To
protect against multiple points of failure, cluster components must
be geographically dispersed: nodes can be put in different rooms,
on different floors of a building, or even in separate buildings
or separate cities. The distance between the nodes is dependent
on the types of disaster from which you need protection, and on
the technology used to replicate data. Three types of disaster-tolerant
clusters are described in this guide:
Extended Distance Clusters
These types differ from a simple local cluster in many ways.
Extended distance clusters and metropolitan clusters often require
right-of-way from local governments or utilities to lay network
and data replication cable. This can complicate the design and implementation.
They also require a different kind of control mechanism for ensuring
that data integrity issues do not arise. Typically, metropolitan
clusters use an arbitrator site containing additional cluster nodes
instead of the cluster lock disk. Continental clusters span great
distances and operate by replicating data between two completely
separate local clusters.
Extended Distance Clusters |
 |
An
extended distance cluster (also known as
extended campus cluster) has alternate nodes
located in different data centers separated by some distance. Extended
distance clusters are connected using a high speed cable that guarantees
network access between the nodes as long as all guidelines for disaster
tolerant architecture are followed. Extended distance clusters were
formerly known as campus clusters, but that
term is no longer in use because the supported distances have increased
beyond the typical size of a single corporate campus. The maximum
distance between nodes in an extended distance cluster is set by
the limits of the data replication technology and networking limits.
An extended distance cluster is shown in Figure 1-3 “Extended Distance Cluster ”.
Architecture
requirements for several types of extended distance clusters are
described more fully in Chapter 2. Extended distance clusters can
be configured over shorter distances using FibreChannel mass storage,
or over distances as great as 100 km using storage and networking
routed over links extended via DWDM.
Metropolitan Cluster |
|
A
metropolitan cluster is a cluster that has
alternate nodes located in different parts of a city or in adjacent
cities. Putting nodes further apart increases the likelihood that
alternate nodes will be available for failover in the event of a
disaster. The architectural requirements are the same as for an
extended distance cluster, with the additional constraint of the third
data center. And as with a campus cluster, the distance separating the
nodes in a metropolitan cluster is limited by the data replication
and network technology available.
|
| |
|
 | NOTE: While it is possible to configure physical data replication
through products such as HP's XP Series disk arrays with
Continuous Access XP or Symmetrix EMC SRDF, it is still necessary
to provide for high availability at the local level through RAID
or mirroring. |
|
| |
|
Metropolitan cluster architecture is implemented through two
HP products:
MetroCluster with Continuous
Access XP (described in Chapter 3)
MetroCluster with EMC SRDF (described in Chapter
4)
Metropolitan cluster architecture is shown in Figure 1-4 “Metropolitan Cluster ”.
A key difference between extended distance clusters and metropolitan clusters
is the data replication technology used. The extended distance cluster
uses FibreChannel and HP-UX supported software mirroring. Metropolitan
clusters provide extremely robust data replication based on the
capabilities of the HP SureStore E Disk Array XP series or the EMC Symmetrix
array.
Continental Cluster |
|
A
continental cluster provides an alternative
disaster tolerant solution in which distinct clusters are
separated by large distances, with wide area networking used between
them. Continental cluster architecture is implemented via the ContinentalClusters
product, described fully in Chapter 5. The design is implemented
with two distinct ServiceGuard clusters located in different geographic
areas. In this architecture, each cluster maintains its own quorum,
so an arbitrator data center is not used. A continental cluster
can use any WAN connection via a TCP/IP protocol; however, due to
data replication needs, high speed connections such as T1 or T3/E3
leased lines or switched lines may be required. See Figure 1-5 “Continental Cluster ”.
|
| |
|
| NOTE: A continental cluster can also be built using two clusters
that communicate over shorter distances using a conventional LAN. |
|
| |
|
The key issues concerning a continental cluster over a WAN
are:
Inter-cluster connections are TCP/IP
based.
The physical connection is one or more leased lines
managed by a common carrier. Common carriers cannot guarantee the
same reliability that a dedicated physical cable can. The distance
can introduce a time lag for data replication, which creates an
issue with data currency. This could increase the cost by requiring
higher speed WAN connections to improve data replication performance
and reduce latency.
Tools such as Transaction Processing Monitors or
database replication tools that work across a WAN are needed to
make sure the data replication maintains data consistency.
Operational issues, such as working with different
staff with different processes, and conducting failover rehearsals,
are made more difficult the further apart the nodes in the cluster
are.
Continental Cluster With Cascading Failover |
|
Another way of setting up your continental cluster is the
use of cascading failover, an option available
for users of the EMC Symmetrix. Cascading failover means that applications
are configured to fail over on nodes within two data centers in
either cluster. They fail over to a cluster if the entire alternate
cluster is down. For example, bi-directional failover allows a cluster
to be both a recovery cluster and a primary
cluster for different packages. Data replication also
follows the cascading model. Data is replicated from the primary
disk array to the secondary disk array in the MetroCluster, then
data is replicated to the third disk array in the ServiceGuard recovery
cluster.
A continental cluster with cascading failover uses four data
centers distributed between a metropolitan cluster, which serves
as a primary cluster, and a standard cluster, which serves as a
recovery cluster. The configuration uses three EMC Symmetrix frames,
two of which are part of the metropolitan cluster and the other
attached to the recovery cluster.The data centers are distributed
as follows:
Primary Symmetrix—on the
site that holds the primary copy of the data, located in the primary
cluster.
Secondary Symmetrix—on the site that holds
a remote mirror copy of the data, located in the primary cluster.
Arbitrator—a separate site that contains
the arbitrator nodes, located in the primary cluster.
Recovery Symmetrix—on a site that holds
a remote mirror copy of the data, located in the recovery cluster.
Figure 1-6 “Cascading Failover Data Center
Distribution” illustrates data centers, clusters,
nodes and Symmetrix frames in a cascading failover configuration.
Refer to Chapter 8 for details on setting up data replication for
this type of cluster.
Printable version
