Most of us have a backup strategy, many of us have a restore strategy, and several of us have even fully tested these strategies. But even simple sites may be difficult to recover after a disaster. Tanya Reilly explains why backups are not enough. Complex systems are much harder to reason about and can even be coupled together in ways that make them unrecoverable.
Tanya explores the parts of disaster recovery you might be less prepared for and the dependencies that you might not think about until one day when you really do turn an entire service, entire site, or (perish the thought) an entire company off and on again. You’ll learn why the best laid fallback plans tend to go wrong and why you should start deliberately managing your dependencies long before you think you need to. Along the way, Tanya also covers the dependency cycles that make it difficult or impossible to restart groups of systems—like where do you store the documentation on how to recover the documentation server?
Tanya Reilly is a system administrator and site reliability engineer at Google, where she works on low-level infrastructure like distributed locking, load balancing, and bootstrapping. Previously, she was a system administrator at Eircom.net, Ireland’s largest ISP, and the entire IT Department for a small software house.
©2017, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • email@example.com