mirror of
https://github.com/corda/corda.git
synced 2024-12-28 00:38:55 +00:00
[ENT-1567] Document hot-cold deployment
This commit is contained in:
parent
5360709917
commit
52a4252ac5
@ -12,4 +12,5 @@ Corda nodes
|
||||
shell
|
||||
node-database
|
||||
node-administration
|
||||
out-of-process-verification
|
||||
out-of-process-verification
|
||||
high-availability
|
||||
|
48
docs/source/high-availablility.rst
Normal file
48
docs/source/high-availablility.rst
Normal file
@ -0,0 +1,48 @@
|
||||
High Availability
|
||||
=================
|
||||
|
||||
This section describes how to make a Corda node highly available.
|
||||
|
||||
Hot Cold
|
||||
~~~~~~~~
|
||||
|
||||
In the hot cold configuration, failover is handled manually, by promoting the cold node after the former hot node
|
||||
failed or was taken offline for maintainance.
|
||||
|
||||
RPC clients have to handle ``RPCException`` and implement application specific recovery and retry.
|
||||
|
||||
Prerequisites
|
||||
-------------
|
||||
|
||||
* A load-balancer for P2P, RPC and web traffic
|
||||
* A shared file system for the artemis and certificates directories
|
||||
* A shared database, e.g. Azure SQL
|
||||
|
||||
The hot-cold deployment consists of two Corda nodes, a hot node that is currently handling request and running flows
|
||||
and a cold backup node that can take over, if the hot node fails or is taken offline for an upgrade. Both nodes should
|
||||
be able to connect to a shared database and a replicated file-system hosting the artemis and certificates directories.
|
||||
The hot-cold ensemble should be fronted by a load-balancer for P2P, web and RPC traffic. The load-balancer should do
|
||||
health monitoring and route the traffic to the node that is currently active. To prevent data corruption in case of
|
||||
accidental simultaneous start of both nodes, the current hot node takes a leader lease in the form of a mutual exclusion
|
||||
lock implemented by a row in the shared database.
|
||||
|
||||
Configuration
|
||||
-------------
|
||||
|
||||
The configuration snippet below shows the relevant settings.
|
||||
|
||||
.. sourcecode:: none
|
||||
|
||||
enterpriseConfiguration = {
|
||||
mutualExclusionConfiguration = {
|
||||
on = true
|
||||
machineName = ${HOSTNAME}
|
||||
updateInterval = 20000
|
||||
waitInterval = 40000
|
||||
}
|
||||
}
|
||||
|
||||
Hot Warm
|
||||
~~~~~~~~
|
||||
|
||||
In the future we are going to support automatic failover.
|
Loading…
Reference in New Issue
Block a user