Deployment Options for Replication

Typically, replication is set up so that clients connect to the primary site, and remain connected to that site as long as it is active. Clients would connect to the backup site only when the primary site fails or goes into the standby state for another reason (such as testing a failover). However, depending on your business requirements, there are additional options for configuring replication.

Allowing Clients to Connect to Standby Sites

By default, clients consume replicated messages (as part of a transaction or not) from Message VPNs with replication active states. If a client attempts to connect to a standby replication site, the connect attempt is rejected. However, it is possible to allow clients to connect and consume messages from endpoints on a replication active Message VPN and its mate replication standby Message VPN.

An example of this type of deployment would be one using a replay server, which is any form of third-party application or solution integrated with PubSub+ that offers replay functionality (in this case, "replay server" does not refer to the Solace Message Replay feature). A replay server must consume all messages so they can be later replayed, and for the purposes of disaster recovery, an instance of the replay server must run on both the active and the standby sites. In the event of a failover, the replay server on the standby site will have consumed the same set of messages as the server on the active site and therefore would be able to provide the same replay service.

To enable a replication deployment like this, some extra configuration is required:

  • the allow-clients-when-standby option must be enabled for all client profiles that are used by clients allowed to connect on to the standby site.
  • the propagation of consumer acks must be disabled for each endpoint that these standby clients will consume messages from. Ack propagation is the mechanism by which the consuming of messages on the active site is signaled to the standby site. Since messages are being consumed on both sites, this signaling needs to be disabled. The configuration is the same whether or not the messages are being consumed in a transaction or not.

Although clients are allowed to connect to the standby site, their capabilities are limited. They are not allowed to publish guaranteed messages, create endpoints, or modify existing endpoints in any way. They are, however, allowed to publish direct messages and add direct subscriptions. This allows for direct message communication between clients connected to the standby site for co-ordination purposes.

Host lists should not be used for a standby client. In this scenario, there should be a client for each site and the clients should only connect to their specific site, so a list of hosts is not needed.

Providing Service at Both Replication Sites

A possible customer deployment model for replicated data center infrastructure is to have a replication group where the replication sites are located some distance apart (perhaps 50 or 100 miles). Each replication site uses high-availability (HA) pairs of redundant event brokers: one replication site can actively service one set of Message VPNs, while the other replication site actively services another set of Message VPNs. That is, the HA pairs at one site have Message VPNs with active replication states and other Message VPNs with standby replication states, and the HA pairs at the other replication site have the same Message VPNs but with the opposite replication states.

This allows both replication sites to provide messaging services to separate sets of clients. However, they should maintain enough capacity to provide service to all clients of the replication group if there is a planned or unplanned service outage at one of the sites.

The figure below provides a simplified example where the New York data center has Message VPNs A, B, C with an active replication state, and Message VPNs D, E, F with a standby replication state. At the New Jersey data center, the Message VPNs D, E, F are active and the Message VPNs A, B, C are standby.

Replication can also be deployed with single event brokers at one or both sites, rather than redundant pairs. However this configuration reduces the fault tolerance of the solution.