Enterprise Solution Architecture – Best Practices
Strongest chain is determined by weakest link in the chain !
3 Main Considerations of Architecture are
- High Availability
- Disaster Recovery
- Security
High Availability Architecture – HAA
High availability architecture is an approach of defining the components, modules or implementation of services of a system which ensures optimal operational performance, even at times of high loads. Although there are no fixed rules of implementing HA systems, there are generally a few good practices that one must follow so that you gain the most out of the least resources.
Also HAA ensures that we have highest up-time , agreeable Performance under all conditions
Disaster Recovery
In case of a Disaster , the ability to quickly get back systems in place with minimum or no-loss of data
Recovery Point Objective (RPO) refers to minimum possible data loss that can occur during this recovery phase
for a 0 hour RPO you need to setup Real-time or Synchronous data replication.
Recovery Time Objective (RTO) – Refers to time taken to get back systems into normal operation after a disaster – example few seconds to few mins ,
HA Principles
- There is no single point of failure – have multiple redundant systems , having multiple systems under multiple load balancers can be one option
- Reliable Crossover from Active to Passive Systems
- Having a consistent heartbeat to detect failures as early as possible
Local and Global High Availability Region Setup
You could have multiple Availability Domains in a Single region setup , that is if in Region 1 , if AD1 fails – AD 2 is active within the same region
You could also have VMs running in multiple Availability Domain in Multiple Regions , example AD1 in Region 1 and AD2 in Region 2, you could use Region 2 as Disaster recovery zone, where replication of entire setup exists.
Floating IP addresses
You can have second Private IP address assigned to Primary Instance , In-case of failure in Primary Instance the second Private IP address can be attached to second instance
How to do it ?
Select the VNIC of primary compute instance assign a Private IP address
Un Check the Option “Un Assign if already assigned to another VNIC”
For the Secondary Compute Instance , Assign the same IP address , However with
Check the Option “Un Assign if already assigned to another VNIC”
So in-case if your application is referring to IP address 10.0.0.22 when Primary fails the secondary one is available.
Architecture for the above setup would look like this
The above architecture ensures that if machines running in AD 1 fails subsequent App and Web Servers are available in AD 2 or 3
All connections from App Servers to DB Servers are routed through Private Subnet
Concept of Floating IPs will ensure that DB Servers are always reachable even if one fails with in a single Subnet
Dynamic Routing Gateway helps in connecting On Premise Systems through Fast Connect VPNs
The whole thing can be further enhanced by addition additional load balancer if incase one of the load balancer fails – for that they would be a listener required the check the state of load balancer if its running or down.
Cloud to On Premise High Availability Architecture
to be continued ..