High Availability

[Amos Shapira]

2010/4/15 Boaz Yahav(berber) <berber at weber-sites.com>:
> I guess this is more a theological question.
>
>
>
> Would you build a web site  infrastructure that needs to be highly available
> using a single machine where the front end servers are virtual servers?
>
> Is this even considered highly available or might it be what's some may
>  call "partially highly available J"?

Seconding Shimi's reply - a single hardware server is a major single
point of failure.
You need at least two of each (even routers and uplinks if you can
afford it, let alone network interfaces and redundant shared storage
et al. so not even the backplane of the SAN box or the network
interface is a SPoF).
Putting the front end in a virtual server adds to its isolation from
the rest of the system since it is more likely to be the target for an
attack, but it won't help high availability one bit.
The tools are not overly complicated - just take:
1. a couple of towers or rack-mounts with hardware you rely on
2. RAID 1+0 disks
3. at least two network cards for each address, bonded
4. if possible then redundant routers, you can achieve this with linux
servers but we just opted for hardware.
5. If you need shared storage then you can build a SAN box with
linux+DRBD+iSCSI if you don't want the hardware option.
6. Put an LVS load balancer in front of the front-ends, you can even
run them primary-primary with multiple public addresses. "fake" for
internal "floating" ip address if you need it. DRBD and linux-ha or
mysql/postgresql replication for database redundancy.

--Amos