M
M
mazanko2016-02-17 11:26:34
Nginx
mazanko, 2016-02-17 11:26:34

How to set up a failover web service in 2 datacenters?

Good afternoon.
There is a problem of the organization of fault-tolerant web-server'a.
The web-server is located in 2 different data centers, which are connected to each other by a VPN tunnel.
What is planned to be used:
1. DNS Roundrobin. 2 And the records point to one domain.
1.1. TTL records 1 minute.
2. NginX in each of the data centers as reversproxy. Each of them has its own A record.
3. Tomcat acts as an application server.
The problem observed by users during testing:
After disabling one of Nginx's, some users no longer have access to this domain.
Questions:
1. How does the browser work with 2 A records?
2. How to make it so that the browser, when one of the addresses is unavailable, turns to another, without forcing the user to refresh the page?

Answer the question

In order to leave comments, you need to log in

3 answer(s)
V
Vlad Zhivotnev, 2016-02-17
@inkvizitor68sl

> 2
Raise 2 NS-servers (on each of the fronts), each of which gives one A-record, looking "into itself" (in the ip of the current front).
When the web server crashes, extinguish the dns server too.
A percentage of 5% of users will fall off anyway (those who have TTL in the cache ignored), but unlike stupid RR, there is still some kind of fault tolerance here (ns-servers are sorted out until at least some response is received).
> 1. How the browser works with 2 A records?
Most browsers "take" the first A-record it comes across and treat it as if it were the only one.
Smarter browsers choose the next A-record if it was not possible to establish a tcp connection with the server from the first record (but they will honestly display all sorts of 502/444/etc from the first record).

A
Alexander Dzhurinsky, 2016-02-20
@listentome

You just don’t have enough VRRP between 2 servers, so that if one of the servers is unavailable, the second server takes its IP address. In this case, the site will be available for 2 A records.
Unfortunately, even the latest Chrome caches only the first available IP address from those received from DNS. And if the IP address becomes unavailable, the browser does not re-resolve to obtain other IP addresses. For this reason, you need to transfer IP to the second server.
TTL in one minute is very strong. The load on NS servers will be excessive. With a working VRRP, you won't need that TTL.
A similar VRRP service between data centers is available, for example, from Selectel

S
spotifi, 2016-05-17
@spotifi

https://habrahabr.ru/company/ivi/blog/237349/
These guys claim that everything is sad with DNS balancing.
And offer anycast.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question