Disaster recovery factors

The disaster recovery strategy for the BMC BladeLogic Server Automation involves setting up disaster recovery for each product that requires it. All the strategic products must be available and updated in the disaster recovery data center in case the production data center is unavailable for any reason.

Although each product has its own requirements for setting up disaster recovery, the following list is common to all:

• The disaster recovery installation should have the same product version and patch level as the production installation.
• If any configuration or file changes (like applying patches) are done to the production data center, the same changes must be repeated on the disaster recovery data center.
• As the production system is used, all data changes must be replicated to the disaster recovery data center data. These changes can be database changes or file system changes, depending on the product in use.
• Replicating data changes imposes additional demands on the resources in the production system. To keep these demands to a minimum, the replication can be run only during off-peak hours. If continuous replication is needed, the production system should be given additional resources (CPU and memory) to reduce negative performance.

The following diagram shows the different points where replication is needed to keep the disaster recovery data center installation up to date. Because multiple products make up the BMC BladeLogic Automation Suite, disaster recovery strategies that rely on automatic activation of the disaster recovery installation can be tricky to implement. Each product needs to be ready and available for the disaster recovery installation to start functioning. For example, if the production databases are being replicated every three hours, transaction information for the last three hours might not yet exist in the disaster recovery databases, and might need to be copied over and restored manually using the database transaction logs. Another example can be when network changes need to be put in place manually before disaster recovery can take over.

To accommodate such scenarios, the following architecture does not include automatic failover from production. This is an essential consideration for BMC Atrium Orchestrator. If the BMC Atrium Orchestrator disaster recovery strategy is based on an HA CDP (High Availability Configuration Distribution Peer) in the disaster recovery data center, this CDP automatically starts processing workflow if production fails. If the rest of the products are not yet ready, the processes will start failing.

Disaster recovery for BMC products is a subset of a company's disaster strategy, which is only a subset of a company's business continuity plan. The following options might or might not be relevant to a particular disaster recovery strategy.

1. Simple data replication
   • Back up all data from databases and file servers. This minimizes data loss in case of failure.
   • The maximum loss of data is the interval between backup operations.
   • In case of disaster, this option results in disruption of service until an alternate site is brought online.
2. Cold backup site offering partial services
   • The backup site offers a subset of production services.
3. Cold backup site offering full services
   • All services are available at the backup site.
   • The backup site is built to the same capacity as the main site.
4. Active-Active production sites, acting as backup for each other
   • Each site can have full capacity to handle all users.
   • Each can provide partial services to support the failed site.

Hypothetical implementation of Disaster Recovery for the BMC BladeLogic Automation Suite

Click to expand.