Designing Disaster Recovery Clusters using Metroclusters and Continentalclusters, Reprinted October 2011 (5900-1881)
Site Safety Latch
The Site Safety Latch prevents inadvertent simultaneous startup of the workload configuration on
both sites. The Site Safety Latch is an internal mechanism that is created for each Site Controller
Package. It is created automatically on all the cluster nodes when the corresponding Site Controller
Package configuration is applied in the cluster. The Site Safety Latch for a Site Controller Package
is identified by the following convention: /dts/mcsc/<cw_sc.
A workload that is managed by a Site Controller Package must be configured to use the
corresponding Site Safety Latch. Complex-workload packages that are not dependent on other
packages in the workload, such as CFS-DG package associated with the critical application
package, must be configured with a resource dependency on the corresponding Site Safety Latch.
The resource dependency must be specified in the package configuration file. The UP value of the
RESOURCE_UP_VALUE attribute must be specified as != DOWN and the value for the
RESOURCE_START attribute must be left at its default value of Automatic in the configuration
file.
Following is a sample of the resource dependency specification:
RESOURCE_NAME /dts/mcsc/hrdb_sc
RESOURCE_POLLING_INTERVAL 40
RESOURCE_UP_VALUE != DOWN
RESOURCE_START automatic
Based on the Site Safety Latch configuration rules, when configuring an Oracle RAC database or
other applications using CFS or CVM storage in a Metrocluster, the resource dependency must be
defined in the MNP package of each CVM disk group that is used to store the RAC database.
When using SLVM for storage, the resource dependency must be specified in the SGeRAC Toolkit
RAC MNP package.
The workload packages on a site can be started only when the Site Safety Latch is opened on the
site. When the Site Safety Latch on a site is closed, the corresponding workload packages cannot
be started. The Site Safety Latch is opened when the RESOURCE_UP_VALUE is set to UP. When
this value is set to DOWN, the Site Safety Latch is closed. The Site Controller Package ensures that
its Site Safety Latch is opened at only one site at any give time.
When the Site Controller Package encounters an error while starting the workload packages
configured on that site, the Site Safety Latch is left in an INTERMEDIATE state. To check the status
of the Site Safety Latch, see the syslog.log file. Alternatively, you can use the cmviewsc -v
command to view the status of the Site Safety Latch. For more information on the cmviewsc
command, see ???. When the Site Safety Latch is in this state, the Site Controller Package and the
workload packages on the site can be restarted only after cleaning the site. For more information
on cleaning the Site Controller Package, see “Cleaning the Site to Restart the Site Controller
Package” (page 405).
IMPORTANT: The Site Safety Latch is an internal mechanism, which is opened and closed
automatically by its corresponding Site Controller Package. Operators only need to configure the
workload packages to use the Site Safety Latch. It need not be managed manually.
Configuring Complex Workloads using Site Aware Disaster Tolerant
Architecture
This section elaborates on the procedures to configure a complex workload using SADTA.
This section addresses the following topics:
• “Overview of SADTA Configuration” (page 345)
• “Configuring a Complex Workload in SADTA” (page 345)
• “Configuring Metrocluster for RAC” (page 360)
344 Designing a Disaster Recovery Solution Using Site Aware Disaster Tolerant Architecture