Articles

DR Planning: RTO, RPO & Business Continuity Defined

March 24, 2026 6 min read

A robust backup and disaster recovery (DR) strategy is more than just an insurance policy; it’s a fundamental pillar of modern DevOps, enabling rapid recovery and resilience in the face of inevitable failures.

Let’s see this in action. Imagine a typical web application stack: a frontend (e.g., React app served by Nginx), a backend API (e.g., Python/Flask), and a PostgreSQL database.

Frontend: The frontend code itself is usually managed in Git. Backups are implicit through version control. If a deployment server fails, you simply redeploy from Git. The configuration (e.g., Nginx sites-available files) should also be versioned.

Backend API: Again, code lives in Git. The deployed artifacts (e.g., Docker images) are stored in a container registry (like Docker Hub, AWS ECR, or Google GCR). This registry is your backup for the application binary. Configuration for the API (environment variables, secrets) should be managed via a secrets manager (like HashiCorp Vault, AWS Secrets Manager, or Kubernetes Secrets) and ideally versioned in Git as well.

Database: This is where active, point-in-time backups are critical. For PostgreSQL, this involves:

  1. Logical Backups (e.g., pg_dump):

    • What: Creates SQL statements to recreate the database. Good for smaller databases or specific table recovery.
    • How:
      pg_dump -h db.example.com -U backup_user mydatabase > /backups/mydatabase_$(date +%Y%m%d_%H%M%S).sql
    • Why: Simple, human-readable, and portable.

  2. Continuous Archiving (Write-Ahead Log - WAL):

    • What: Backs up transaction logs, allowing for point-in-time recovery (PITR). This is crucial for minimizing data loss.
    • Configuration (postgresql.conf):
      wal_level = replica
archive_mode = on
archive_command = 'cp %p /var/lib/postgresql/wal_archive/%f'
    • Why: wal_level = replica enables the necessary logging. archive_mode = on activates WAL archiving. archive_command defines how WAL files are copied to a safe location. With a base backup and WAL archives, you can restore to any point in time.

  3. Base Backups:

    • What: A full snapshot of the database files.
    • How (using pg_basebackup):
      pg_basebackup -h db.example.com -U replication_user -D /backups/base_$(date +%Y%m%d_%H%M%S) -Ft -P -X fetch
    • Why: Provides a starting point for restoring from WAL archives. -Ft creates a tar format, -P shows progress, -X fetch includes WAL files needed for recovery.

The Full Mental Model:

  • Problem Solved: Data loss due to hardware failure, accidental deletion, cyberattacks, or natural disasters. Application downtime impacting business operations.
  • How it Works:
    • Backups: Creating copies of your data and configurations at a specific point in time. This includes:
      • Code: Version control (Git).
      • Artifacts: Container registries.
      • Configuration: Secrets managers, Git.
      • Databases: Logical dumps and physical (WAL + base backups).
    • Disaster Recovery (DR): The process and infrastructure for restoring service after a disruptive event. This involves:
      • Redundancy: Deploying applications and databases across multiple availability zones or regions.
      • Automated Failover: Systems that automatically switch to a standby instance if the primary fails (e.g., database replication, Kubernetes self-healing).
      • Recovery Procedures: Documented, tested runbooks for restoring services and data.
      • RPO/RTO: Defining Recovery Point Objective (how much data loss is acceptable, e.g., 5 minutes) and Recovery Time Objective (how quickly services must be back online, e.g., 1 hour).

Levers You Control:

  • Backup Frequency: How often you take logical dumps or base backups.
  • WAL Archiving: The interval at which WAL files are archived (driven by archive_timeout in postgresql.conf, though archive_command runs whenever a WAL file fills up or archive_timeout is reached).
  • Storage Location: Where backups are stored – ideally in a separate location from your primary infrastructure (e.g., object storage like S3, a different data center).
  • Retention Policies: How long backups are kept (e.g., 7 days daily, 4 weeks weekly, 12 months monthly).
  • Testing Frequency: How often you actually restore from backups to validate their integrity and your recovery procedures.

A common misconception is that simply having pg_dump files is sufficient for database recovery. While useful, pg_dump creates a snapshot at a single point in time. If your database experiences frequent writes, restoring from a pg_dump taken hours ago means losing all transactions that occurred since then. Continuous WAL archiving, coupled with regular base backups, is essential for achieving a low Recovery Point Objective (RPO) by enabling point-in-time recovery (PITR). This means you can restore your database to any specific second between your last base backup and the latest archived WAL file, drastically minimizing data loss.

The next step is to orchestrate these backups and recovery processes, potentially using tools like Velero for Kubernetes or custom scripting for cloud environments, and to implement automated monitoring for backup success and storage utilization.

Want structured learning?

Take the full DevOps & Platform Engineering course →