Infrastructure protection

About infrastructure protection

Infrastructure protection is a service designed to protect your infrastructure resources, by taking regular backups and storing them in a pre-configured storage location (called destination). If a need arises, these resources may be restored (recreated) later, should the original resources be lost or damaged.

Currently, the service supports creating backups of instances, images and volumes.

Creating and managing protection plans

Resources are protected by a configuration object called protection plan. A protection plan includes:

  • Backup destination - storage where the backups are stored.
  • List of resources protected by the plan.
  • (Optional) protection schedule. Without using a schedule, a backup can be also triggered manually.

Backup destinations

Properly configured platform will have at least one backup destination available for your backups. A backup destination is created and maintained by the platform administrators. As a user, you cannot add or modify a backup destination. However, if multiple destinations are available (such as local datacenter storage and remote datacenter storage), you will be able to choose between those destinations when creating a protection plan.

Note that once backup plan is created, its backup destination cannot be changed. To change the backup destination, delete the existing plan and create a new one.

Protected resources

When creating or managing a protection plan, you can select resources (instances, volumes and images) included into the plan. The list of protected resources can also be modified for an existing plan - when it happens, all the subsequent backups will include the new set of resources.

For data consistency, volumes are protected by taking volume snapshots. When a volume is used (attached and mounted) during the backup, the backup data will be crash-consistent (means, the data consistency in the restored volume will be same or better as if you power off the instance while using the volume). Note that for some of the data types, such as databases, this level of consistency may be insufficient, and more effective data backup strategies (for example, native database backup) should be used.

You can also include images into your backups. Consider however that in many cases backing up images is unnecessary. For your own (private) images, you might have another offline copy of the image, which can be re-uploaded later. The platform images (supplied by the provider) are protected by the service provider, and generally should not be included into your own backup plans.

Protection of image-based instances

The infrastructure protection service allows you to include instances into the backup plan. Those instance may be either image based (which is default for a new instance creation) or volume based (using boot volumes).

Be aware that the platform does not yet support backing up root disk data from the image-based instances. When you include such instance to a backup plan, the backup taken will not contain the actual disk data - instead, only the metadata will be backed up. As a result, when you restore such instance, it will be re-created using the same source image as the original instance. Any changes that happened in the original instance after its creation will not be preserved in the restored instance.

To ensure your instance data is protected by the infrastructure protection service, use volume-based instances.

As an alternative, to create a backup copy of your image-based instance, you can use instance snapshot, which does include post-creation data of the instance.

Plan schedules

To enable automatic periodic backup creation, you can enable a schedule for the plan. When creating a schedule, specify frequency (daily, weekly, etc), and the backup start time (which refers to your local computer timezone). After that, the backup will be taken at the specified (start) time, with specified frequency. For example, to take a backup every Saturday at 1:00 after the midnight, create a Weekly schedule frequency and specify nearest Saturday, 1:00 as the backup start time.

As a part of a schedule, you can also specify backup retention (how many most recent backups you'd like to retain). When retention is used, the oldest backups will be deleted automatically when new backups are created.

Note that backups triggered manually (by pressing "Backup now" button) are not included into the number of retained backups, and not deleted automatically. As a result, if you have manually triggered backups, you can find more backups stored for the plan than your schedule retention specifies.

Data recovery

To recover the data from an existing backup, select a backup (either from a protection plan, or in the backup list outside of the plan), and choose "Restore".

As a next step, review resources in the backup, and select which resources you'd like to restore.

Note that original resources are never overwritten by the restore, even if they exist. Even if you specify the same name as for the original resource, a new resource with the same name (but a different resource ID) will be created. When restore is completed, you can see status of the restore reviewing properties of the backup (which contains a link to performed restores and status of their completion).