This page details production environment issues.
Failure Scenarios
- hard drive failures
- data center is physically destroyed
- data center connectivity is lost
- database is corrupted
Risks
- DOS attacks
- SQL injection attacks
- account and password security
- viruses
Environments
Changes of any sort are first tested in the development environment.
If the tests pass, we apply the changes to QA where business users conduct testing.
Only after the business users approve the changes do we release any changes to PROD.
This includes everything from OS upgrades through to our own application code, minor and major
Recovery Time Objective
Without MAD, DBI will not be able to issue permits. (Is this correct?)
The recovery time objective for the application is 1 hour. (Is this OK?)
Recovery Point Objective
The recovery point objective for the database is 8 hours. (Is this OK?)
In some cases, such as a data center failure, the map cache that we fail over to
will be unseeded. The cache can be reseeded over night but the responsiveness
of the entire application will be slow until the the cache is reseeded.
access to the database is more important than access to the cached map data
upon a DC failover, we will have to reseed chache
Can we assume that we are not going to use replication?
If no replication, how much work can we loose? (1 day, 4 hours?, 2 hours?)
monitor disk space
Add Comment