High Availability Deployment
Overview
To minimize downtime and service interruptions you may deploy NFO in High Availability (HA) configuration.
Please note that most NFO configuration is performed via GUI, and saved in file system and/or local DB. If configuration is copied from one NFO instance to another - NFO needs to be restarted to read updated configuration. Also note that NetFlow v9 and IPFIX templates, when received from network devices, are stored in NFO memory and configuration files.
High Availability configuration may involve one or more of the following:
- Floating IP (https://en.wikipedia.org/wiki/Virtual_IP_address)
- Load balancer (e.g. https://www.nginx.com/blog/announcing-udp-load-balancing/)
- Distributed_Replicated_Block_Device (DRBD) (https://en.wikipedia.org/wiki/Distributed_Replicated_Block_Device) (e.g. https://www.linbit.com/drbd/)
- Pacemaker (https://en.wikipedia.org/wiki/Pacemaker_(software))
Keeping this in mind HA could be implemented in two ways:
Active / Passive Hot
NFO is installed on two servers. Both instances are configured identically (see Copying NFO Configuration below).
Both NFO instances are running and NetFlow is sent to both. This could be configured in network devices (most support at least two NetFlow destinations), or using Floating IP, or with a Load balancer. Passive Hot is ingesting NetFlow, but its output is blocked.
Pacemaker is monitoring Active NFO, and if unable to restart, makes the second instance Active, opening its output.
Active / Passive Cold
NFO is installed on two servers. One NFO instance is Active and running. Another is Passive, and stopped. DRBD is used to copy configuration periodically from Active to Passive NFO.
Pacemaker is monitoring Active NFO, and if unable to restart, starts the second instance making it Active.
Comparing Passive Hot vs Passive Cold
The advantage of Passive Hot over Passive Cold:
- It takes time to start NFO server, so Passive Hot server is "ready" when needed - less data lost
- NetFlow templates are sent periodically, and Passive Hot will have them when it becomes Active - again less data lost, as NFO needs to have NetFlow templates before processing
The disadvantage of Passive Hot vs Passive Cold:
- DRBD cannot be used in this case as NFO server needs to be restarted to read copied configuration, so if configuration of primary NFO is changed, it needs to be copied to the second instance, and the second instance needs to be restarted.
The advantage of Passive Cold over Passive Hot:
- Only Active NFO needs to be configured and any configuration changes are copied to Passive by DRBD
The disadvantage of Passive Cold vs Passive Hot:
- It may take from several seconds to a few minutes to start NFO, so if Passive Cold server becomes Active - more data can be lost vs Passive Hot.