Configuring for Highly Available Services
- Shirly Tsang
Analytics
Infoblox NIOS/vNIOS provides configuration options that can be used to ensure high availability of the Grid and core services such as DNS and DHCP. Additionally, features of AWS global infrastructure such as Regions and Availability Zones can be leveraged to deploy highly available Infoblox Grids.
HA Pairs
Beginning with NIOS 9.0.4, NIOS instances for AWS can be deployed as HA (high availability) pairs. An HA pair consists of two NIOS members, identified as Node 1 and Node 2, in an active/passive configuration. The passive node keeps it database synchronized with the active node, so it can take over services in a failover. A failover occurs when the active node is down for any reason and the passive node becomes the new active node, with no user interaction needed. For additional information on NIOS HA Pairs, refer to the NIOS Admin Guide. For specific steps used to deploy HA pairs in AWS, refer to the Installation Guide for vNIOS for AWS.
Grid Master Candidate
To ensure high availability and recoverability of your Grid, Infoblox recommends your Grid has at least one Grid Master Candidate (GMC), an optional designation when adding a member to the Grid. The GMC holds a complete copy of the Grid database. Ideally, the GMC should be deployed in a different location than the Grid Master so an outage is unlikely to affect both (for example, deploy the GM on-premises and the GMC in AWS or deploy GM and GMC to different regions in AWS). If the Grid Master fails, the GMC can be promoted to GM using the instructions provided in the Backup and Recovery section of this document. To designate a member as a Grid Master Candidate, select this option when adding the member to your Grid.
For additional details on adding a Grid Master Candidate, including which virtual appliance models can be used as a GMC, refer to Infoblox documentation: https://docs.infoblox.com/space/nios90/280668048/Adding+Grid+Members.
DNS
Highly available DNS services can be provided by ensuring at least two DNS servers, a primary and secondary are specified for each client endpoint. For example, in an AWS VPC, two DNS servers can be specified in a DHCP option set. If the first server is unavailable, the second will be used for DNS resolution. Deploy the primary and secondary DNS servers in different availability zones, regions, or datacenters to increase availability.
Additionally, to increase availability of DNS zones, Infoblox NIOS allows you to configure multiple primary servers for a zone. When you define multiple primary servers for a zone, each server will hold a copy of the zone’s authoritative data that can be updated independently.
To resolve any conflicts between zone updates on the multiple primaries, generally the latest update is selected based on the timestamp. Therefore, it is recommended that all DNS primaries have NTP enabled. For additional details and best practices for designating multiple primary DNS servers for a zone, refer to Infoblox NIOS documentation: https://docs.infoblox.com/space/nios90/280272599/Assigning+Zone+Authority+to+Name+Servers.
DHCP
Highly available DHCP service can be achieved using DHCP failover. To use DHCP failover, two NIOS/vNIOS appliances are configured with a failover association. The two appliances share a pool of IP addresses to issue to clients. If the Primary DHCP is unavailable, the Secondary is able to continue issuing address leases. To increase availability of appliances in a failover association, they should be deployed in different locations, for example, each in a different region of AWS or one on-premises and one in AWS. For additional details and configuration steps, refer to Infoblox NIOS documentation: https://docs.infoblox.com/space/nios90/280758749/Configuring+DHCP+Failover.
Regions and Availability Zones
To maximize availability in the configurations described for Grid Master Candidates, DNS, and DHCP, the appliances used for these services should be deployed across multiple Availability Zones and/or Regions. For example, a Grid Master Candidate should be deployed in a different Region than the Grid Master. If the GM fails or connectivity is interrupted due to failures in a specific Region, the GMC in another Region can be promoted to continue Grid services. DNS zones should always use multiple name servers, running in as many different Availability Zones and Regions as feasible. When configuring DHCP failover pairs, the two appliances should be deployed into different Availability Zones.