After 24 February 2022, the world changed for decades to come. Vladimir Putin decided to launch a “special military operation” (actually a full-scale invasion aimed at overthrowing the government in Kiev), thereby throwing out the international rules-based order that had been in place since 1945. These actions had profound effects on Sweden and Swedes’ attitudes towards NATO: according to Svenska Dagbladet (SVD) from 30 March 2022, the number of Swedes in favour of joining NATO increased by 15 percentage points in March 2022 compared to December 2021. If Finland also decides to join, an additional 29% say they want Sweden to join the defence alliance, creating a majority in favour for the first time in Sweden.
Russia’s response was swift: if Sweden or Finland join NATO, there will be “military and political consequences”. At Synotio (the hosting company within the Angry Creative group), we don’t know what those consequences are and are therefore preparing for the worst-case scenario to ensure our and our customers’ continuity.
Our previous strategy
As of 2018, Synotio’s equipment was located in two data centres: Hammarby and Sätra. These are located about 10 km apart. Here is a map with both marked:
This is perfectly fine if all you’re protecting yourself against is hardware and network connection failures. Both locations have plenty of diversified redundancy. They’re also very cost-effective as they’re quite close to each other.
What this is not effective for is protecting against is any kind of military threat to the region. The array is therefore no longer sufficient to meet the security requirements of the new situation that has emerged in the world. 24 February therefore marks the end of this strategy and requires us to adapt accordingly.
Our current strategy
In March 2022, Synotio carried out a complete review of its resilience strategy. We have added three locations: Norrköping, Malmö and Uddevalla. If we put these points on a map, it looks like this:
How did we select these? There are a couple of factors that come into play:
- Malmö is one of Sweden’s largest fibre hubs thanks to its proximity to Copenhagen. From a connectivity point of view, it is therefore a very good place to be. This data centre is of the same standard as our Stockholm sites and is our designated disaster recovery site. We are also using this location to further increase our connections to the outside world.
- Norrköping is a site of military strategic importance: although it is adjacent to the Swedish east coast, it is not exposed to the same threats as Stockholm and Malmö because it is further inland from the sea. It also happens to be where we have our office, which basically makes it a free server location.
- Uddevalla is our latest and arguably the most interesting data centre from a security point of view. This is a 900m2 two-storey bergrum that was used for civil defence purposes after WWII until the collapse of the Soviet Union. We had interesting/complicated conversations with fibre providers when buying fibre links to this site as it is so secret that it has no address.
Our new disaster recovery plan
With all these data centres in place, we needed to assign more specific tasks for our sites than before. Before, it was very simple: Back up Hammarby to Sätra and back up Sätra to Hammarby. But the implications of this become more complicated if you scratch the surface. For example, there are production networks operating from the same location that could be affected if something goes wrong during disaster recovery testing. On top of that, testing also needs to be performed from two locations instead of one.
With more specialised roles for each data centre we therefore have:
- Hammarby and Sätra as our two main production sites. As they are built in a relatively identical way, they can easily be reused as disaster recovery sites for each other if needed.
- Malmö is our designated disaster recovery site in case something happens to either Hammarby or Sätra. We also test backups and their validity at this location. During testing, we not only test data integrity, but we boot the servers from these backups and run tests against them to check that they produce the results we expect. All of this is automated and performed with every backup we run. Any anomalies are reported to the Synotio Network Operations Centre (NOC) to handle the situation.
- Once the backups are created and tested, they are stored locally in Malmö and then replicated to both Uddevalla and Norrköping for further storage. The storage system in Norrköping runs in a synchronous mirror configuration where one set of discs is mirrored to another identical set of discs. This allows us to quickly pull out an entire shelf of discs and transport them to a safe location should the need arise without taking the system out of service.
What our standard backup looks like
In all Synotio hosting plans you get:
- Daily backups of your site. These are created at 03:00-04:00 CET/CEST every day and then stored for 45 days.
- Off-site replication of these backups to our data centre in Malmö.