首页 项目目录 关于我们
Sign In
rust
/
Materialize
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
Materialize
/
doc
/
user
/
data
/
disaster_recovery
/
cluster.yml

cluster.yml 2.5 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475 
  1. columns:
    2. 

  2.   - column: "Failure Type"
    3. 

  3.   - column: "RPO"
    4. 

  4.   - column: "RTO (RF1 - single AZ)"
    5. 

  5.   - column: "RTO (RF2 - multiple AZs)"
    6. 

  6. 

  7. rows:
    8. 

  8.   - Failure Type: "**Machine failure**"
    9. 

  9.     RPO: 0
    10. 

  10.     RTO (RF1 - single AZ): |
    11. 

  11.       Time to spin up new machine + possible rehydration time, depending on the
    12. 

  12.       objects on the machine:
    13. 

  13. 

  14.       - If non-upsert sources, no rehydration time(i.e., does not require
    15. 

  15.         rehydration).
    16. 

  16.       - If upsert sources, rehydration time.
    17. 

  17.       - If sinks, no rehydration time (i.e., does not require rehydration).
    18. 

  18.       - If compute, rehydration time.
    19. 

  19.       - If serving, rehydration time.
    20. 

  20. 

  21.       Additionally, there may be some time to catch up with changes that may
    22. 

  22.       have occurred during the downtime.
    23. 

  23. 

  24.       To reduce rehydration time, scale up the cluster.
    25. 

  25.     RTO (RF2 - multiple AZs): |
    26. 

  26.       Can be:
    27. 

  27. 

  28.       - 0 if only compute and serving objects are on the machine.
    29. 

  29. 

  30.       - Time to spin up new machine if sources or sinks are on the machine.
    31. 

  31. 

  32.       In addition, cluster RTO is affected if the [`environmentd` is
    33. 

  33.       down](#environmentd) (seconds to minutes).
    34. 

  34. 

  35.   - Failure Type: "**Single AZ failure**"
    36. 

  36.     RPO: 0
    37. 

  37.     RTO (RF1 - single AZ): |
    38. 

  38. 

  39.       *For managed clusters*
    40. 

  40. 

  41.       Time to spin up new machine + possible rehydration time, depending on the
    42. 

  42.       objects on the machine:
    43. 

  43. 

  44.       - If non-upsert sources, no rehydration time(i.e., does not require
    45. 

  45.         rehydration).
    46. 

  46.       - If upsert sources, rehydration time.
    47. 

  47.       - If sinks, no rehydration time (i.e., does not require rehydration).
    48. 

  48.       - If compute, rehydration time.
    49. 

  49.       - If serving, rehydration time.
    50. 

  50. 

  51.       Additionally, there may be some time to catch up with changes that may
    52. 

  52.       have occurred during the downtime.
    53. 

  53. 

  54.       To reduce rehydration time, you can scale up the cluster.
    55. 

  55. 

  56.       During downtime, single AZ PrivateLinks are impacted.
    57. 

  57.     RTO (RF2 - multiple AZs): |
    58. 

  58. 

  59.       Can be:
    60. 

  60. 

  61.       - 0 if only compute and serving objects are on the machine.
    62. 

  62. 

  63.       - Time to spin up new machine if sources or sinks are on the machine.
    64. 

  64. 

  65.       In addition, cluster RTO is affected if the [`environmentd` is
    66. 

  66.       down](#environmentd) (seconds to minutes).
    67. 

  67. 

  68.   - Failure Type: "**Regional failure (or 2 AZs failures)**"
    69. 

  69.     RPO: |
    70. 

  70.       At most, 1 hour (time since last backup, based on hourly backups).<br>
    71. 

  71. 

  72.     RTO (RF1 - single AZ): |
    73. 

  73.       ~1 hour (time to check pointers).
    74. 

  74.     RTO (RF2 - multiple AZs): |
    75. 

  75.       High/Significant. Consider using a [regional failover strategy](/manage/disaster-recovery/#level-3-a-duplicate-materialize-environment-inter-region-resilience).
    76.