After the 24th of February 2022, the world changed for decades to come. Vladimir Putin decided to initiate a “special military operation” (actually a full-on invasion with aims to topple the Kiev government) and thereby threw out the international rules-based order that had been in place since 1945. These actions had profound effects for Sweden’s attitude towards joining NATO: According to Svenska Dagbladet (SVD) from 2022-03-30, the amount of Swedes who were positive towards joining NATO increased by 15 percentage points in March 2022 compared to December 2021. If Finland also decides to join, an additional 29% states they want Sweden to join the alliance which creates a majority for the first time in Swedish history.
Russia’s response was swift: If Sweden or Finland joins NATO, there will be “military and political consequences”. At Synotio (the hosting part of the Angry Creative group of companies), we don’t know what these consequences are, but we sure aren’t going to find out without being prepared.
How the strategy looked before
As of 2018, Synotio has equipment located in two datacenters: Hammarby and Sätra, located about 10 km apart. Here’s a map with both of them marked:
This is perfectly fine if all you’re protecting yourself against is failures of hardware and network connections. Both locations have plenty of diversified redundancy. They are also very cost effective in terms of connectivity.
What this is not effective in protecting against is any kind of military force against the region and therefore it’s no longer adequate to meet the security demands of the new situation. 24th of February therefore spells the end of this strategy and demands that we adapt accordingly.
How the strategy looks now
In March of 2022, Synotio did a complete revisal of its resilience strategy. We have added three locations: Norrköping, Malmö, and Uddevalla. If we plot all our locations on a map, it now looks like this:
How did we select these? There is a couple of factors at play:
- Malmö is one of Sweden’s biggest fiber junctions due to it’s proximity to Copenhagen. From a connectivity standpoint, it’s therefore a very good place to be in. This datacenter has the same level of standards as our locations in Stockholm and is our designated disaster recovery site. We also use this site to further increase our level of connectivity to the outside world.
- Norrköping is a location of military-strategic importance: While it is adjacent to the Swedish east cost, it’s not subject to the same threat level as Stockholm and Malmö since it’s located further inwards from the sea. It also happens to be our office, so it’s basically free real estate for servers.
- Uddevalla is our newest and without doubt the most interesting datacenter from a security standpoint. This is a 900m2 two-story mountain complex that was used for civil defense purposes after world war 2 up to the collapse of the Soviet Union. We had interesting conversations with fiber providers in our quest to purchase links to this location since it’s so secret that it doesn’t have an address.
Our new disaster recovery plan
With all these datacenters in place, we needed to set out more specific purposes for our locations than before. Previously, it was very easy: Back up Hammarby to Sätra and back up Sätra to Hammarby. However, this actually makes things more complex than you might think. For example: when testing disaster recovery, there is also production networks running at the same site which could be affected if anything goes wrong. On top of that we would also need to perform testing on two sites compared to just one.
With more specialized roles, we now have:
- Hammarby and Sätra as our two main production sites. Since they are built in a pretty much identical way, they can easily be repurposed into disaster recovery sites for each other should the need arise.
- Malmö as our designated disaster recovery site, should something happen to either Hammarby or Sätra. We also test backups and their validity at this location. During testing we don’t just test data integrity, we actually start up the servers from those backups and run tests against them to check that they produce the results we expect them to. This is all automated and performed with every backup we run. If anything fails, emails will be sent out to the Synotio Network Operations Center to deal with the situation.
- Once the backups are created and validated, they are stored locally in Malmö and then sent off to both Uddevalla and Norrköping for further storage. The storage system in Norrköping is running in a synchronous mirror configuration where one set of disks is mirrored to another identical set of disks. This makes us able to pull out an entire shelf of disks quickly and transport them to a safe location should the need arise, while still being able to operate the system normally.
What our standard backup looks like
In any Synotio hosting plan, you get:
- Daily backups of your site. These are created at 03:00-04:00 CET/CEST every day and are then stored for 45 days.
- Off-site replication of these backups to our Malmö datacenter