C H A P T E R 8 |
For descriptions of the options available for connecting nonpeer nodes to the cluster network, see the following sections:
A non-peer node communicates through an external network with peer nodes of a cluster running the Netra High Availability (HA) Suite software to perform one or more of the following tasks:
Access one or more of the Foundation Services, such as the Reliable File Service
Retrieve cluster information and statistics from the Node Management Agent
Install software from a build server or an installation server
The external network can be an Ethernet, ATM, or any other network type supported by the operating system.
An external network can be connected to a cluster peer nodes in the following ways:
Directly to the cluster network (sharing a physical interface used by the cluster network)
If the cluster IP addresses are in a private network, logical interfaces must be created to connect the external network to the cluster network.
If the cluster IP addresses are in the same subnetwork as the external network, it is not necessary to create logical interfaces.
External addresses have no inherent relationship to internal cluster addresses. External addresses are flexible. They can be statically assigned to an interface, or they can fail over from a failed interface to a working one using IP multipathing on the Solaris OS or the Linux bonding driver on Linux. They can be IPv4 or IPv6.
A floating external address is a logical address assigned to an interface that is used to connect the master node to an external network. The External Address Manager (EAM) uses the Cluster Membership Manager (CMM) notifications to determine when a node takes on or loses the master role. When notified that a node has become the master node, the EAM configures the floating external addresses on one of the node’s external interfaces. When notified that a node has lost the master role, the EAM unconfigures the floating external addresses. Because the floating external address is always configured on the master node, non-peer nodes on an external network can always access the master node, even after failover and switchover.
You can install the EAM when you first install the software on the cluster, or after you have completed the installation process and have a running cluster.
At the same time, floating external addresses can be managed by IPMP on the Solaris OS or by the Linux bonding driver on Linux. When a node has two or more NICs connected to the external network, IPMP (Solaris OS) or the Linux bonding driver (Linux) will failover the floating external addresses from one NIC to the other if the interface on which they are configured fails. Additionally, you can configure EAM to monitor the status of those NICs and trigger a switch-over when all NICs in a monitored group have failed.
For more IPMP information, see the Solaris System Administration Guide: IP Services.
This section describes how a nonpeer node can be connected directly to a cluster network. Connecting a nonpeer node directly to the cluster network is disadvantageous for the following reasons:
Internal traffic can leave the cluster network, compromising security.
External traffic can enter the cluster network, reducing network performance.
Traffic on the two cluster network paths can become asymmetric if the external network is connected to only one of the cluster networks. This could affect the performance of the redundant transport mechanism provided by CGTP.
FIGURE 8-1 shows how you can connect directly to a cluster network with a public IP address.
In FIGURE 8-1, the nonpeer node is connected to the hme0 interface of each peer node. Each hme0 interface has a logical interface called hme0:2, configured with an address in the public IP address space. The nonpeer node can access the cluster network through these logical interfaces.
FIGURE 8-1 Example of a Nonpeer Node Connected Directly to a Cluster Network Using a Public IP Address Space
TABLE 8-1 shows the IP addresses of the master node in FIGURE 8-1. In addition to the addresses shown in FIGURE 8-1, the master node has a floating address for each interface. The External Address Manager configures the floating external address, hme0:3.
This section describes how a nonpeer node can be connected to the cluster network through additional physical interfaces on the peer nodes. This configuration is preferable to that in Connecting Nonpeer Nodes Directly to a Cluster Network for the following reasons:
The cluster network is separate from the external network, giving better security and performance.
There are no restrictions on the external network addressing model.
All of the node hardware that is supported for use with the Netra HA Suite software can be configured with more than two physical interfaces. Also, more than one physical interface can be connected to the external network. In this case, external floating addresses are managed by IPMP on the Solaris OS and by the Linux bonding driver on Linux.
FIGURE 8-2 shows an example of how you can connect a nonpeer node to a cluster through the physical interface hme2.
FIGURE 8-2 Example of a Nonpeer Node Connected to the Cluster Network Through Additional Physical Interfaces on Peer Nodes
For simplicity, in FIGURE 8-2 the nonpeer node is connected to each peer node through a single interface. This configuration would introduce a single point of failure. In highly available platforms, single points of failure must be avoided.
TABLE 8-2 shows the IP addresses of the master node in FIGURE 8-2. In addition to the addresses in FIGURE 8-2, the master node has a floating address for each interface. Netra HA Suite software configures the floating external address, hme2:1.
This section describes how to connect a nonpeer node to the cluster network through a router. The router node can contain the Network Address Translation (NAT) service to protect the cluster from unwanted external traffic.
The use of a router is advantageous compared to the scenario in Connecting Nonpeer Nodes Directly to a Cluster Network for the following reasons:
You can prevent internal traffic from leaving the cluster network.
You can prevent external traffic from entering the cluster network.
However, the use of a router is disadvantageous compared to the scenario in Connecting Nonpeer Nodes to the Cluster Through Additional Physical Interfaces for the following reasons:
It complicates the network configuration because routers must be configured.
It could allow external traffic to enter the cluster network, reducing network performance.
If the external network is connected to only one of the cluster networks, the traffic on the two cluster network paths can become asymmetric.
The following figure shows an example of how to connect several nonpeer nodes to a cluster network through a router.
Copyright © 2008, Sun Microsystems, Inc. All rights reserved.