Failover across different subnets
We have implemented a failover soultion on Linux using DRBD and Heartbeat and it works great, Now we have a change in requirement that states the Nodes replicating are in different subnets, we will not have a common virtual IP that we use when the machines are on the same subnet.
When we have nodes in different subnets what would be the best way to failover?.
There are several approaches to implementing failover between subnets; but there are a lot of variants depending on the exact requirements. Regardless of specifics, what you seem to be trying to achieve is route health injection; that is, advertising a route to a specific service (usually via a VIP) based on the health/availability of that service.
Some ways of implementing this include:
3rd party appliances
e.g. Citrix Netscaler or F5 BIGIP. These appliances generally offer very rich feature sets. In addition to your high-availability requirement, they also provide load-balancing between multiple servers, as well as some advanced health check features for well-known applications protocols (e.g. HTTP, HTTPS, DNS etc). They are, however, very expensive.
Host-based routing daemons
e.g. Quagga or XORP. With a little bit of scripting, these daemons can provide a subset of the functionality of the appliances above, without the associated costs. If you configure your network to accept routing dynamic routing updates from your hosts, and put in some scripts that periodically check the health of your services, this will allow you to conditionally advertise a route to a VIP from each of your real servers. Some considerations here:
- you will need to have adminisrative rights on your network hardware;
- you will need controls in place to ensure that your host-based routing process does not any impact to your network infrastructure, e.g. through misconfiguration.
Some clarification of the requirements/constraints in your situation might be helpful. Some questions:
- Do you require active/active, or active/standby failover?
- Are these applications internet facing, or for internal use only?
- Do you require automatic failover?
- Is load-balancing a requirement?
- Would you prefer an anycast solution, where users connect to the 'closest' instance of a service?
- Do your back-end servers need to see client connections originating from their actual source IP address, or will a proxied solution be acceptable?
This mailing list page talks about using RIP routing advertisements to allow servers to answer to a common IP address even though they are on different subnets. You'll need some router magic to make it work.
http://www.gossamer-threads.com/lists/linuxha/users/31977#31977
ALternatively if you don't mind a little downtime you could use DNS entries with short TTLs. Just updater the DNS record to change servers.