DPOD High Availability(HA), Resiliency or Disaster Recovery(DR) Implementation
DPOD HA/DR planning and configuration has several ways to be achieved depends on the customer's requirements, implementation and infrastructure.
Important HA\DR considerations
Before deciding on your options of implementing HA/ DR solution with DPOD, you should understand your needs and your infrastructure limitation and be able to answer the following questions after you consult your BCP/DR/System/Network Admin:
1. DPOD can capture vast amount of data for large installations. If you are going to replicate this to DR this can consume significant network bandwidth or sometimes even 3rd party storage replication license costs.
You should consult and decide: Is cost effective to replicate DPOD data or it is acceptable to launch DPOD on backup server with configuration replication only?
2. What software customer use for Active/Passive scenario:
Does your DPOD runs on a virtual infrastructure like VMWare or can you use VMware VMotion or Active\Passive Cluster management tools that can assist identify and relaunch DPOD on a different cluster member?
3. Customer is expected to have an Active/Passive software or mechanism to identify DPOD server is inactive and launch a new one in an active Cluster member.
Do you have such tool (DR Software)?
4. When launching a new DPOD instance on the backup cluster member, customer must understand if the new launched server is keeping the same network configuration of the primary node (for example : IP Address, DNS, NTP, LDAP, SMTP) or if this configuration might be changed.
5. Customer must know their DataPower architecture (Active/Passive or Active/Active ...) and if it is an active / passive solution will the passive DataPower will have the same IPs.
If DataPower IP address will be changed than some DPOD configuration will become obsolete and DPOD should reconfigured.
Common scenario of implementing HA\DR scenario of DPOD
Scenario A- Active/Passive - DPOD IP Address is the same
Assumptions:
- Customer have DataPower appliances in Active/Passive or Active/Standby or Active/Active configuration. All DataPower appliances in any configuration must have unique IP address
- DPOD will be installed once and will be configured to monitor all DataPower appliances (active, standby and passive).
- All DPOD network services (NTP, SMTP, LDAP ..) must have the same IP address (otherwise a post configuration script is required to be run by the DR software)
- Customer must have a storage replication capabilities to replicate DPOD disks based on the disks’ replication policy described above.
- Customer is required to have a 3rd party software tool or scripts that can provide:
- Identify unavailability of primary DPOD server/s.
- Launch the passive DPOD servers with the same IP address
6. The passive DPOD server cannot be up since it must have the same IP address as the active DPOD.
In a disaster scenario:
- Customer DR software should Identify DPOD failure (for example by ping to IP access UI URL or both)
- Customer DR Software should launch the passive DPOD server and change its IP address (if not already configured) to be the same as the failed active DPOD.
- DPOD will be available in the following way:
- Since the passive DPOD has the same IP all data DataPower appliances will be able to access it and since all
- Since all DataPower appliances will have the same IPs than DPOD can continue to sample them.
- Since the passive DPOD has the same IP access to DPOD console will be with the same URL.
Scenario B- Active/Passive – DPOD's IP Address is changed
Assumptions:
- Customer have DataPower appliances in Active/Passive or Active/Stand-by. All DataPower appliances in any configuration must have unique IP address
- DPOD will be installed once and will be configured to monitor all DataPower appliances (active, standby and passive).
- All DPOD network services (NTP, SMTP, LDAP ..) must have the same IP address (otherwise a post configuration script is required to be run by the DR software)
- Customer must have a storage replication capabilities to replicate DPOD disks based on the disks’ replication policy described above.
- Customer is required to have a 3rd party software tool or scripts that can provide:
- Identify unavailability of primary DPOD server/s.
- Launch the passive DPOD servers with different IP address
6. The passive DPOD server still cannot be up since disks are required to replicate.
In a disaster scenario:
- Customer DR software should Identify DPOD failure (for example by ping to IP access UI URL or both)
- Customer DR Software should launch the passive DPOD server and change its IP address (if not already configured) to be the different address from the failed active DPOD.
- Customer DR Software should run commands/script to change DPOD IP address as described in documentation.
- Customer DR Software must change DNS name for DPOD server web console to reference to actual IP or use an NLB in front of both DPOD web console.
- DPOD create 2 aliases in each configured DataPower. Customer DR Software should run a script with SOMA request to change this aliases to DPOD current IP address and enable and disable all DPOD log targets .(Please refer to Devices REST API for API named - Setup all devices' host aliases -For DR )
DPOD will be available in the following way:
- Although the passive DPOD has a different IP, all the DataPower appliances’ will be able to access it since their internal host alias point to DPOD will be replaced (step 5)
- Since all DataPower appliances will have the same IPs than DPOD can continue to sample them.
- Although the passive DPOD has a different IP, all users can access DPOD’s web console because its DNS name has been changed by step 4
Scenario C- Active/Standby – 2 DPOD separated installation.
Assumptions:
- Customer have DataPower appliances in Active/Passive or Active/Standby. All DataPower appliances in any configuration must have unique IP address
- DPOD will be installed, maintained and configured twice (in v1.0.5.0 a new API was exposed to add a new DataPower to DPOD and it can be consumed from a script.). DPOD will be configured to monitor all DataPower (active, standby and passive).
Since both servers are up no replication can exist. - All DPOD network services (NTP, SMTP, LDAP ..) must have the same IP address (otherwise a post configuration script is required to be run by the DR software)
- Customer is required to have a 3rd party software tool or scripts that can provide:
- Identify unavailability of primary DPOD server/s.
- Launch the passive DPOD servers with different IP address
6. The standby DPOD server still can be up since NO disks are required to be replicated.
7. It is acceptable for a customer to have its standby DPOD activated without any of data collected by the active DPOD since no replication occurs.
8. When the Standby installation of DPOD should become in non-active stated again customer will need to run scripts on both the Active installation and the StandBy installation - see "Return To Normal Scenario".
In a disaster scenario:
- Customer's DR software should Identify DPOD failure (for example by ping to IP access UI URL or both)
- DPOD create 2 aliases in each configured DataPower. Customer DR Software should run a script with SOMA request to change this aliases to DPOD current IP address and enable and disable all DPOD log targets (Please refer to Devices REST API for an API named - Enable Standby installation -For DR).
- Customer's DR Software must change DNS name for DPOD server web console to reference to actual IP or use an NLB in front of both DPOD web console.
DPOD will be available in the following way:
- Although the passive DPOD has a different IP, all the DataPower appliances’ will be able to access it since their internal host alias point to DPOD will be replaced (step 2)
- Since all DataPower appliances will have the same IPs than DPOD can continue to sample them.
- Although the passive DPOD has a different IP, all users can access DPOD’s web console because its DNS name has been changed by step 3
- Note - All Data exists in Active DPOD will be lost !
In a "Return to Normal" scenario:
- Right after launching the Active installation it is crucial run an API to disable the DPOD background processing in the StandBy installation (Please refer to Devices REST API for an API named - Disable Standby installation -For DR)..
- DPOD create 2 aliases in each configured DataPower. Customer DR Software should run a script with SOMA request to change this aliases to DPOD current IP address and enable and disable all DPOD log targets. (Please refer to Devices REST API for an API named - Resume Active installation -For DR)..
- Customer's DR Software must change DNS name for DPOD server web console to reference to actual IP or use an NLB in front of both DPOD web console.
Backups
To improve product recovery administrator should perform regular backups as described in the backup section