. These configuration steps may be automated with AWS CloudFormation

Recovery

1. Recovery to the Pilot Light environment entails spinning up pre–configured systems from AWS AMI images, applying any patches not previoiusly applied and making the replicated data available to new systems.
2. Network addressing is then changed via Amazon Route 53 to point to the new instances