Business Continuity

Executive Summary

I/O Fencing provides protection against data corruption and can guarantee data consistency in a clustered environment.  Data is the most valuable component in today’s enterprises. Having data protected and therefore consistent at all times is a number one priority.

This White Paper describes the different deployment methods and strategies available for I/O Fencing in a Veritas Cluster Server (VCS) environment.  It is designed to illustrate configuration options and provide examples where they are appropriate.

Veritas has led the way in solving the potential data corruption issues that are associated with clusters. We have developed and adopted industry standards (SCSI3 Persistent Reservations [PR]) that leverage modern disk-array controllers that integrate tightly into the overall cluster communications framework.

Scope of Document

This document is intended to explain and clarify I/O Fencing for Veritas Cluster Server (VCS) Clusters. It will provide information to assist with adoption and architecture of I/O Fencing when using VCS. Note that VCS is included in several product bundles from Veritas, including but not limited to, InfoScale Availability, InfoScale Enterprise, Legacy packaging such as Storage Foundation High Availability, Storage Foundation Cluster File System, and Storage Foundation for Oracle RAC.

The document describes how I/O Fencing operates as well as providing an outline of the available functionality.  Installation and Administration procedures are well covered in publicly available documentation that is unique to each software release.

This document focuses on the I/O Fencing functionality provided in VCS 6.2. Information may or may not be applicable to earlier and later releases.  Where possible, we will mention in which version a specific feature was introduced.

Background

Providing data high availability naturally exposes the risk to protect that data because independent nodes have access to the same storage device.  In its infancy, this technology caused data corruptions. As availability evolved, different technologies have been developed to prevent data corruption while continuing to protect services.

In short, the problem arises when two or more servers are accessing the same data independently of each other. This is termed “split brain” and is outlined in the Introduction chapter of this document.

Preventing data corruption during a split brain scenario is relatively easy. However, some cluster solutions handle this situation by forcing downtime to the applications. This is not acceptable in today’s computing environments that require constant uptime and tighter SLAs.

As VCS evolved, several methods of avoiding split brain and data corruption have been put into place.  Since VCS 3.5 (Released in 2001), I/O Fencing has been available. I/O Fencing can eliminate the risk of data corruption in a split brain scenario by ensuring that a single set of clustered nodes remains online and continues to access shared storage.

This document focuses on the various options for I/O Fencing including implementation considerations, architecture, and guidelines. It also provides a comparison among the different deployment methods and options.

NOTE: VCS for Windows (known as Storage Foundation for Windows HA or SFWHA) uses another method to prevent data corruptions in split brain scenarios and will not be covered in this document. Please refer to public documentation for the Storage Foundation for Windows HA release for more information.

Comments

We have a new version of this document that reflects our Veritas branding.

Contributors