I am working in Evidian company, with Bruno Rochat, who is in charge of the SafeKit software product.
To introduce the subject of this presentation, I’m going to start the small movie, at the right of the slide, and named : "One day with Evidian SafeKit. When computers do not crash! ".
The movie that is taking place, illustrates the use of critical applications in everyday life.
This is a person, who will spend a day, from morning to night, with Evidian SafeKit.
His day is busy, because the person returns from Korea to Paris. You see everyday activities, that we protect against a failur.
Management of a hotel,
Air traffic control,
Delivery of fresh food to supermarkets,
Subway line without driver,
These examples are concrete implementations of SafeKit, in operation as we speak.
The movie tells about customers or partners, with whom we have implemented these high available solutions.
You can see, that a computer failur is a problem, both, for a small Enterprise as an hotel, and for a large Enterprise as the Paris transport company.
In both cases, our customers are attracted by the simplicity of the product, that I will demonstrate in this presentation.
I start with a short presentation of the Evidian company.
Evidian is specialized in the user identities and access management and in Single Sign On solutions.
The Evidian company is recognized internationally: in particular, we are present in the magic quadrant of the Gartner Group.
- We are a software publisher.
- We are a subsidiary, of Bull Group company in France.
- The Evidian company has 135 employees.
- We have 800 customers worldwide with large Enterprises as well as small one.
- We manage identities of more than 4 millions of users worldwide.
Evidian integrates a high availability solution in its portfolio.
High availability is delivered with its user identity and access management solutions.
But it is also available for any application under the name of SafeKit.
Our SafeKit high availability product for critical applications, is a perfect agility example, of Evidian software products.
SafeKit is purely software.
It does not modify the critical application code.
It installs on standard Windows Linux or AIX servers.
It does not require any special costly hardware as shared disk.
And it does not require any specific skills.
SafeKit Cluster Introduction - The 2 main HA cluster
Let us now consider the two main high availability architectures of SafeKit.
Let's start with a farm cluster.
The farm is active on 3 servers, each one in the UP state.
The application, typically Apache or IIS, is active on each server.
Users are connected to the virtual IP address.
The load balancing of user connections is made between the 3 servers.
Server 1 fails.
SafeKit detects the failure.
And SafeKit automatically reconfigures the load balancing of user connections on the 2 remaining servers.
Server 1 is restarted.
The load balancing on the virtual IP address is made again between three servers.
Now, let us consider a mirror cluster.
The initial PRIM-SECOND state, means that the solution is highly available.
Users are connected to the virtual address on the PRIM server.
The application runs on the PRIM server, typically Microsoft SQL Server or Oracle or mySQL.
The application is ready to be restarted on the SECOND server, in case of failur.
The file directories, where the application data are stored, are replicated in real time, from the PRIM server to the SECOND server.
Server 1 fails.
The virtual IP address is automatically switched from server 1 to server 2.
The application is restarted on server 2.
There is no replication from server 2 to server 1.
So replicated directories are no more the same between the 2 servers.
Server 1 is restarted.
SafeKit makes the re-synchronization of files from server 2 to server 1.
Only files modified during the failur are re-synchronized.
Re-synchronization takes place, without stopping the application.
Following re-synchronization, the critical application is again highly available.
The application is running on server 2 with server 1 as the recovery server.
The administrator can swap the roles of primary and secondary, with a button in the administration console.
Or the automatic return of the application on server 1 is also possible by configuration.
SafeKit Cluster Introduction - Demonstration of a Mirror Cluster
We demonstrate now a SafeKit mirror cluster in operation.
For that, we have chosen a demonstration of Microsoft Paint protected against software and hardware failurs.
A SafeKit mirror module, was chosen for Microsoft Paint application, because data have to be replicated.
The configuration file of the SafeKit mirror module, contains the 2 physical IP addresses of the 2 demonstration machines.
It contains no virtual IP address, because nobody connects remotely to this application.
It contains the name of the directory to replicate, where Paint files are stored.
And it contains a checker, which checks the process of the Microsoft Paint application.
In start script, of the SafeKit mirror module, Microsoft Paint is automatically started on a file of the replicated directory.
And in stop script, Paint is stopped.
The demonstration shows, how the SafeKit mirror module operates, first on a software failur, and then on a hardware failur.
You can see also the real-time replication, of a flat file.
What I just explained with Microsoft Paint, applies exactly in the same way with a database, like SQL Server, or Oracle, or another database.
Just put in the configuration file of a SafeKit mirror module, the directory that stores the database, and put in the start and stop scripts, starting and stopping of the database.
Now, we consider an application, in a more complex 3-tier architecture.
This architecture is often used, when applications are designed for the web.
- the first tier represents users with their web browsers.
- the second tier is the web services.
- and the third tier is the database.
The need for web services is to be scalable, according the number of users.
So we put web services in a farm module.
The need for the database is to protect data against failur.
So we put the database in a mirror module.
The big benefit with SafeKit is that, this architecture can be deployed on the same server cluster, or on two different server clusters.
The farm and mirror configurations do not change.
Each module is independent.
It has its own virtual IP address.
And it has its own start scripts, one with the web service, and the other with the database.
This architecture is currently deployed by many customers, with our Evidian Web SSO product.
Having in the same solution, load balancing, data replication, and application fail over is specific to Evidian SafeKit, and unique on the market.
SafeKit Cluster Introduction - Save Costs with SafeKit: 3 Products in 1
Now, I present the cost saving with SafeKit.
SafeKit integrates three hardware clustering products.
These three products are listed in the left column of the slide.
First, there is the case of network load balancing boxes.
The principle is to put, 2 boxes, to support the failur of one box.
Above the boxes, there are users, on their workstations.
Below the boxes, there is a farm with several servers running the application in load balancing.
Between, the boxes make load balancing of user connections to the farm.
The scalability of this solution is managed by adding new servers in the farm.
The problem of this solution, is the configuration of load balancing boxes, that require highly specialized network skills.
With Evidian SafeKit, we offer the same feature, just by installing the software, on the application servers.
Costs and complexity of the two solutions have nothing to do with each other.
In common usage, the boxes are used for large web farms.
And SafeKit is used for small web farms.
Then, the second clustering cost saved with SafeKit, is the synchronous replicated storage.
In this clustering solution, two bays of disks are replicated, on two remote sites.
The remote sites must be connected, by a storage area network.
And, the replication is made with the mechanisms of the bays.
This solution is very expensive, and very complex to configure, even for a skilled person.
With Evidian SafeKit, we offer the same replication feature, by installing the SafeKit software on two application servers.
SafeKit replication is real-time and synchronous, as implemented by bays.
It replicates only data, modified by the application.
The network used for the replication, is the standard one.
The solution is very easy to configure: you just have to give the names of the directories of files to replicate.
In common usage, mirror disk bays are used to replicate large volumes of data.
SafeKit is used to mirror some Tera bytes of data.
The cost and complexity between the two solutions cannot be compared.
Finally, there is the third case.
Traditionally, to implement application fail over in a hardware cluster, you have to pay enterprise editions of operating systems and databases.
With Evidian SafeKit, we provide application fail over, on standard editions of operating systems and databases.
Thus, we further reduce the cost of the solution.
We have a demonstration on our website of a cluster, with 2 SafeKit Windows 7 machines, and with the free Microsoft SQL Server Express database.
You cannot find cheaper and easier!
SafeKit Cluster Introduction - Automation of Paris Metro Line 1
A source of pride for Evidian people, is the automation of Metro line 1 in Paris.
This is the busiest metro line used by Parisians.
And the line is without drivers.
We conducted this project in collaboration with the Paris transport company.
Evidian people were involved in all phases of this project, with design, implementation, and current 24 by 7 support.
You see on the slide, the centralized control room for Paris Metro 1.
In this room, operators supervise traffic of shuttles.
They treat incidents of self-closing doors, through video cameras.
And, they provide reliable information to travelers, through loudspeakers.
The computer system is completely secured with Evidian SafeKit.
There are 40 licenses, on Windows and Linux, in operation in this project.
SafeKit manages high-availability:
- on the web front-end presenting information to operators.
- on the application core.
- on Oracle.
- and on Windows and Linux gateways that interface shuttles, video, and radio.
On Evidian website, you can download a case study on this project.
The project manager at Paris transport company, explains how SafeKit was inserted into a very tight schedule.
I advise reading this case study.
SafeKit Cluster Introduction - The 3 Best Use Cases
Here are listed the three best use cases of SafeKit by our customers.
The first case is very original, because it is completely linked to the SafeKit software-only property.
This is a software publisher , that adds in its catalog, a high availability option for its application.
For this, it uses SafeKit, as an OEM product.
Then, it deploys many times to its customers, its high available application without any difficulty.
The second case is the Enterprise, searching for a high availability solution, easy to deploy in many sites.
Most often, the wish expressed, is to avoid the need for very skilled people, to deploy and manage clusters.
SafeKit customers deploy easily dozens of clusters, on Windows and Unix.
The third case is the data center.
Today, a data center is often composed of two geographically separated sites.
The need in a data center is to combine, both application high availability, and disaster recovery of a complete site.
The big interest of SafeKit in a data center, is the simplicity of a cluster deployment in two remote sites.
There is no difference of configuration, when SafeKit is deployed in the same site or in two remote sites.
In particular, in situation of network isolation of the 2 sites and then back to normal connection, SafeKit replication returns to normal operation without data corruption.
SafeKit does not require a third machine for the quorum, as required by the hardware clustering solutions with a replicated SAN.
Thus, a personn without specific skills, can deploy SafeKit in any configuration, in the same site, or in two sites.
SafeKit Cluster Introduction - Integration of a Critical Application
Now we consider the integration process of a critical application in SafeKit.
Of course, the application does not require to be modified to achieve this integration.
The process consists of three steps:
- a step of design, where a farm module, or a mirror module, must be chosen for the application.
- a step of integration, where restart scripts must be written.
- a step of deployment, where the cluster is put into operation.
First, consider the design step.
The farm module is suitable for an application, like a web service, that needs to be scalable.
On the example of the farm with 3 servers, it is an active active active architecture, with a web service, running on the three servers.
In a farm module, you can increase the number of servers according the load.
The mirror module is suitable for an application with a database to replicate.
This is an active passive architecture running on two servers.
In the example, the application runs only on the primary server, and its data is replicated to the secondary server.
Several modules can be designed for the same application.
After the design, now consider the integration step.
Integration requires to write 3 files per application module: the userconfig file and the start and stop scripts.
In the userconfig file, we put configurations of all resources, necessary for defining the cluster, that is to say:
the physical IP addresses of the servers.
the virtual IP address of the cluster.
the load balancing criteria for a farm.
the file directories to replicate for a mirror.
and checkers configuration to monitor hardware and software failurs.
In the start and stop scripts, we put starting and stopping of the application.
In the integration step, tests must be made, to check the application failover, and to correct the 3 files if needed.
Note that, SafeKit works in virtual machines, which greatly simplifies the integration work and testing.
At the end of the integration, we close the blue box, by packaging a SafeKit application module, and we move to the deployment step.
The deployment step is very simple :
- it requires 2 physical or virtual servers.
- it requires 2 Operating Systems of the same nature.
- the critical application is installed on both servers.
- the SafeKit software is installed on both servers.
- the application module is installed on both servers.
Finally, the physical IP addresses and the virtual IP address are set.
And the cluster is put into operation.
Note that we can repeat the deployment step, as many times as necessary.
It is particularly interesting for a software publisher, that will deploy many times its high availability solution.
SafeKit Cluster Introduction - Easy Administration with a Simple Console
After the deployment, consider the administration of a cluster with the SafeKit console.
This console is designed for people, who will be in charge of critical applications.
On the slide, we see that the mirror module is green on server 1, and red on server 2.
No serious problem, the critical application in the module runs on server 1.
Now to return to a high available system, we click on the Start button on server 2.
Server 2 becomes magenta, and stays in this state during the resynchronization with server 1.
Then, server 2 becomes green, and the application integrated in the module can withstand a crash.
We must never forget, that one important cause of computer system failur, is human errors.
User interface to manage a critical application must be, as simple as possible, to avoid human errors.
That's why, we made a big effort in SafeKit, to ease the use of the product, for administrators of critical applications.
All operations are automatic : failover but also failback when a server reintegrates a cluster after a failur.
These automatic operations and the simplicity of usage are a big differentiator when comparing SafeKit to other solutions.
SafeKit has also a command line interface, which is also very easy to use.
The equivalent of the Start button, translates into the following command line on server 2: safekit, start, minus m, mirror.
The command line interface allows to script actions on modules.
Thus, SafeKit modules management can be integrated in consoles like Nagios, Microsoft Scom, or Patrol.
SafeKit Introduction - Free trial at evidian.com/safekit
I invite you to try the Evidian SafeKit product.
We offer a free trial on our website.
You can deploy a mirror module with real-time file replication and failover on 2 Windows, Linux or AIX servers.
Or you can deploy a farm module with network load balancing and failover on several Windows, Linux or AIX servers.
Then make a first test to understand correctly the SafeKit load balancing, replication and failover mechanisms.
Continue with the customization of the module and write the start and stop scripts of your critical application.
Put in the userconfig file, the checkers of your application, the file directories to replicate in real time or the load balancing criteria.
Then, test the proper functioning, of your newly highly available application, in case hardware failur, network failur or software failur.
For that, use the SafeKit user's guide. It includes a special chapter for the tests.
After these steps, your HA module is ready for your critical application.
You can package your own module.
And anyone will be able to deploy the high availability solution without specific skills.
That's why the SafeKit software is often chosen as an OEM offer by our partners.
The partner has a critical application.
It chooses SafeKit and writes a module suited for its application.
Then, it has a plug-and-play high availability solution in its portfolio.
And it can easily deploy it on standard Windows, Linux or AIX servers.
Simplicity of deployment, hardware independence and easy support of the solution make the difference when comparing SafeKit to other solutions.
This closes my presentation.
Do not hesitate to contact us, so that we can help you, either in design, or in product use.
I was pleased to make this presentation and I wish you a very good day.