Chapter 2. Data Grid Cross-Site Replication
Cross-site replication allows you to back up data from one Data Grid cluster to another.
2.1. Cross-Site Replication
Data Grid clusters running in different locations can discover and communicate with each other.
A site is a locally running Data Grid cluster. For demonstration purposes, this documentation illustrates sites as data centers in different geographic locations, as in the following diagram:
LON is a datacenter in London, England.
NYC is a datacenter in New York City, USA.
Data Grid can form global clusters across two or more sites.
For example, configure a third Data Grid cluster running in San Francisco, SFO, as backup location for LON and NYC.
2.1.1. Site Masters
Site masters are the nodes in Data Grid clusters that are responsible for sending and receiving requests from backup locations.
If a node is not a site master, it must forward backup requests to a local site master. Only site masters can send requests to backup locations.
For optimal performance, you should configure all nodes as site masters. This increases the speed of backup requests because each node in the cluster can backup to remote sites directly without having to forward backup requests to site masters.
2.2. Adding Backups to Caches
Name remote sites as backup locations in your cache definitions.
For example, the following diagram shows three caches, "customers", "eu-orders", and "us-orders":
- In LON, "customers" names NYC as a backup location.
- In NYC, "customers" names LON as a backup location.
- "eu-orders" and "us-orders" do not have backups and are local to the respective cluster.
2.3. Backup Strategies
Data Grid clusters can use different strategies for backing up data to remote sites.
Data Grid replicates across sites at the same time that writes to local caches occur. For example, if a client writes "k1" to LON, Data Grid backs up "k1" to NYC at the same time.
2.3.1. Synchronous Backups
When Data Grid replicates data to backup locations, it waits until the operation completes before writing to the local cache.
You can control how Data Grid handles writes to the local cache if backup operations fail. For example, you can configure Data Grid to attempt to abort local writes and throw exceptions if backups to remote sites fail.
Synchronous backups also support two-phase commits with caches that participate in optimistic transactions. The first phase of the backup acquires a lock. The second phase commits the modification.
Two-phase commit with cross-site replication has a significant performance impact because it requires two round-trips across the network.
2.3.2. Asynchronous Backups
When Data Grid replicates data to backup locations, it does not wait until the operation completes before writing to the local cache.
Asynchronous backup operations and writes to the local cache are independent of each other. If backup operations fail, write operations to the local cache continue and no exceptions occur.
2.3.3. Synchronous vs Asynchronous Backups
Synchronous backups offer the strongest guarantee of data consistency across sites. If strategy=sync, when cache.put() calls return you know the value is up to date in the local cache and in the backup locations.
The trade-off for this consistency is performance. Synchronous backups have much greater latency in comparison to asynchronous backups.
Asynchronous backups, on the other hand, do not add latency to client requests so they have no performance impact. However, if strategy=async, when cache.put() calls return you cannot be sure of the value in the backup locations is the same as in the local cache.
2.4. Taking Sites Offline Automatically
Backup configurations include timeout values for operations to replicate data to remote sites. When backup operations reach the timeout, Data Grid records the operation as a failure.
To automatically take sites offline, you can then configure the number of consecutive failures that can occur.
For example, the NYC backup configuration specifies five as the number of failures after which NYC goes offline. If LON attempts five consecutive backup operations that fail, Data Grid automatically takes NYC offline. LON then stops backing up to NYC until you bring the site back online.
<backup site="NYC" strategy="ASYNC"> <take-offline after-failures="5"/> </backup>
You can also specify the amount of time to wait before taking sites offline. When backup operations fail, Data Grid waits before taking sites offline. If a backup request succeeds before the wait time runs out, Data Grid does not take the site offline.
<backup site="NYC" strategy="ASYNC">
<take-offline after-failures="5"
min-wait="10000"/>
</backup>In the preceding example, if failures occur for 5 consecutive operations, Data Grid waits 10 seconds and, if no requests are successful within the 10 second wait time, Data Grid then takes NYC offline.
To use only a minimum wait time for automatically taking locations offline, set a negative or zero value for the after-failures attribute; for example:
<backup site="NYC" strategy="ASYNC">
<take-offline after-failures="-1"
min-wait="10000"/>
</backup>You can manually take sites offline through the Data Grid command line interface or REST API.
2.5. State Transfer
State transfer is an administrative operation that synchronizes data between sites.
For example, LON goes offline and NYC starts handling client requests. When you bring LON back online, the Data Grid cluster in LON does not have the same data as the cluster in NYC.
To ensure the data is consistent between LON and NYC, you can push state from NYC to LON.
- State transfer is bidirectional. For example, you can push state from NYC to LON or from LON to NYC.
- Pushing state to offline sites brings them back online.
State transfer overwrites only data that exists on both sites, the originating site and the receiving site. Data Grid does not delete data.
For example, "k2" exists on LON and NYC. "k2" is removed from NYC while LON is offline. When you bring LON back online, "k2" still exists at that location. If you push state from NYC to LON, the transfer does not affect "k2" on LON.
TipTo ensure contents of the cache are identical after state transfer, remove all data from the cache on the receiving site before pushing state. Use the
clear()method.State transfer does not overwrite updates to data that occur after you initiate the push.
For example, "k1,v1" exists on LON and NYC. LON goes offline so you push state transfer to LON from NYC, which brings LON back online. Before state transfer completes, a client puts "k1,v2" on LON.
In this case the state transfer from NYC does not overwrite "k1,v2" because that modification happened after you initiated the push.
Reference
- org.infinispan.Cache.clear()
- Tip
Run
help clearcachefrom the CLI for command details and examples. - Clearing Caches with the REST API
2.6. Client Connections Across Sites
Clients can write to Data Grid clusters in either an Active/Passive or Active/Active configuration.
Active/Passive
The following diagram illustrates Active/Passive where Data Grid handles client requests from one site only:
In the preceding image:
- Client connects to the Data Grid cluster at LON.
- Client writes "k1" to the cache.
- The site master at LON, "n1", sends the request to replicate "k1" to the site master at NYC, "nA".
With Active/Passive, NYC provides data redundancy. If the Data Grid cluster at LON goes offline for any reason, clients can start sending requests to NYC. When you bring LON back online you can synchronize data with NYC and then switch clients back to LON.
Active/Active
The following diagram illustrates Active/Active where Data Grid handles client requests at two sites:
In the preceding image:
- Client A connects to the Data Grid cluster at LON.
- Client A writes "k1" to the cache.
- Client B connects to the Data Grid cluster at NYC.
- Client B writes "k2" to the cache.
- Site masters at LON and NYC send requests so that "k1" is replicated to NYC and "k2" is replicated to LON.
With Active/Active both NYC and LON replicate data to remote caches while handling client requests. If either NYC or LON go offline, clients can start sending requests to the online site. You can then bring offline sites back online, push state to synchronize data, and switch clients as required.
2.6.1. Conflicting Entries with Cross-Site Replication
Conflicting entries can occur with Active/Active site configurations if clients write to the same entries at the same time but at different sites.
For example, client A writes to "k1" in LON at the same time that client B writes to "k1" in NYC. In this case, "k1" has a different value in LON than in NYC.
With synchronous replication, concurrent writes result in deadlocks because both sites lock the same key in different orders. To resolve deadlocks, client applications must wait until the locks time out.
With asynchronous replication, concurrent writes result in conflicting values because sites replicate after entries are modified locally. After replication occurs, there is no guarantee which value for "k1" exists at which site.
- Keys have conflicting values.
- One of the conflicting values is overwritten if sites do not replicate values at the same time. In this case, one of the values is lost and there is no guarantee which value is saved.
In all cases, inconsistencies in key values are resolved after the next non-conflicting put() operation updates the value.
There currently is no conflict resolution policy that client applications can use to handle conflicts in asynchronous mode. However, conflict resolution techniques are planned for a future Data Grid version.
2.7. Expiration and Cross-Site Replication
Data Grid expiration controls how long entries remain in the cache.
-
lifespanexpiration is suitable for cross-site replication. When entries reach the maximum lifespan, Data Grid expires them independently of the remote sites. -
max-idleexpiration does not work with cross-site replication. Data Grid cannot determine when cache entries reach the idle timeout in remote sites.
