Our company is in the process of raising a round, and one of our investors has asked us to put in place some disaster recovery procedures before investing. What DR procedures do you have in place for your company?<p>Some background:
* I am sole coder
* All code is on GitHub
* App is deployed to Heroku
* Domain names are on NetworkSolutions
Very 'interesting' they asking you this. Specially when it looks you are just starting.<p>I run a credit card company on AWS, our website runs on a single, small aws instance, but the POS/Financial servers are setup this way:<p>- 8 multi-az oracle rds instances, 4 of them are slaves. It means we have 16 servers where 8 are manually standing by and 8 are on rds multi-az system. The 4 slaves are set to be used to recover from a data tampering event, not aws outages.<p>- Some dozens of app servers on the same region of each database. We use a custom tcp/ip server I built in java almost a decade ago. We are thinking about migrating to apache Mina.<p>My personal tips:<p>- Why are you paying the heroku premium? Build you own aws servers, put nginx and set cheap instances behind it. Let capistrano be your heroku.<p>- Use some dynamic dns service, I would recommend dynect. Avoid amazon Route 53.<p>- Use multi-az, set up the same database in another region (continent)<p>- Get out of us-east<p>Build the very same setting into another region, create scripts to load the slave country's database if possible.<p>If your database is too fancy or large:<p>Shard or distribute.<p>(Edit) Almost forgot: ALWAYS have fresh as possible, offline backups of everything. Oracle is god when it comes to making this easy.
Few thoughts:<p>- Don't worry about code backups, assuming you have the following:
1. Local copy
2. Local backups
3. GitHub
4. GitHub's own backups
5. Copy on Heroku
6. Heroku's backups (?)
7. Any server backups<p>That's a hell of a lot of backups.<p>- Make sure you can time how fast you can provision a new server and restore backups. When you actually have to, it'll give you some peace of mind knowing that your backups can be restored, and that you can reliably guess how long it'll take.<p>- Make sure your domains are "Locked" in NetworkSolutions, which prevents transfer-out requests. I'm still mixed on whois privacy, but you're probably okay using it with NetworkSolutions.<p>- I've also struggled with figuring out what to do if I can't run the business suddenly. For your domain, you can register it for several years or set it up on auto-renew, so that's not really an issue. As far as GitHub/Heroku, ... that's a tough question.