Manualshelf

Designing Disaster Recovery Clusters using Metroclusters and Continentalclusters, Reprinted October 2011 (5900-1881)

ManualsBrandsHP ManualsSoftwareHP Serviceguard Metrocluster with EMC SRDF
21222324252627282930
Following are the guidelines that must be followed to configure a Serviceguard cluster across
network subnets:
All the nodes in the cluster must belong to the same domain.
The latency period in the heartbeat network that is configured across subnets must be less
than 200 milliseconds.
A minimum of two heartbeat subnets must be configured for all cluster nodes.
Each heartbeat subnet on a node must be routed using a different physical route to the other
heartbeat subnet on the other node.
Redundant physical networks need to be cabled separately between sites to maintain high
availability.
Each subnet that is used by a package must be configured with a standby interface in the
local bridged network.
For more information on configuring cross-subnet clusters, see the Managing Serviceguard manual
available at http://www.hp.com/go/hpux-serviceguard-docs —> HP Serviceguard.
Following are the disaster tolerant architecture requirements:
In the disaster tolerant cluster architecture, it is expected that each data center is self-contained
such that the loss of one data center does not cause the entire cluster to fail. It is important
that all single points of failure (SPOF) be eliminated so that surviving systems continue to run
in the event that one or more systems fail.
It is also expected that the networks between the data centers are redundant and routed in
such a way that the loss of any one data center does not cause the network between surviving
data centers to fail.
Exclusive volume group activation must be used for all Volume Groups (VG) associated with
packages that use the disk arrays in a Metrocluster with non-SADTA environment. The design
of the Metrocluster script assumes that only one system in the cluster will have a VG activated
at any time.
Metrocluster also defines a Site Aware Disaster Tolerant Architecture (SADTA) for complex workloads
such as Oracle RAC database, including Oracle Database 10gR2 RAC and Oracle Database
11gR1 RAC, and SAP that use CFS, CVM, or SLVM. This solution uses an additional software
feature called the Site Controller Package to provide disaster tolerance for workload databases.
For more information on SADTA, see “Overview of Site Aware Disaster Tolerant Architecture”
(page 337).
Single Data Center
A single data center architecture is supported, but it is not a true disaster tolerant architecture. If
the entire data center fails, there will be no automated failover. This architecture is only valid for
protecting data through data replication, and for protecting against multiple node failures.
Two Data Centers and Third Location with Arbitrator(s)
This is the recommended and supported disaster tolerant architecture for use with Metropolitan
cluster. This architecture consists of two main data centers with an equal number of nodes and a
third location with one or more arbitrator nodes or a quorum server node. Figure 1.
24 Designing a Metrocluster