Recently we were able to solve a long standing issue with our Disaster Recovery Plan. I will use the example of Active Directory Federation Services (ADFS). ADFS is a service that we want highly available so it would be configured in a server farm. For this example, we will say that two servers are deployed in the main data center and two are deployed in the secondary data center. To make these servers highly available, each set of servers sits behind a load balancer which probes the ADFS servers to ensure that they are responding correctly.
Great, so we have highly available ADFS servers in two locations. The issue is that our DNS record is not highly available. Outside services are pointed to adfs.techtalklive.org which resolves to an address to our primary data center. In case of a failure in the primary data center it could be pointed to the secondary data center address space but that requires manual intervention. Round robin DNS could also handle this but has its own drawbacks. Ideally, we want a service that is smarter and aware of the ADFS servers that are up and down.
That is where global load balancing comes in. I will talk from the perspective of Kemp load balancers as that is what we use, but there are many vendors with global load balancing solutions. Global load balancing allows us to delegate the DNS record for adfs.techtalklive.org to our existing load balancers. When a client queries the record for adfs.techtalklive.org, the load balancer can return the DNS record of the data center that is currently up. This extends the health checks that the load balancers perform against the ADFS servers and will only return the DNS records for servers that are healthy.
This allows for some interesting options. Global load balancing can be used in an active passive configuration. The primary data center DNS record can be returned as long as the servers are healthy. In the event that they are not, the secondary DNS record is returned. Another option is to use server load. The load balancers can return the DNS record of the servers with the lowest current traffic load. Another option is to direct traffic to the nearest data center to the client.
Global load balancing allows us to make user of our existing load balancers to stretch a single DNS record over multiple data centers. This provides automatic failover for any service that we have load balanced on both sites. This was an important piece of the disaster recovery puzzle that is now resolved.
Tech Talk Live is the only conference of its kind in the region specifically designed for IT pros in education.
1020 New Holland Avenue, Lancaster, PA 17601