test

Sun Java System Calendar Server 6.3 Administration Guide

6.1 Overview of High Availability Choices for Calendar Server Version 6.3

High availability can be configured many ways. This section contains an overview of three high availability choices, and information to help you choose which is right for your needs.

This sections covers the following topics:

6.1.1 Understanding Asymmetric High Availability for Calendar Server Version 6.3

This figure shows a simple asymmetric HA Calendar Server installation.

A simple asymmetric high availability system has two physical nodes. The primary node is usually active, with the other node acting as a backup node, ready to take over if the primary node fails. To accomplish a fail over, the shared disk array is switched so that it is mastered by the backup node. The Calendar Server processes are stopped on the failing primary node and started on the backup node.

There are several advantages of this type of high availability system. One advantage is that the backup node is dedicated and completely reserved for the primary node. This means there is no resource contention on the backup node when a failover occurs. Another advantage is the ability to perform a rolling upgrade; that is, you can upgrade one node while continuing to run Calendar Server software on the other node. Changes you make to the ics.conf file while upgrading the first node will not interfere with the other instance of Calendar Server software running on the secondary node because the configuration file is read only once, at startup. You must stop and restart the calendar processes before the new configuration takes effect. When you want to upgrade the other node, you perform a failover to the upgraded primary node and proceed with the upgrade on the secondary node.

Note –

You can, of course, choose to upgrade the secondary node first, and then the primary node.

The asymmetric high availability model also has some disadvantages. One disadvantage is that the backup node stays idle most of the time, making this resource underutilized. Another possible disadvantage is the single storage array. In the event of a disk array failure with a simple asymmetric high availability system, no backup is available

6.1.2 Understanding Symmetric High Availability for Calendar Server Version 6.3

This figure shows a simple symmetric HA system for Calendar Server. Both nodes contain active instances of Calendar Server.

A simple symmetric high availability system has two active physical nodes, each with its own disk array with two storage volumes, one volume for the local calendar store, and the other a mirror image of the other node's calendar store. Each node acts as the backup node for the other. When one node fails over to its backup, two instances of Calendar Server run concurrently on the backup node, each running from its own installation directory and accessing its own calendar store. The only thing shared is the computing power of the back up node.

The advantage of this type of high availability system is that both nodes are active simultaneously, thus fully utilizing machine resources. However, during a failure, the backup node will have more resource contention as it runs services for Calendar Server from both nodes.

Symmetric high availability also provides a backup storage array. In the event of a disk array failure, its redundant image can be picked up by the service on its backup node.

Note –

To configure a symmetric high availability system, you install the Calendar Server binaries on your shared disk. Doing so might prevent you from performing rolling upgrades, a feature planned for future releases of Calendar Server that enables you to update your system with a Calendar Server patch release with minimal or no down time.

6.1.3 Understanding N+1 (N Over 1): Multiple Asymmetric High Availability for Calendar Server Version 6.3

This configuration is a series of asymmetric HA Calendar Servers, each failing over to the same standby node.

In addition to the two types of highly available systems described in this chapter, a third type which is a hybrid of the two is also possible. This is a multi-node asymmetric high availability system. In this type, “N” disk arrays and “N” nodes all use the same backup node which is held in reserve and is not active normally. This backup node is capable of running Calendar Server for any of the “N” nodes. It shares each of the “N” node's disk array, as shown in the preceding graphic. If multiple nodes fail at the same time, the backup node must be capable of running up to “N” instances of Calendar Server concurrently. Each of the “N” nodes has its own disk array.

The advantages of the N+1 model are that Calendar Server load can be distributed to multiple nodes, and that only one backup node is necessary to sustain all the possible node failures.

The disadvantage of this type of high availability is the same as any asymmetric system; the backup node is idle most of the time. In addition, the N+1 high availability system backup node must have excess capacity in the event it must host multiple instances of Calendar Server. This means a higher cost machine is sitting idle. However, the machine idle ratio is 1:N as opposed to 1:1, as is the case in a single asymmetric system.

To configure this type of system, use the instructions for the asymmetric high availability system for each of the “N” nodes and the backup. Use the same backup node each time, but with a different primary node.

6.1.4 Choosing a High Availability Model for Your Calendar Server Version 6.3 Deployment

The following table summarizes the advantages and disadvantages of each high availability model. Use this information to help you determine which model is right for your deployment.

Table 6–1 Advantages and Disadvantages of Both High Availability Model

Model 

Advantages 

Disadvantages 

Recommended Users 

Asymmetric 

  • Simple Configuration

  • Backup node is 100 percent reserved

  • Rolling Upgrade, with zero downtime

Machine resources are not fully utilized. 

A small service provider with plans to expand in the future 

Symmetric 

  • Better use of system resources

  • Higher availability

Resource contention on the backup node.  

HA requires fully redundant disks. 

A small corporate deployment that can accept performance penalties in the event of a single server failure 

N+1 

  • Load distribution

  • Easy expansion

Management and configuration complexity. 

A large service provider who requires distribution with no resource constraints 

6.1.5 System Down Time Calculations for High Availability in Your Calendar Server 6.3 Deployment

The following table illustrates the probability that on any given day the calendar service will be unavailable due to system failure. These calculations assume that on average, each server goes down for one day every three months due to either a system crash or server hang, and that each storage device goes down one day every 12 months. These calculations also ignore the small probability of both nodes being down simultaneously.

Table 6–2 System Down Time Calculations

Model 

Server Down Time Probability 

Single server (no high availability) 

Pr(down) = (4 days of system down + 1 day of storage down)/365 = 1.37% 

Asymmetric 

Pr(down) = (0 days of system down + 1 day of storage down)/365 = 0.27% 

Symmetric 

Pr(down) = (0 days of system down + 0 days of storage down)/365 = (near 0) 

N + 1 Asymmetric 

Pr(down) = (5 hours of system down + 1 day of storage down)/(365xN) = 0.27%/N