Tino Wildenhain wrote:
If your app is used by external customers who are all across the
country, they want to continue to still use your software even though
you and data center #1 are 6 feet under due to an 8.0 earthquake. They
want auto-failover to data center #2 which is in close proximity to
CIA headquarters and other juicy terrorist targets.
Sure, but in this case a "simple" async master-slave (slony-1)
and the usual failover (also DNS-failover) should be sufficient.
Workable if you're willing to keep multiple sets of servers idling on
stand-by only for catastrophic failure. For temporary failure, I believe
at this time Slony requires manual admin work to resync a promoted
master and demote it back to slave. Not a big deal if the downtime
doesn't happen often but when you're depending a cross-country internet
connection, it happens far more often than you like to deal with.
Of course, we're also using multi-master replication to load balance
traffic across multiple servers because the price jump from going 2xDC
to 4xDC is major. So we have a bunch of 2x1 and 2xDC servers across the
country serving our customers versus 1 big server for primary access and
1 big server as a standby.
---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster
