A client requires a system to be always up.
Assuming we have a robust network infrastructure.
What are the scenarios, obvious and not, where redundant gateway will takeover?
My understanding is that the gateway will fail over when the master gateway fails. The backup gateway monitors the status of the master gateway to determine this, but even a network disconnection between the master and backup will look like a failure to the backup, so keep this in mind.
What scenarios are you trying to protect against? Loss of connectivity to devices for instance will not fail over to the other server even if the backup can connect to the device when the master cannot.
1 Like
Protect the MES. 100% uptime of backend gateway connecting to PLCs and front end gateway facing multiple operators.
Lost of device connection does not have something to do with gateway, exactly why I ask, when does the master gateway fail over to backup gateway.
That's it. When communication from the inactive gateway to the active gateway is broken, the inactive gateway will promote itself (after a configurable delay--10 seconds by default).
If only the comm channel between them dies, you will have a split-brain situation (both gateways trying to run). It is important that the connections to devices and databases run over the same physical links as the gateway-to-gateway channel.
3 Likes
This is fundamentally impossible to achieve. Uptime is measured by number of 9's as a percentage availability. Eg five 9's / 99.999% availability means ~5mins downtime allowed in a year. Even the most sosphicated cluster of servers cannot be guaranteed to be 100% available