Planning and Configuring HP-UX DCE 1.9
Chapter 6
Configuring HP-UX DCE Cells
Integrating DCE Services with MC/ServiceGuard
67
Integrating DCE Services with MC/ServiceGuard
MC/ServiceGuard is a Series 800 product that was introduced at HP-UX 10.0. MC/ServiceGuard provides an
environment in which, if a node fails, services (applications) can be up and running again on another node
very quickly.
This section provides background information on MC/ServiceGuard, and explains detailed planning and
configuration steps necessary to utilize MC/ServiceGuard to increase the availability of the DCE core
services. The process and considerations provided here are also easily extended to DCE-based application
servers.
Readers of this section should already have a license for the MC/ServiceGuard product and be familiar with
the contents of Managing MC/ServiceGuard (B3936-90003), which describes the features and capabilities of
MC/ServiceGuard and provides a general conceptual framework for planning, configuring, and operating an
MC/ServiceGuard cluster.
Background
The DCE infrastructure depends on three core services, all of which are necessary for the proper operation of
a DCE Cell: the Security Service, the Naming Service, and the Time Service. In a properly configured DCE
cell, each of these services is distributed and replicated, in order to increase the availability and scalability of
the DCE infrastructure. This means that each service actually consists of multiple servers running on
separate hosts. Should any single server become unavailable, clients can quickly locate and use another
server (replica) that provides the same service.
The Security and Naming services replicate only their read operations. That is, while a client can choose
between any of the replicas to obtain information, it must go to a specific replica — the master replica — to
perform a write operation. The master replica is then responsible for informing the other (read-only) replicas
of the change.
While the replication mechanisms of the Security Service and the Naming Service differ in design and
implementation, they share this master-slave approach. Therefore, while both services can be considered
highly available for read operations, they do present a single point of failure for write operations.
The Time Service, on the other hand, does not present the same level of vulnerability. Most mission critical
installations will configure more than the minimum necessary time servers with multiple time providers.
This being the case, the loss of a single time server is usually not critical. Installations should not establish an
MC/ServiceGuard configuration for the purpose of maintaining the Time Service alone.
DCE-based applications can also present a single point of failure, unless the developers provide for the
replication of data and functions between multiple servers. Since replication is a complicated and complex
process, many application designers may choose to depend on a "fail over" approach such as MC/ServiceGuard
to provide availability, rather than develop and maintain their own replication mechanisms.
In summary, you only need to use MC/ServiceGuard to increase the availability of DCE Core Services and
DCE-based services that are not replicated. In the case of the DCE Core services, these are the write
functions provided by the DCE master Security and Naming replicas.
Planning Considerations
In your planning for MC/ServiceGuard, you must consider the following characteristics of DCE and
DCE-based programs:
• The DCE runtime and daemons do not themselves support the concept of dynamic IP addresses.