Backup & Recovery Service
Automated, immutable, and cross-region data protection with point-in-time recovery and guaranteed RPO/RTO metrics.
Overview
CloudNexus Backup & Recovery provides enterprise-grade data protection for all compute, storage, and database workloads. The service operates transparently in the background, leveraging incremental snapshots, deduplication, and automatic replication across availability zones and regions.
Designed for compliance and disaster recovery, the platform supports immutable backups, ransomware detection, and one-click restoration to any generation or timestamp.
Scheduled Snapshots
Automated incremental backups at configurable intervals (15min, 1h, 4h, daily, weekly). Consistent crash-safe snapshots via integration with guest agents.
Encryption & Immutability
All data is encrypted in-transit (TLS 1.3) and at-rest (AES-256-GCM). Optional WORM (Write-Once-Read-Many) locks prevent tampering or deletion within retention windows.
Cross-Region Replication
Automatic asynchronous replication to secondary regions. Isolated storage buckets ensure geographic redundancy without impacting primary performance.
Instant Restore
Mount snapshots directly to new instances or restore to original workloads with zero data loss. Point-in-time recovery supports granular file/database restoration.
Technical Specifications
| Parameter | Standard Tier | Enterprise Tier | Notes |
|---|---|---|---|
| Recovery Point Objective (RPO) | ≤ 60 min | ≤ 15 min | Configurable per workload |
| Recovery Time Objective (RTO) | ≤ 5 min | ≤ 90 sec | Excludes network transfer |
| Encryption Standard | AES-256-CBC | AES-256-GCM + KMS | BYOK supported |
| Retention Period | Up to 90 days | Up to 7 years | Compliance-ready |
| Replication Scope | Multi-AZ | Multi-Region (Active-Active) | Sync/Async options |
| Immutability (WORM) | Disabled | Enabled | Ransomware protection |
CLI & API Configuration
Configure backup policies using the CloudNexus CLI (`cln`) or REST API v2. Policies can be attached to individual instances, storage volumes, or applied globally via tags.
# Create a backup policy with 15-min RPO and cross-region replication cln backup policy create --name prod-database-pit-15m \ --rpo 15m \ --retention 30d,12w,36m \ --replication us-east-1,eu-west-1 \ --immutable true \ --encryption aes-256-gcm # Attach to specific instances via tag cln instance tag --ids i-8f2a1, i-9c4d2 --policy prod-database-pit-15m
API Endpoint Reference
POST /v2/backup/policies — Create new backup policy
GET /v2/backup/snapshots — List all available snapshots with metadata
POST /v2/backup/restore — Trigger point-in-time or full snapshot restoration
Retention & Storage Tiers
Backups are automatically classified into storage tiers based on age and access frequency to optimize cost without compromising recoverability.
| Tier | Retention Window | Storage Cost/GB/mo | Restore Latency | Use Case |
|---|---|---|---|---|
| Standard | 1 - 30 days | $0.045 | < 30s | Operational recovery, PITR |
| Archive | 30 - 365 days | $0.012 | 1 - 5 min | Compliance, monthly/weekly retention |
| Deep Cold | 1 - 7 years | $0.004 | 15 - 60 min | Legal holds, long-term archival |
Note: Cross-region replication incurs an additional 0.02 USD/GB/month for secondary storage. Lifecycle policies automatically transition snapshots based on defined rules.
Disaster Recovery Runbook
For complete regional failures, CloudNexus supports automated failover orchestration. The DR controller validates backup integrity, provisions replacement infrastructure in the target region, and redirects traffic via DNS load balancers.
apiVersion: cloudnexus.io/v1 kind: DisasterRecoveryPlan metadata: name: primary-reg-failover spec: trigger: manual|auto-detect sourceRegion: us-east-1 targetRegion: eu-west-1 resources: - type: kubernetes-cluster id: k8s-prod-main restoreStrategy: latest-consistent - type: rds-postgres id: db-core-analytics pitrTimestamp: auto validation: healthChecks: true dnsSwitchover: automatic