Login
Contents x
Active/Standby (ASA)
  • 01 Oct 2024
  • Dark
    Light
  • PDF
Contents

Active/Standby (ASA)

  • Updated on 01 Oct 2024
  • Dark
    Light
  • PDF
Article summary

An Active/Standby Architecture (ASA) is an Itential architecture where all of the components are redundant and can gracefully tolerate at least 1 (one) catastrophic failure and also provides a redundancy for the primary data center. This architecture is the recommended architecture for production environments that must adhere to strict business continuity and uptime demands. It builds on top of the HA2 architecture essentially using two HA2 installs in geographically redundant locations. It makes use of a larger MongoDB replica set that is also geographically redundant.

The IAP application performs many reads and writes against the database and is sensitive to great latencies. All active components must be running in the same data center. The MongoDB replication process will ensure that the data written to the primary node in the active data center will be replicated to the geographically redundant MongoDB nodes in the secondary data center. All components must have authentication enabled.

The minimum ASA architecture is comprised of 17 VMs broken down as follows:

  • 4 IAP servers
  • 5 MongoDB servers
  • 6 Redis servers
  • 1 IAG server

Itential Active/Standby Architecure

Highly Available Itential Enterprise (IAP)

IAP instances communicate with one another through Redis and share data via MongoDB. Simply adding a new IAP node and pointing it to the correct MongoDB and Redis is sufficient to to achieve high availability. As IAPs are added and configured they are enabled to perform work.

IAPs must have the following configurations:

  • MongoDB connection strings must contain a reference to all members of the replica set
  • Redis configurations must specify the list of all known Redis Sentinels and their Sentinel username and password. Connections to an HA Redis actually occur through the Sentinels and not directly to Redis.

Highly Available MongoDB

MongoDB clusters operate in a primary/secondary model where data written to the primary will replicate to the secondary. If a primary MongoDB node fails the replica set will detect this failure and force an election for a new primary. During this time the replica set may not accept reads and writes until the new primary is selected, usually after a few seconds. Once it is finished and a new primary is identified the IAP application will resume normal operation. Operators of Itential do not have to do anything during this election.

In order to preserve an odd number of replicas to prevent a split-brain scenario when/if an election occurs, this architecture requires the MongoDB cluster to be split across three data centers or regions: 2 in the primary region, 2 in the secondary region, and a third in a tertiary region. When a region is lost there will remain three voting members of the replica set. The replica set configuration must enforce a preference to influence the voting in this architecture to guarantee that the primary MongoDB will shift to the secondary region in the case of a disaster.

Itential’s MongoDB cluster must have the following requirements:

  • All replica set members must be defined in the IAP config.
  • Authentication between the replica members must be done with either a shared key or X.509 certificate.
  • The database must have an admin user able to perform any operation.
  • The database must have an “itential” user that is granted the least amount of privileges required by the IAP application. IAP must be configured to use this user account.
  • The replica set configuration must leverage the priority settings to influence the voting as follows:
MongoDB Node Priority Setting
Primary Region Database 1 10
Primary Region Database 2 10
Secondary Region Database 1 5
Secondary Region Database 2 5
Tertiary Region Database 3 1
Related Readings:

Highly Available Redis

Redis clusters operate in a primary/secondary model where data written to the primary will replicate to the secondary. If a primary Redis node fails the replica set will detect this failure via the Redis Sentinels and force an election for a new primary. During this time the replica set may not accept reads and writes until the new primary is selected, usually after a few seconds. Once it is finished and a new primary is identified the IAP application will resume normal operation. Operators of Itential do not have to do anything during this election.

Itential’s Redis cluster must have the following requirements:

  • All Redis nodes must be defined in the IAP profile configuration.
  • Authentication between the replica members is done with users defined in the Redis config file.
  • Redis must have an admin user able to perform any operation.
  • Redis must have an “itential” user that is granted the least amount of privileges required by the application. IAP must be configured to use this user account.
  • Redis must have a replication user that is granted the least amount of privileges required by the replication process.
  • Redis Sentinel must be included to monitor the Redis cluster and musts be colocated with Redis.
  • Redis Sentinel must have an admin user able to perform any Sentinel task.
  • Redis nodes must maintain a low latency connection between nodes to avoid replication failures.

More Redis Replication information here →

Was this article helpful?
What's Next
Privacy Policy
Cookie Policy
Terms of Use
EULA
Copyright © 2024 Itential for Developers
Change password!
Changing your password will log you out immediately. Use the new password to log back in.
Change profile
Success!
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
Logout