A mirror cluster for critical database applications
A SafeKit mirror cluster with file replication at byte level provides a simple high availability solution to critical database applications. The SafeKit software implementing a mirror cluster runs either on Windows or Linux (even Windows editions for PCs). It implements synchronous real-time byte-level file replication. The resulting solution is working like a cluster connected to a replicated mirror SAN but without the costs and the complexity of hardware clustering solutions.
The mirror cluster is a primary-backup high availability solution. The application runs on a primary server and is restarted automatically on a secondary server if the primary server fails. The software data replication is configured at the file level with the name of the file directories to replicate. The directory can contain database files or flat files. With synchronous byte-level file replication, this architecture is particularly suited to providing high availability for back-end applications with critical data to protect against failure. SafeKit provides a generic mirror module on Windows and Linux to build a mirror cluster as presented in the following video. You can write your own mirror module for your application. Microsoft SQL Server, MySQL, Oracle, PostgreSQL, Firebird are examples of mirror modules. And from a mirror module, you can also replicate a full Virtual Machine with automatic failover inside an Hyper-V cluster. Note that this article explains the difference between VM HA vs Application HA.
How the SafeKit mirror cluster works?
Step 1. File replication at byte level in a mirror cluster
Server 1 (PRIM) runs the application. Users are connected to the virtual IP address of the mirror cluster. SafeKit replicates files opened by the application in real time. Only changes made by the application in the files are replicated across the network, thus limiting traffic (byte-level file replication). With a software data replication at the file level, only names of file directories are configured in SafeKit. There are no pre-requisites on disk organization for the two servers. Directories to replicate may be located in the system disk. SafeKit implements synchronous replication with no data loss on failure contrary to asynchronous replication.
Step 2. Failover
When Server 1 fails, Server 2 takes over. SafeKit switches the cluster's virtual IP address and restarts the application automatically on Server 2. The application finds the files replicated by SafeKit uptodate on Server 2, thanks to the synchronous replication between Server 1 and Server 2. The application continues to run on Server 2 by locally modifying its files that are no longer replicated to Server 1. The failover time is equal to the fault-detection time (set to 30 seconds by default) plus the application start-up time. Unlike disk replication solutions, there is no delay for remounting file system and running file system recovery procedures.
Step 3. Failback and reintegration
Failback involves restarting Server 1 after fixing the problem that caused it to fail. SafeKit automatically resynchronizes the files, updating only the files modified on Server 2 while Server 1 was halted. This reintegration takes place without disturbing the applications, which can continue running on Server 2. The automatic failback is a major feature that differentiates SafeKit from other solutions, which require you to stop manually the applications on Server 2 in order to resynchronize Server 1.
In order to optimize file reintegration, different cases are considered:
If SafeKit was cleanly stopped on server 1, then at its restart, only the modified zones of modified files are reintegrated, according to modification tracking bitmaps.
If server 1 crashed (power off) or was incorrectly stopped (exception in the replication process), the modification bitmaps are not reliable, and are therefore discarded. All the files bearing a modification timestamp more recent than the last known synchronization point minus a graceful delay (typically one hour) are reintegrated.
Step 4. Return to byte-level file replication in the mirror cluster
After reintegration, the files are once again in mirror mode, as in step 1. The system is back in high-availability mode, with the application running on Server 2 and SafeKit replicating data file updates to the backup Server 1. If the administrator wishes the application to run on Server 1, he/she can execute a "swap" command either manually at an appropriate time, or automatically through configuration.
Key differentiators of a file replication and failover cluster with Evidian SafeKit
Evidian SafeKit mirror cluster with real-time file replication and failover
All clustering features
The solution includes all clustering features:
server failure monitoring, network failure monitoring, software failure monitoring,
automatic
application
restart with a quick recovery time, a virtual IP address switched in case of failure to automatically reroute clients.
A clustering configuration is simply made by means of a high availability application module.
There is no domain controller or active directory to configure on Windows. The solution works on Windows and Linux
This is not the case with replication-only solutions like replication at the database level
Quick
application
restart is not ensured with full virtual machines replication. In case of hypervisor failure, a full VM must be rebooted on a new hypervisor with an unknown recovery time
This is not the case with asynchronous replication
Fully automated failback procedure
After a failure when a server reboots, the replication failback procedure
is fully automatic and the failed server reintegrates the cluster without stopping
the application
on the only remaining server
This is not the case with most replication solutions particularly with replication at the database level. Manual operations are required for resynchronizing a failed server.
The application
may even be stopped on the only remaining server during the resynchonization of the failed server
Replication of any type of data
The replication is working for
databases
but also for any files which shall be replicated
This not the case for replication at the database level
File replication vs disk replication
The replication is based on file directories that can be located anywhere (even in the system disk)
This is not the case with disk replication
where special
application
configuration must be made to put the application data in a special disk
All SafeKit clustering features are working for 2 servers in remote sites. Performances of replication depends on the interconnect latency for real-time synchronous replication and on the bandwidth for resynchronizing data on a failed server
If both servers are connected to the same IP network through an extended LAN between two remote sites, the virtual IP address of SafeKit is working with rerouting at level 2
If both servers are connected to two different IP networks between two remote sites, the virtual IP address can be configured at the level of a load balancer.
SafeKit offers a health check: the load balancer is configured with a URL managed by SafeKit which returns OK on the primary server and NOT FOUND else. This solution is implemented for SafeKit in the Cloud but it can be also implemented with a load balancer on premise
This is not the case for most clustering solutions where a 3rd server is required for the quorum
Uniform high availability solution
SafeKit implements a mirror cluster with replication and failover. But it imlements also a farm cluster with load balancing and failover.
Thus a N-tiers architecture can be made highly available and load balanced with the same solution on
Windows and Linux (same installation, configuration, administration with the SafeKit console or with the command line interface). This is unique on the market
This is not the case with an architecture mixing different technologies for load balancing, replication and failover
Examples of mirror modules
Click on the blue button to access the solution
Mirror modules (replication and failover)
Windows
Linux
Microsoft SQL Server
-
Oracle
MySQL
PostgreSQL
Firebird
Hyper-V
-
Milestone XProtect (based on Microsoft SQL Server)
Harmonic is using SafeKit as a software OEM high availability solution and deploys it with its TV broadcasting solutions over satellites, terrestrials, cable, IPTV. Over 80 SafeKit clusters are deployed on Windows for replication of Harmonic database and automatic failover of the critical application. Philippe Vidal, Product Manager, Harmonic says: “SafeKit is the ideal application clustering solution for a software publisher looking for a simple and economical high availability software. We are deploying SafeKit worldwide and we currently have more than 80 SafeKit clusters on Windows with our critical TV broadcasting application through terrestrial, satellite, cable and IP-TV. SafeKit implements the continuous and real-time replication of our database as well as the automatic failover of our application for software and hardware failures. Without modifying our application, it was possible for us to customize the installation of SafeKit. Since then, the time of preparation and implementation has been significantly reduced.”
Finance [+]
The European Society of Warranties and Guarantees in Natixis uses SafeKit as a high availability solution for its applications.
Tony Myers, Director of Business Development says:
“By developing applications for air traffic control, Copperchase is in one of the most critical business activities. We absolutely need our applications to be available all the time. We have found with SafeKit a simple and complete clustering solution for our needs. This software combines in a single product load balancing, real time data replication with no data loss and automatic failover. This is why, Copperchase deploys SafeKit for air traffic control in airports in the UK and the 30 countries where we are present.”
“Automation of line 1 of the Paris subway is a major project for RATP, requiring a centralized command room (CCR) designed to resist IT failures. With SafeKit, we have three distinct advantages to meet this need. Firstly, SafeKit is a purely software solution that does not demand the use of shared disks on a SAN and network boxes for load balancing. It is very simple to separate our servers into separate machine rooms. Moreover, this clustering solution is homogeneous for our Windows and Unix platforms. SafeKit provides the three functions that we needed: load balancing between servers, automatic failover after an incident and real time data replication.”
And also, Philippe Marsol, Atos BU Transport, Integration Manager says:
“SafeKit is a simple and powerful product for application high availability. We have integrated SafeKit in our critical projects like the supervision of Paris metro Line 4 (the control room) or Marseille Line 1 and Line 2 (the operations center). Thanks to the simplicity of the product, we gained time for the integration and validation of the solution and we had also quick answers to our questions with a responsive Evidian team.”
“SafeKit perfectly meets the needs of a software vendor. Its main advantage is that it brings in high availability through a software option that is added to our own multi-platform software suite. This way, we are not dependent on a specific and costly hardware clustering solution that is not only difficult to install and maintain, but also differs according to client environments. With SafeKit, our firefighter call centers are run with an integrated software clustering solution, which is the same for all our customers, is user friendly and for which we master the installation up to after-sales support.”
“Our production team implemented the SafeKit solution without any difficulty on 14 Windows and Linux clusters. Our critical activity is thus secure, with high-availability and load balancing functions. The advantages of this product are easy deployment and administration of clusters, on the one hand, and uniformity of the solution in the face of heterogeneous operating systems, on the other hand.”
Supports multiple heartbeats and vitual IP addresses
Offers configurable software, hardware and network checkers
For the quorum, does not require a special disk or a third machine or a dedicated link between both servers
Automatic failover of services with a recovery time in the order of one minute
Automatic failback when a server comes back after a failure (no manual operation)
A very simple console to deploy the solution and to maintain it afterwards for end-customer
Supports human errors (40% of causes of unavailability) thanks to its simplicity
Supports software failures (40% of causes of unavailability): regression on software update (version N and N+1 can coexist), Operating System frozen, software bug
Supports hardware and environment failures (20% of causes of unavailability), including the complete failure of a computer room with 2 nodes in two remote sites
What is the recovery time (RTO) [+]
RTO is the time during which the application is unavailable in case of failure. RTO of the SafeKit mirror solution is in the order of 1 mn.
For a hardware failure, RTO = heartbeat timeout (default 30 s, can be changed in userconfig.xml) + time to restart services.
For a software failure or an administrator restart, RTO = time to (cleanly) stop services + time to restart them.
Be careful, with solutions that reboot a full virtual machine in case of failure, the RTO is unpredictable as manual operations may be required after a hardware crash to reboot the virtual machine.
What is the data loss (RPO) [+]
RPO reflects the data loss in case of failure. RPO of the SafeKit mirror solution is 0 as the replication is synchronous and real-time.
Be careful, with asynchronous replication, RPO is not 0 and there is data loss in case of failure when the application restarts on the secondary server.
The solution includes all clustering features:
server failure monitoring, network failure monitoring, software failure monitoring,
automatic
application
restart with a quick recovery time, a virtual IP address switched in case of failure to automatically reroute clients.
A clustering configuration is simply made by means of a 
This is not the case with replication-only solutions like replication at the database level
