Managed disaster recovery with Amazon RDS for Oracle cross-Region automated backups – Part 1
Today, customers using Amazon Relational Database Service (Amazon RDS) for Oracle have several managed high availability (HA) and disaster recovery (DR) capabilities to choose from based on your business requirements and use cases:
- With Amazon RDS Multi-AZ, you get enhanced availability and durability for database (DB) instances within a specific AWS Region. This is often an effective DR solution for most use cases.
- You can use RDS for Oracle read replicas when running mission-critical databases with a business requirement for your DR configuration to span across different Regions. At the same time, you want to use your DR investments to handle some of your production read workloads in another Region closer to the users.
- RDS for Oracle mounted DB replicas are ideal if you just need DR but don’t have the requirement to route your read workloads to the replica.
- You can also opt for logical replication for self-managed DR via AWS Database Migration Service (AWS DMS) and Oracle GoldenGate.
If you need a low-cost cross-Region DR solution, you previously had to use a self-managed script built on AWS Lambda that periodically copies DB snapshots to another Region and provides discrete instance restore points at the your chosen snapshot frequency. Now with Amazon RDS for Oracle cross-Region automated backups, which include both snapshots as well as archived redo logs, you may attain cost-effective cross-Region DR with low Recovery Point Objective (RPO) and reduced Recovery Time Objective (RTO) compared to the self-managed scripting.
This post discusses the managed DR capabilities of cross-Region automated backups. This is relevant to database administrators, database architects, and application architects who are running DB instances on Amazon RDS for Oracle. Although this post focuses on Amazon RDS for Oracle, cross-Region automated backups are also currently available for Amazon RDS for PostgreSQL.
Introduction to Amazon RDS cross-Region automated backups
Storing backups offsite is a common requirement of an organization’s DR policies, and what constitutes offsite varies with the use case. For many customers operating on premises today, copying backup files to tape or other long-term storage and transporting across town to a secure facility achieves this purpose. Due to the logistics involved, the copies may be made and transported on a recurring schedule, perhaps weekly or daily, which limits the recoverability of the most recent transactions if a disaster strikes that forces the company to restore and recover from that backup. It also takes time to retrieve the backups, as well as to procure new hardware onto which to restore the backups and restart operations. Having a remote data center with strong connectivity and storage space for the backups helps reduce the time elapsed between copying of backups offsite, thereby reducing the potential data loss in the event of a disaster to the primary site, as well as reducing the time to restore the backups to new systems and restart operations.
Many Amazon RDS for Oracle customers’ DR plans include restoring and recovering resources in a second Region. Cross-Region automated backups provide you with the same solution you currently use for Amazon RDS backup and recovery automation in a single Region, but with the additional protection of having all the data needed to restore your database instance readily available in a second Region.
The feature extends the existing Amazon RDS automated backups functionality, giving you the ability to set up automatic replication of snapshots and archived redo logs from a primary Region to a secondary Region. It helps enable DR capability for mission-critical databases by allowing you to restore your database to a specific point in time within the backup retention period defined for the destination Region.
Amazon RDS supports cross-Region automated backups for Amazon RDS for Oracle for the versions of 12.1 (starting from 220.127.116.11.v10) and higher. This feature is supported for Amazon RDS for Oracle customers who use any edition of Oracle Database with the License Included (LI) or Bring Your Own License (BYOL) models. BYOL customers should review their Oracle agreement to verify use of this feature is permitted.
With cross-Region automated backups, the snapshots and archived redo log backups captured and retained in the source Region where your RDS instance resides are automatically replicated to a second Region. RDS then maintains the snapshot and archived logs according to your chosen backup retention period to enable point-in-time restore (PITR) capability in the destination Region.
With Amazon RDS cross-Region automated backups, you can choose a different recovery window in the destination Region than in the source Region. For example, you can maintain a recovery window of 35 days in the primary Region to allow for maximum recovery options covering many potential issues, and have the option to define a separate window in a second Region that suits your DR needs, also up to 35 days in the past. Cross-Region automated backups help you restore a database to a specific point in time within the backup retention period, which helps to quickly resume operations in the event the primary Region becomes unavailable.
With Amazon RDS copying instance snapshots and archived redo logs to a second Region as soon as they’re available on the source, cross-Region automated backups help provide long-distance separation between the primary and failover site. AWS also has extensive capacity in each Region, meaning that you can deploy instances in minutes and begin restore and recovery efforts quickly, without needing to procure hardware ahead of time. This provides a cost-effective DR plan protecting against a Regional disaster, with low RPO and RTO.
Cross-Region automated backups are ideal if you need a cost-effective DR capability that helps save on compute and, in some cases, licensing costs until a PITR is needed in another Region. Cross-Region automated backups are also attractive if you lack the time and resources to script copying the RDS snapshots across Regions, and if you require a lower RPO than is associated with a manual cross-Region snapshot copy. The feature can also help provide lower RTO in the destination Region by automatically replicating manual snapshots, reducing the amount of redo that must be applied after the snapshot is restored.
RPO and RTO with Amazon RDS for Oracle’s managed HA and DR capabilities
During normal operations with automated backups enabled, Amazon RDS takes a daily snapshot of your RDS DB instance storage during the backup window you can define, along with copying archived redo logs generated on the instance at 5-minute intervals. These backups are stored in Amazon Simple Storage Service (Amazon S3) in the Region where your RDS DB instance resides. With cross-Region automated backups, these same snapshots and archived logs are replicated to a second Region as soon as they are available in the source Region.
Consider the archived logs backups that occur throughout the day: Because copy operations take a few moments to complete and are initiated every 5 minutes on the RDS DB instance, the typical RPO for the RDS instance in its source Region is approximately 5–10 minutes. Because copy times are longer for remote Regions, the RPO for the cross-Region backup may run 10 or more minutes behind the source Region. Database instances with high redo volumes may see further lag on the latest restorable time for the instance in the second Region. The time taken to complete a PITR largely depends on the amount of redo that must be applied after the snapshot is restored—an aspect that doesn’t change as a result of cross-Region automated backups. If you’re looking to achieve lower RTO for your RDS instance restore operations in-Region or cross-Region, you can take manual snapshots of the instance to reduce the redo apply phase of the restore.
The following table showcases the RPO and RTO metrics that you can attain with various HA and DR capabilities of Amazon RDS for Oracle.
|Feature||RPO (approximate)||RTO (approximate)||Licensing*|
|RDS Multi-AZ||0||1 to 2 minutes||License Included Standard Edition Two (SE2) or BYOL SE2 or Enterprise Edition|
|Snapshot restore||Hours||< 1 hour|
|PITR (in-Region) using Automated Backups||5 minutes||Hours|
|PITR using cross-Region Automated Backups||25 minutes||Hours|
|Mounted replica promotion (in-Region)||Minutes||Minutes||Enterprise Edition|
|Mounted replica promotion (cross-Region)||Minutes||Minutes|
|Read replica promotion (in-Region)||Minutes||Minutes||Enterprise Edition + Active Data Guard|
|Read replica promotion (cross-Region)||Minutes||Minutes|
* BYOL customers should review their Oracle agreement to verify use of this feature is permitted.
Use cases of Amazon RDS for Oracle cross-Region automated backups
The cross-Region automated backups feature provides more flexibility to help meet unique backup needs by supporting different RPO, RTO, and license compatibility options. BYOL customers should review their Oracle license agreements to verify the following information applies.
- DR for Oracle Standard Edition – Oracle Data Guard is currently only available with Enterprise Edition. LI and BYOL customers using SE2 don’t have DR capability by default with their licenses. Cross-Region automated backups can help certain SE2 customers achieve DR, while in most cases saving on compute and license costs. You may see savings from using backups to restore a new DB instance.
- Lower-cost DR for Oracle Enterprise Edition – Customers using Enterprise Edition with low RPO requirements may be able to attain DR with RDS for Oracle cross-Region mounted DB replicas (requires EE license on the replica) or RDS for Oracle cross-Region read replicas (requires EE and Active Data Guard licenses). Cross-Region automated backups may allow you to eliminate licensing redundant environments to attain DR if you can use relaxed RPO and RTO.
- DR for Single-AZ – Certain customers can now use cross-Region automated backups for their DR even when they have not enabled Multi-AZ.
- DR for Multi-AZ – cross-Region automated backups is complementary to Amazon RDS Multi-AZ deployments. If you’re using Multi-AZ for high availability, you can enable cross-Region automated backups for cross-Region DR needs.
- DR for Multi-AZ with in-Region read replicas – While Amazon RDS Multi-AZ provides HA and data protection, the associated in-Region read replica renders the scalability of read-only workloads, and the cross-Region automated backups feature provides DR.
RDS DB instances encrypted at rest with AWS KMS or with Oracle Transparent Data Encryption (TDE) can also be replicated to another Region. When Oracle TDE is in use via the TDE option, Amazon RDS copies the TDE key to the destination Region automatically so the Oracle wallet may be managed there as well. With the support for AWS KMS encryption, cross-Region automated backups encrypts the replicated backups using an existing AWS KMS customer master key (CMK) in the destination Region.
When implementing cross-Region automated backups for an RDS instance that is protected using AWS KMS encryption, you must specify a KMS key ARN in the destination Region to be used for encryption operations there. This can’t be the default KMS key for Amazon RDS, but must be a separate key, because AWS KMS doesn’t allow cross-Region access to default service keys.
To see all Regions that currently support cross-Region automated backups, refer to the source and destination Region table in Replicating automated backups to another AWS Region.
Cross-Region automated backups are charged for the data transferred while copying the DB snapshots and archived redo logs across Regions. Data transfer between the primary Region and secondary Region is billed based on the data transfer rates of the applicable Regions. After the snapshot is copied, standard database snapshot charges apply to store it in the destination Region. There is no additional charge for storage of the archived redo logs in the destination Region. See Amazon RDS for Oracle Pricing for up-to-date pricing of instances, storage, data transfer, and Regional availability.
In this post, we discussed how you can use Amazon RDS for Oracle cross-Region automated backups to enhance your DR capabilities across Regions. We reviewed several DR use cases in which cross-Region automated backups could help lower RPO and RTO in certain situations. In our next post, we will walk through setting up cross-Region automated backups on new and existing RDS for Oracle instances, including AWS KMS-encrypted instances. We will also show how to monitor the replication as well as how to perform a point-in-time restore in the destination Region. For more information about enabling and working with cross-Region automated backups, see Replicating automated backups to another AWS Region.
About the authors
Nathan Fuzi is a Senior Database Specialist Solutions Architect at AWS.
Nagesh Battula is a Principal Product Manager on the Amazon Web Services RDS team. He is responsible for the product management of Amazon RDS for Oracle. Prior to joining AWS, Nagesh was a member of the Oracle High Availability Product Management team with special focus on distributed database architecture addressing scalability and high availability. While at Oracle, he was the product manager for Oracle Sharding and Oracle Global Data Services. Nagesh has 20+ years of combined experience in the database realm. He has a BS in Engineering and MS in Computer Science. He is a frequent speaker at various database related user groups and conferences.