Disaster Recovery and Backup

Applies to: Kyvos Enterprise Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace

Kyvos Azure Marketplace Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)

Prerequisites 

Before you perform the Disaster Recovery, ensure you must complete the following prerequisites: 

• Disaster Recovery (specify the region for DR) must be selected before deploying a cluster.

• Provide appropriate permission on KMS in the Disaster Recovery region if another IAM user will deploy.

• Copy TLS certificates in the Disaster Recovery region bucket. 

• Create SSL certificates in the Disaster Recovery region bucket. 

• Create/import key/pair in the Disaster Recovery region.

• Create a new olapengine.lic file. 

Disaster Recovery 

To perform the Disaster recovery, perform the following steps. 

1. Login into the AWS account with valid credentials. 

2. Promote the Read Replica of the Kyvos repository and Credit repository.
   
   
   
   
   

3. Promote the following Secret Manager of Disaster Recovery. 

   1. kyvos-cftparams-bmissuepri-815559998352

   2. kyvos-secret-bmissuepri-815559998352

   3. kyvos-credit info-secret-bmissuepri-815559998352
      
      

      Open

      

      
      
      

      Open

      

4. Deploy the Disaster Recovery template the same way as you deployed while creating the primary cluster.

    

   
   
   

   
   
   

    

   1. The bucket name should be the same as the Replication Bucket.

   2. The IAM role of Lambda and EC2 should be the same as the original deployment.

   3. Provide existing RDS that must be promoted before deploying the Disaster Recovery template.

   4. Choose the VPC, two private subnets, and two public subnets.

   5. Choose the security group that is attached to the RDS.

   6. Enter the KMS key and its ARN.

   7. Enter the name of the Secret Manager

   8. Enter the endpoint address of RDS.

   9. Enter the RDS name. 

Post-deployment steps 

Perform the following post-deployment steps. 

1. Update the value of HOSTNAME_VERIFIER property from Kyvos Manager to Yes.

2. Link shared credit info Database from Kyvos Manager. 

3. Upload license.

4. Change the Kyvos properties from Kyvos Manager as done in the primary region.

5. When the deployment is completed, you must change the S3 bucket name from all the datasets because the raw data bucket is also changed due to Disaster Recovery.

6. When the deployment is completed, you have to wait for Cuboid replication on all Query Engines before executing queries. 

7. When the deployment is completed, you must enable TLS and SSL again in Kyvos. 

8. If any additional IPs are allowed in the Security group of Primary installation, then you must configure those IPs in the Disaster Recovery Security Group. 

9. When the Disaster Recovery deployment is completed, you must create the custom URL and DNS mapping again.