Skip to main content
Hitachi Vantara Knowledge

Failover and failback workflows

Three failover and failback scenarios are possible, depending on which of these HCP systems fails:

  • One of the systems involved in an active/active link
  • The primary system for an active/passive link
  • The replica for an active/passive link

This section of the Help describes the basic workflows for these scenarios.

System failure workflow with an active/active link

The table below outlines what happens when one of the systems involved in an active/active link fails, where the system that fails is system A and the system that remains healthy is system B.

StepWhat you doWhat happens
System A fails
1On system B, fail over the linkIf DNS failover is enabled, system B broadcasts new DNS configuration
2If DNS failover is disabled, direct clients to write only to system B
System A comes back online
3

If system A has been rebuilt:

  • On system A, upload the replication SSL server certificate from system B
  • On system B, upload the replication SSL server certificate from system A
4On system B, update the link configuration as needed
5If the link is broken, on system B, send a request to restore the linkReplication link is recreated
6On system B, fail back the linkSystem A and system B broadcast original DNS configurations; replication restarts in both directions on the link

Primary system failure workflow

The table below outlines what happens when the primary system for an active/passive link fails.

StepWhat you doWhat happens
Primary system fails
1On the replica, fail over the linkApplicable tenants and directories on the replica become read-write; applicable tenants and directories on the primary system either remain read-write or become read-only depending on whether the two systems can communicate with each other; if DNS failover is enabled, the replica broadcasts new DNS configuration
2If DNS failover is disabled, direct clients to write only to the replica
Primary system comes back online
3

If the primary system has been rebuilt:

  • On the primary system, upload the replication SSL server certificate from the replica
  • On the replica, upload the replication SSL server certificate from the primary system
4On the replica, update the link configuration as needed
5If the link is broken, on the replica, send a request to restore the linkReplication link is recreated
6On the replica, begin data recoveryApplicable tenants and directories on the replica remain read-write; applicable tenants and directories on the primary system remain or become read-only; data recovery from the replica to the primary system begins
7Wait for data recovery to come close to being up to date
8On the replica, complete data recoveryApplicable tenants and directories on the replica become read-only; applicable tenants and directories on the primary system remain read-only; data recovery from the replica to the primary system continues to completion
Data recovery finishes
9NothingApplicable tenants and directories on the replica remain read-only; applicable tenants and directories on the primary system become read-write; the primary system and the replica broadcast original DNS configurations; replication from the primary system to the replica restarts
10If DNS failover is disabled, after you see this message in the system log, direct clients to write only to the primary system: Replication data recovery completed

Replica failure workflow

The table below outlines what happens when the replica for an active/passive link fails.

StepWhat you doWhat happens
Replica fails
1On the primary system, suspend activity on the link
Replica comes back online
2

If the replica has been rebuilt:

  • On the replica, upload the replication SSL server certificate from the primary system
  • On the primary system, upload the replication SSL server certificate from the replica
3On the primary system, update the link configuration as needed
4If the link is broken, on the primary system, send a request to restore the linkReplication link is recreated; applicable tenants and directories on the primary system remain read-write; applicable tenants and directories on the replica are read-only
5On the primary system or the replica, resume activity on the linkReplication from the primary system to the replica restarts from the beginning

 

  • Was this article helpful?