However, the write-ahead log backs up every five minutes, so the most recent writes to the database may be lost if the cluster needs to recover this way. If there are no running nodes to copy data from, the database cluster reprovisions nodes using the most recent backup and the write-ahead log to recover the database to as close to the point of failure as possible. Provisioning a new replacement node takes time, but failing over to a standby node is immediate.Īdditional redundancy in the database cluster also minimizes the risk of data loss.
In other words, the effect of a primary node’s failure on service availability depends on the cluster configuration. The service only becomes unavailable in the unlikely event of all three nodes failing at the same time. With two standby nodes, the cluster is highly available and very resilient against downtime.Įven if two nodes fail simultaneously, the service remains available while two replacements are provisioned in the background. If both nodes fail simultaneously, the service becomes unavailable until at least one of the nodes is reprovisioned. The standby node is immediately promoted to primary and begins serving requests while a replacement standby node is provisioned in the background. If the primary node fails, the service remains available. With one standby node, the cluster is highly available. The amount of time it takes to reprovision a node depends on the amount of data being stored larger databases require more time. If the primary node fails, the service becomes unavailable until the primary node’s replacement is reprovisioned. Without standby nodes, the primary node is a single point of failure, so the cluster is not highly available. Database clusters must have at least one standby node to be highly available because standby nodes provide redundancy for the primary node: High availability requires redundancy in addition to automatic failover. High AvailabilityĪll database clusters have automated failover, meaning they automatically detect and replace degraded or failing nodes. Read-only nodes are not considered part of the cluster. Read-only nodes can be added to a cluster at any time.Ī database cluster is comprised of one primary node and its standby nodes. They provide geographically distinct, horizontal read scaling. Read-only nodes are copies of the primary node that process queries and return results but cannot make changes to the database itself. Standby nodes can be added to an existing cluster at any time, with the exception of the smallest plan of single node clusters. Database clusters may have zero, one, or two standby nodes. Standby nodes are copies of the primary node that automatically take over if the primary node fails.
The primary node of a database cluster processes queries, updates the database, returns results to clients, and acts as the single source of data for all other nodes. High availability with automated failoverĭigitalOcean Managed Databases offers three types of nodes: