6

I have to locations (office and service providers). One DNS(bind) serving our domain as authoritative, and a service provider webserver with our corporate web on a private server.

So..

Now we are planing to upgrade our server on the ISP to a new one, and I would like to use this situation to improve our service.

Is it possible to mount a high availability apache/mysql/php within to different locations?

I will install a bind slave on the same new server, so I hope it will make things easier, but I need some hints and tips on how to ride it.

THanks.

Marc Riera
  • 1,587
  • 4
  • 21
  • 38
  • DNS explanation: Actually we have an authoritative bind for our zone inside our infrastructure, and 2 slaves on another ISP(not related to the one where we put the new server, lets call it ISP2). The situation is that we also recieve network connection through this ISP2, so if this ISP network falls we will loose our DNS and the slaves, meaning that nobody will reach our webserver because of the lack of name resolution. What I was thinking was to put another dns-slave on the side of the webserver, on the ISP1. Probably on the same machine. Is that a usefull idea? What happens if ISP1 falls? – Marc Riera May 17 '10 at 19:01
  • How are you offering 100 rep when you don't have it to offer? – Chopper3 May 21 '10 at 09:09
  • The 100 rep have already been taken from my points. I previously had 176. – Marc Riera May 21 '10 at 11:06

3 Answers3

5

Kyle hit the nail on the head referencing the post that identifies the CAP Theorem.

Ultimately, this is going to boil down to budget and resources. The best way to handle availability on the border is going to be with network protocols such as BGP. Making the network highly available is easier, as you do not have the worry about data integrity in most cases.

Using DNS round robin is a compromise solution and less robust but certainly viable as well.

Lower on the stack, you have the Web servers, which are easier to dynamically failover, as with anything that does not involve data storage.

On the backend, you can replicate MySQL either over the Internet or preferably over a private link. If over the Internet, at least use SSL. A VPN would be better. This is the trickiest part and something I'm working through still right now. If you do not care about data integrity, it's simple. If your product is read focused, you have more options, as it's less complicated.

What I keep coming back to is the following..

High availability and business continuity are two distinct things. A high availability environment is best established within the same facility on the same internal network, as the best case scenarios can be applied with minimal risk to data. Split brain is substantially less likely with a 3' serial cable for monitoring server status in addition to the ethernet link. With a disaster, often there will be manual steps involved and a SLA dictating the impacts and terms. If the main data center burnt to the ground, 30-minutes to get production back up does not sound too bad.

I could probably write a book on the subject, as there's a lot to it. You will likely have to compromise requirements based on your resources, which will have to be communicated to the business. This is not a simple request.

One simpler solution may to have two external DNS providers, where one slaves off of your server on one site and the other external off a DNS on your other site. That way, if either ISP failed, you would be able to change the incoming path using DNS.

One Web path on one site, one on another. Dual master on the backend with manual failover up top. This would be simple and not risk data integrity but would have to be manual to do this.

Warner
  • 23,440
  • 2
  • 57
  • 69
2

It is possible but you are probably going to run into the most trouble with mysql. See this question of Warner's about geographically diverse MySQL installations.

As far as DNS for failover, you can read the debate about that in this question.

Community
  • 1
Kyle Brandt
  • 82,107
  • 71
  • 302
  • 444
0

Depending on exactly what you want to accomplish, you could take a look at the following (free and open source) programs:

Regardless of what solution you choose for high availability, you should definitely make sure that you always have authoritative DNS servers available, but that is a separate issue.

sajb
  • 241
  • 1
  • 7