VAST Failover Overview
Introductionβ
Failover in a VAST storage environment ensures data availability and continuity in the event of an infrastructure failure. Superna has developed failover capabilities at three distinct levels:
- Tenant-Level Failover
- VIP Pool-Level Failover
- Protected Path-Level Failover
The atomic unit of failover in VAST storage is the Protected Path, which provides a mapping structure that determines how client access is managed in a failover event. This document outlines the key differences between tenant, VIP pool, and protected path-level failover, helping organizations choose the right level of granularity for their data resilience strategy.
Failover Granularity: Tenant vs. VIP Pool vs. Protected Pathβ
VAST's storage hierarchy consists of:
- Tenants: High-level objects that encapsulate multiple VIP Pools.
- VIP Pools: Logical groupings of network endpoints that serve client requests.
- Protected Paths: Underlying storage access paths that enable data replication and failover.
- Views and View Policies: Define access control and routing behavior for data.
While tenant and VIP pool failover function by redirecting clients to alternative targets, protected path-level failover does not involve client redirection, as it occurs below the level where IPs are assigned via DNS.
We use the following mapping to determine the scope of the failover depending on the desired failover candidate:
Protected Path β View β View Policy* β VIP Pool** β Tenant
* There is a one-to-many relationship between View Policy and VIP Pools.
** VIP Pools can be made available to one or all tenants; we ignore VIP pools available to all tenants for purposes of failover.
Tenant-Level Failoverβ
Overviewβ
Tenant-level failover applies to all VIP Pools and Protected Paths under a given tenant. This means that an entire tenantβs associated VIP Pools, Views, and View Policies fail over as a collective unit.
Advantagesβ
- Broad Impact Coverage: Ensures failover at a high level, simplifying management by handling all VIP pools within the tenant.
- Consistent Access Policies: Since all view policies under the tenant fail over together, clients experience a seamless transition.
- Simplicity in Administration: Ideal for environments where all VIP pools within a tenant share the same resilience requirements.
Considerationsβ
- Lack of Granularity: This level of failover may be too broad depending on how your file system is configured.
- Potential Overhead: Organizations with highly segmented storage access policies might prefer a more granular approach.
VIP Pool-Level Failoverβ
Overviewβ
VIP pool-level failover provides a more refined approach, allowing individual VIP pools within a tenant to fail over independently. This method leverages View Policies, which can be associated with multiple VIP pools, enabling flexible redirection of storage access.
Advantagesβ
- Fine-Grained Control: Allows targeted failover of specific VIP pools without impacting others.
- Optimized Resource Utilization: Only affected VIP pools fail over, improving efficiency.
- Flexible Routing: View policies associated with multiple VIP pools ensure adaptable failover paths.
Considerationsβ
- Increased Configuration Complexity: Requires careful mapping of protected paths, views, and policies.
- Overlap Management: View policies can span multiple VIP pools. We detect these overlaps, notify the user, and fail over any associated VIP pools. However, this may cause confusion.
Protected Path-Level Failoverβ
Overviewβ
Protected path-level failover occurs at the lowest level in the storage hierarchy, ensuring data availability without involving client redirection. This affects internal data replication, as protected paths operate below the DNS-assigned IP layer.
Advantagesβ
- Granular Failover Control: Operates independently of network-level assignments.
- Enhanced Data Protection: Ensures data remains accessible even if a path becomes unavailable.
Considerationsβ
- No Automatic Client Redirection: Clients are not redirected to new IPs.
- Administrative Overhead: Requires careful planning and monitoring.
Failover Implementation Pathβ
Regardless of the failover level, the process follows a structured mapping:
Protected Path β View β View Policy β VIP Pool β Tenant- The system detects a failure event.
- Failover behavior is executed based on the designated level.
- Data access resumes according to failover logic.
Choosing Between Tenant, VIP Pool, and Protected Path Failoverβ
| Factor | Tenant-Level Failover | VIP Pool-Level Failover | Protected Path-Level Failover |
|---|---|---|---|
| Granularity | Entire tenant (all VIP pools) | Individual VIP pools | Individual storage paths |
| Management Simplicity | Easier | More complex | Most complex |
| Impact Scope | Affects all associated VIP pools and Protected Paths | Affects only targeted VIP pools and Protected Paths | Affects internal storage access |
| Client Redirection | Yes | Yes | No |
| Use Case | Large-scale failover, unified storage policies | Selective failover, flexible access control | Data replication protection, internal failover |
Choosing between tenant-level, VIP pool-level, and protected path-level failover depends on your organizationβs resilience strategy and storage architecture.
- Tenant-level failover: Best for broad, unified failover scenarios.
- VIP pool-level failover: Offers finer control and selective failover.
- Protected path-level failover: Ensures data access remains available internally but does not involve client redirection.
Understanding these distinctions helps optimize failover strategies and ensures seamless business continuity in a VAST storage environment.