Overcoming IoT Disaster Recovery Limitations Using Multiple AWS Regions
Apr 20, 2018
Connecting devices and wearables to the Internet for capturing information has become very prevalent over the last few years. When these devices are used or needed for medical tracking, the need to have high availability and a failover process are of paramount concern for both the patient and the company charged with ensuring their safety.
The challenge for any company attempting to implement an Internet of Things (IoT) solution is trying to find a method that provides high availability and immediate failover in case of a regional disaster that allows for devices to continue to communicate even if an outage occurs. When evaluating cloud solutions that have IoT services, there is no singular, out-of-the-box solution available that allows for this gap of functionality. The assumption is that the cloud service is always available for a given region only and not across regions.
The Challenge – Disaster Recovery
A medical device manufacturer needed to overcome this pitfall and engaged with ClearScale, an AWS Premier Consulting Partner, to find a solution. With devices that are designed to actively monitor a patient’s activity or condition and send alerts should a patient’s vitals deviate from a given threshold, they needed a way to have that information automatically persisted to an IoT solution in the cloud. However, their biggest concern, especially with media reports over the last year or two of cloud outages, was that their devices would need to continue to operate, gather information about the patient, and then upload it to the cloud even when a region was out of operation.
ClearScale immediately saw the ramifications of not having a reliable disaster recovery solution for IoT devices and set about investigating how existing AWS Services could help overcome this limitation. Each device had a certificate that needed to be registered with AWS IoT. The process for registering a certificate is a very straightforward approach. However, the AWS documentation indicates that IoT certificates can be registered and transferred between accounts only within a single region and AWS IoT doesn’t allow cross-region transfer for them. This approach meant that it would not suit the requirements of the client.
The ClearScale Solution – Cloud Automation
The solution lay in creatively applying a well-established process to keep two regions in sync with the same certificate. Rather than having a second region serve as a production-ready replica of the first so that traffic can be routed for performance or scalability needs, ClearScale instead used one region as the production environment with a second region as the failover environment should the need arise for disaster recovery.
To do this, ClearScale implemented an automated process to make scheduled snapshots of the database using AWS Relational Database Service (RDS), copy snapshots to another account in another region, and restore them. The same approach was used with IoT certificates. ClearScale used several Lambda functions to get the required information about the certificate of a new connected device at the time of its registration in the Production account (this information is then published to SNS topic, to which another function in the DR region is subscribed) and registered the certificate in the DR account at the same time.
Since a given region has to have a single DNS end-point for incoming devices to register against, ClearScale set up DNS end-points for both the production region and the disaster recovery region. They then thoroughly tested scenarios that forced the production region to go out of service. The implementation they designed successfully routed traffic to the disaster region DNS end-point allowing for uninterrupted, high-availability connectivity for the medical IoT devices. Because the certificates the devices used had been registered in both the production and the disaster recovery regions at the same time, it prevented data loss by ensuring that the devices could still communicate and persist their information to the disaster recovery region without a certificate mismatch that was impossible under the AWS IoT models that were traditional.
This unique approach to registering, copying, maintaining, and activating IoT device certificates between a production region and a disaster recovery region is not only unprecedented when compared to other IoT implementations, but the approach can be replicated for any client across any industry dedicated to using IoT devices.
The Benefits
ClearScale’s years of expertise in AWS Cloud services allowed our engineers to formulate a solution where none existed before. The final implementation gave the client a competitive advantage by being able to firmly state that their solution had high availability, redundancy, and scalability. The complexity of IoT devices, how they are deployed to the field, and the data they capture along with the need to parse data constantly in any situation means that many companies are left with the impression that their long-term strategy and growth are limited by the current solutions available out-of-the-box. Partnering with ClearScale means that, regardless of complexity, solutions can be designed with current services configured and customized in ways that others have yet to imagine.
Get in touch today to speak with a cloud IoT expert and discuss how we can help:
Call us at 1-800-591-0442
Send us an email at sales@clearscale.com
Fill out a Contact Form
Read our Customer Case Studies