HP Serviceguard Extended Distance Cluster for Linux A.01.00 Deployment Guide, Second Edition, May 2008
Disaster Tolerance and Recovery in a Serviceguard Cluster
Disaster Tolerant Architecture Guidelines
Chapter 1 37
Disaster Tolerant Architecture Guidelines
Disaster tolerant architectures represent a shift away from the massive
central data centers and towards more distributed data processing
facilities. While each architecture will be different to suit specific
availability needs, there are a few basic guidelines for designing a
disaster tolerant architecture so that it protects against the loss of an
entire data center:
• Protecting nodes through geographic dispersion
• Protecting data through replication
• Using alternative power sources
• Creating highly available networks
These guidelines are in addition to the standard high-availability
guidelines of redundant components such as multiple paths to storage,
network cards, power supplies, and disks.
Protecting Nodes through Geographic Dispersion
Redundant nodes in a disaster tolerant architecture must be
geographically dispersed. If they are in the same data center, it is not a
disaster tolerant architecture. Figure 1-2 on page 17 shows a cluster
architecture with nodes in two data centers: A and B. If all nodes in data
center A fail, applications can fail over to the nodes in data center B and
continue to provide clients with service.
Depending on the type of disaster you are protecting against and on the
available technology, the nodes can be as close as another room in the
same building, or as far away as another city. The minimum
recommended dispersion is a single building with redundant nodes in
different data centers using different power sources. Specific
architectures based on geographic dispersion are discussed in the
following chapter.