High Availability

Optional active or passive high availability is available for our server solutions. Our high-availability solutions help maximize the availability of the respective services.


Available Solutions

We distinguish between passive high availability and active high availability in our solutions. All failover solutions are operated on a homogeneous server infrastructure under identical conditions, ensuring that every failover concept can meet the same hardware and network requirements.



Passive High Availability

When passive high availability is activated, the respective V-server is continuously replicated to another physical server within a different physical server rack. We offer replication intervals of 5 minutes, 10 minutes, 15 minutes, 30 minutes, 60 minutes, 90 minutes, and 120 minutes. If the primary physical server (hypervisor) fails, a failover is automatically triggered via the quorum process, and the replicated server is started.



The failover process can take up to 120 seconds. Afterward, the relevant servers are restarted on a failover server.


A major advantage of passive high availability is that it does not require compatibility with the services in use, unlike active high availability. Thanks to the technology used, the respective servers are available only once in our data center, so the actual application does not need to provide support for high availability.


Additionally, software licenses do not need to be purchased twice, since the connected servers run on either the primary or secondary hypervisor.



As soon as the primary hypervisor becomes available again, the servers are migrated live, ensuring that there is no further downtime caused by the “reallocation process.”



Active High Availability

Active high availability enables a failover process without any downtime by providing so-called hot-standby servers. In addition, we provide a TCP load balancer—which is also highly available—with a floating IP address that can be operated by the secondary server rack in the event of a failure. To implement active high availability, support from the underlying applications is required. For example, MySQL databases must be continuously synchronized with the entire infrastructure.



If a failure occurs in the primary infrastructure, the secondary TCP load balancer takes over the routing of network packets and forwards incoming network requests to the secondary infrastructure.



The applications running on both the primary and secondary infrastructure must support this high-availability concept so that the data states of all servers can be kept in sync at all times. Additionally, the application must support the master delegation process in order to detect a failure of the primary infrastructure.



Advantages & Disadvantages

Below, we have summarized the most important advantages and disadvantages of the two high-availability approaches. Depending on the specific use case, both solutions may have additional advantages and disadvantages.


Advantages

Passive High Availability Active High Availability
Easy maintenance No downtime
No application support required High availability up to 99.99%
Lower costs (compared to active high availability) Maintenance can be performed during the day


Disadvantages

Passive High Availability Active High Availability
Downtime of up to 120 seconds High maintenance effort
High availability up to a maximum of 99.9% Application support required
Potential data loss between replication Higher costs (TCP LB + software licenses)


If you are interested in either of these solutions, please feel free to contact us to discuss the next steps. We’d be happy to advise you on choosing the right option and work with you to develop a concept tailored to your specific use case.



High Availability Classes

High Availability Classes defined by the BSI (Federal Office for Information Security)

Class Availability Max. Downtime per Year
0 No guaranteed availability -
1 99.0% < 3 days, 15 hours, 40 minutes
2 99.9% < 8 hours, 46 minutes
3 99.99% < 53 minutes
4 99.999% < 6 minutes
5 Disaster Tolerant Functionality must be guaranteed under all circumstances



AEC Classes

Availability Environment Classification (AEC)

Class Name Description
AEC-0 Conventional Operation may be interrupted, and data integrity is not essential
AEC-1 Highly Reliable Operation may be interrupted, but data integrity must always be guaranteed
AEC-2 High Availability Operation may be interrupted only minimally during peak operating hours or within specified time frames
AEC-3 Fault Resilient Operation may be interrupted only outside of specified operating hours or peak operating hours
AEC-4 Fault Tolerant Function must be maintained at all times; 24/7 operation (24 hours a day, 7 days a week).
AEC-5 Disaster Tolerant Functionality must be guaranteed even under unusual circumstances (e.g., in the event of a disaster)