Designing Disaster Tolerant High Availability Clusters, 10th Edition, March 2003 (B7660-90013)
Building a Metropolitan Cluster Using MetroCluster/CA
Designing a Disaster Tolerant Architecture for use with MetroCluster/CA
Chapter 372
Designing a Disaster Tolerant Architecture
for use with MetroCluster/CA
MetroCluster/CA is designed for use in an extended distance cluster or
metropolitan cluster environment within the 100 km limit of the FDDI
network.
All nodes must be members of a single MC/ServiceGuard cluster. Two
configurations are supported:
• A single data center without arbitrators (not disaster tolerant.)
• A two main data centers and a third location architecture with one or
two arbitrator systems or a quorum server system. See Figure 3-1 on
page 73.
Following are the disaster tolerant architecture requirements:
• In the disaster tolerant cluster architecture, it is expected that each
data center is self-contained such that the loss of one data center
does not cause the entire cluster to fail. It is important that all single
points of failure (SPOF) be eliminated so that surviving systems
continue to run in the event that one or more systems fail.
• It is also expected that the networks between the data centers are
redundant and routed in such a way that the loss of any one data
center does not cause the network between surviving data centers to
fail.
• Exclusive volume group activation must be used for all VGs
associated with packages that use the XP Series disk array. The
design of the MetroCluster/CA script assumes that only one system
in the cluster will have a VG activated at any time.
Single Data Center
A single data center architecture is supported, but it is not a true
disaster tolerant architecture. If the entire data center fails, there will be
no automated failover. This architecture is only valid for protecting data
through data replication, and for protecting against multiple node
failures.