ℹ️ Info
Document purpose
This document outlines the key VAST Data replication configurations based on three dimensions: Replication mode (sync vs. async), user source (local vs. external provider), and permission model (bucket vs. identity policies). For each scenario, we provide a concise description, explain when and why it's relevant, and link to detailed configuration steps. The goal is to help users and field teams identify the right setup for each environment and accelerate deployment decisions.
Introduction to VAST Data Replication
VAST Data replication provides robust data protection and disaster recovery by enabling the creation of replica copies of file systems, S3 buckets, and databases across remote clusters. Replication can be configured in two modes — synchronous or asynchronous — each tailored to different operational and resilience needs.
Synchronous Replication
Synchronous replication ensures zero data loss (RPO = 0) by replicating every write operation immediately and atomically from the source cluster to the destination cluster. Only after the data is successfully written to both sides is an acknowledgment returned to the client. This mode is ideal for mission-critical workloads where consistency across sites must be guaranteed in real time. While the destination copy is always fully up to date, failover is a manual process — RPO is zero, but RTO is not, as service restoration time depends on operational procedures.
Asynchronous Replication
Asynchronous replication captures the state of data at scheduled points in time using snapshots, and transfers only the changes since the last snapshot to one or more destination clusters. This approach supports flexibility and scalability, including many-to-one and one-to-many replication topologies, and is suitable for disaster recovery, long-term retention, and cross-region deployments. In the event of a failure, replicated data can be failed over and resumed, with a small risk of data loss limited to the replication interval.
Synchronous vs. Asynchronous Comparison Table
ℹ️ Info
Use this comparison table to choose the type of replication solution that best fits your operational needs.
Feature | Synchronous Replication | Asynchronous Replication |
|---|---|---|
RPO (Recovery Point Objective) | Zero (no data loss) | Greater than zero (depends on snapshot schedule) |
Write Behavior | Writes are replicated instantly before acknowledgment | Writes are acknowledged immediately; replicated later |
Failover Readiness | Immediate, with fully up-to-date data | Near-ready; may lose recent writes |
Latency Requirements | Low latency, typically <10ms | Works over high-latency links |
Topology | One-to-one per protected path; for different protected paths, they can be multi-directional with multiple clusters. | One-to-one, one-to-many, many-to-one. |
Use Case | Mission-critical, zero data loss | Disaster recovery, long-term retention |
Write Access at Destination | Read-write under normal operation (read-only only if the secondary loses connection to the primary). | Read-only until failover. |
Replication Frequency | Continuous (real-time) | Scheduled or on-demand |
Bucket Policy vs. Identity Policy Comparison Table
Feature | Bucket Policy | Identity Policy |
|---|---|---|
Scope of Application | Specific to a View (bucket) | Applied to a user or group, affects |
Attachment | Attached only to a view | Attached to one or more users/groups |
Replication Behavior | Replicated automatically with the view | Replicated manually; must be |
Lifecycle | Deleted automatically when the view/bucket is deleted | Persists independently of the bucket lifecycle |
API Type | Managed through S3 API | Managed through VMS API |
Best Use Case | When access rules are specific to a bucket/view | When should rules follow a user across |
Multi-tenancy Suitability | Suited for view-based isolation | Suited for user-based identity control |
External Identity Provider | Not directly integrated | No need to attach manually if using external identity provider |
S3 Asynchronous Replication with Local Users and Identity Policy
S3 Asynchronous Replication with Local Users and Bucket Policy
S3 Asynchronous Replication with Active-Directory Users and Identity Policy
S3 Synchronous Replication with Active-Directory Users and Identity Policy
S3 Synchronous Replication with Active-Directory Users and Bucket Policy