Database mirroring
is a solution for increasing the availability of a SQL Server database. Mirroring is implemented on a
per-database basis and works only with databases that use the full recovery
model.
Database
mirroring maintains two copies of a single
database that must reside on different server instances of SQL
Server Database Engine. Typically, these server instances reside on computers
in different locations. Starting database mirroring on a database, initiates a
relationship, known as a database mirroring session,
between these server instances.
One server instance serves the database to clients (the principal server). The other instance acts as a hot or warm standby server (the mirror server), depending on the configuration and state of the mirroring session. When a database mirroring session is synchronized, database mirroring provides a hot standby server that supports rapid failover without a loss of data from committed transactions. When the session is not synchronized, the mirror server is typically available as a warm standby server (with possible data loss).
The principal and mirror servers communicate and cooperate as partners in a database mirroring session. The two partners perform complementary roles in the session: the principal role and the mirror role.
At any given time, one partner performs the principal role, and the other partner performs the mirror role. Each partner is described as owning its current role. The partner that owns the principal role is known as the principal server, and its copy of the database is the current principal database.
The partner that owns the mirror role is known as the mirror server, and its copy of the database is the current mirror database. When database mirroring is deployed in a production environment, the principal database is the production database
Database mirroring involves redoing every insert, update, and delete operation that occurs on the principal database onto the mirror database as quickly as possible. Redoing is accomplished by sending a stream of active transaction log records to the mirror server, which applies log records to the mirror database, in sequence, as quickly as possible.
Unlike replication, which works at the logical level, database mirroring works at the level of the physical log record. Beginning in SQL Server 2008, the principal server compresses the stream of transaction log records before sending it to the mirror server. This log compression occurs in all mirroring sessions.
Advantages of Database Mirroring:
Database mirroring is a simple strategy that offers the following benefits:
Increases availability of a database.
Database Mirroring Terms and Definitions
Operating
Modes
A database mirroring session runs with either synchronous or asynchronous operation. Under asynchronous operation, the transactions commit without waiting for the mirror server to write the log to disk, which maximizes performance.
Under synchronous operation, a transaction is committed on both partners, but at the cost of increased transaction latency.
There are two mirroring operating modes. One of them, high-safety mode supports synchronous operation. Under high-safety mode, when a session starts, the mirror server synchronizes the mirror database together with the principal database as quickly as possible.
As soon as the databases are synchronized, a transaction is committed on both partners, at the cost of increased transaction latency.
The second operating mode, high-performance mode, runs asynchronously. The mirror server tries to keep up with the log records sent by the principal server. The mirror database might lag somewhat behind the principal database.
However, typically, the gap between the databases is small. However, the gap can become significant if the principal server is under a heavy work load or the system of the mirror server is overloaded.
In high-performance mode, as soon as the principal server sends a log record to the mirror server, the principal server sends a confirmation to the client. It does not wait for an acknowledgement from the mirror server.
This means that transactions commit without waiting for the mirror server to write the log to disk. Such asynchronous operation enables the principal server to run with minimum transaction latency, at the potential risk of some data loss.
All database mirroring sessions support only one principal server and one mirror server. This configuration is shown in the following illustration.
High-safety mode with automatic fail over requires a third server instance, known as a witness. Unlike the two partners, the witness does not serve the database. The witness supports automatic failover by verifying whether the principal server is up and functioning.
The mirror server initiates automatic failover only if the mirror and the witness remain connected to each other after both have been disconnected from the principal server.
The following illustration shows a configuration that includes a witness.
Transaction Safety and Operating Modes
Whether an operating mode is asynchronous or synchronous depends on the transaction safety setting. If you exclusively use SQL Server Management Studio to configure database mirroring, transaction safety settings are configured automatically when you select the operation mode.
If you use Transact-SQL to configure database mirroring, you must understand how to set transaction safety. Transaction safety is controlled by the SAFETY property of the ALTER DATABASE statement. On a database that is being mirrored, SAFETY is either FULL or OFF.
The following three forms of role switching exist.
Automatic fail over
This requires high-safety mode. The partners must be connected to each other, and the database must already be synchronized.
Forced service (with possible data loss)
Under high-performance mode and high-safety mode without automatic fail over, forcing service is possible if the principal server has failed and the mirror server is available.
Note:
One server instance serves the database to clients (the principal server). The other instance acts as a hot or warm standby server (the mirror server), depending on the configuration and state of the mirroring session. When a database mirroring session is synchronized, database mirroring provides a hot standby server that supports rapid failover without a loss of data from committed transactions. When the session is not synchronized, the mirror server is typically available as a warm standby server (with possible data loss).
The principal and mirror servers communicate and cooperate as partners in a database mirroring session. The two partners perform complementary roles in the session: the principal role and the mirror role.
At any given time, one partner performs the principal role, and the other partner performs the mirror role. Each partner is described as owning its current role. The partner that owns the principal role is known as the principal server, and its copy of the database is the current principal database.
The partner that owns the mirror role is known as the mirror server, and its copy of the database is the current mirror database. When database mirroring is deployed in a production environment, the principal database is the production database
Database mirroring involves redoing every insert, update, and delete operation that occurs on the principal database onto the mirror database as quickly as possible. Redoing is accomplished by sending a stream of active transaction log records to the mirror server, which applies log records to the mirror database, in sequence, as quickly as possible.
Unlike replication, which works at the logical level, database mirroring works at the level of the physical log record. Beginning in SQL Server 2008, the principal server compresses the stream of transaction log records before sending it to the mirror server. This log compression occurs in all mirroring sessions.
Advantages of Database Mirroring:
Database mirroring is a simple strategy that offers the following benefits:
Increases availability of a database.
In
the event of a disaster, in high-safety mode with automatic fail over, failover quickly brings the
standby copy of the database online (without data loss). In the other operating
modes, the database administrator has the alternative of forcing service (with
possible data loss) to the standby copy of the database.
Increases
data protection.
Database
mirroring provides complete or almost complete redundancy of the data,
depending on whether the operating mode is high-safety or high-performance.
A
database mirroring partner running on SQL Server 2008
Enterprise or later versions automatically tries to resolve certain types of errors that prevent
reading a data page.
The partner that is unable to read a page requests a fresh
copy from the other partner. If this request succeeds, the unreadable page is
replaced by the copy, which usually resolves the error.
·
Improves
the availability of the production
database during upgrades.
To
minimize downtime for a mirrored database, you can sequentially upgrade the
instances of SQL Server that are hosting the fail over partners. This will incur
the downtime of only a single fail over
Database Mirroring Terms and Definitions
Automatic fail over:
The
process by which, when the principal server becomes unavailable, the mirror
server to take over the role of principal server and brings its copy of the
database online as the principal database.
Fail over partners:
The
two server instances (the principal server or the mirror server) that act as
role-switching partners for a mirrored database.
Forced service:
A
fail over initiated by the database owner upon the failure of the principal
server that transfers service to the mirror database while it is in an unknown
state.
High-performance mode
The
database mirroring session operates asynchronously and uses only the principal
server and mirror server. The only form of role switching is forced service
(with possible data loss).
High-safety mode
The
database mirroring session operates synchronously and, optionally, uses a
witness, as well as the principal server and mirror server.
Manual fail over:
A
failover initiated by the database owner, while the principal server is still running,
that transfers service from the principal database to the mirror database while
they are in a synchronized state.
Mirror database:
The
copy of the database that is typically fully synchronized with the principal
database.
Mirror server
In
a database mirroring configuration, the server instance on which the mirror
database resides.
Mirror server:
In
a database mirroring configuration, the server instance on which the mirror
database resides.
Principal database:
In
database mirroring, a read-write database whose transaction log records are
applied to a read-only copy of the database (a mirror database).
Principal server:
In
database mirroring, the partner whose database is currently the principal
database.
Redo queue:
Received
transaction log records that are waiting on the disk of a mirror server.
Role:
The
principal server and mirror server perform complementary principal and mirror
roles. Optionally, the role of witness is performed by a third server instance.
Role switching:
The
taking over of the principal role by the mirror.
Send queue:
Unsent
transaction log records that have accumulated on the log disk of the principal
server.
Session :
The
relationship that occurs during database mirroring among the principal server,
mirror server, and witness server (if present).
After
a mirroring session starts or resumes, the process by which log records of the
principal database that have accumulated on the principal server are sent to
the mirror server, which writes these log records to disk as quickly as
possible to catch up with the principal server.
Transaction safety
A
mirroring-specific database property that determines whether a database
mirroring session operates synchronously or asynchronously. There are two
safety levels: FULL and OFF.
Witness
For
use only with high-safety mode, an optional instance of SQL Server that enables
the mirror server to recognize when to initiate an automatic failover. Unlike
the two failover partners, the witness does not serve the database. Supporting
automatic failover is the only role of the witness.
A database mirroring session runs with either synchronous or asynchronous operation. Under asynchronous operation, the transactions commit without waiting for the mirror server to write the log to disk, which maximizes performance.
Under synchronous operation, a transaction is committed on both partners, but at the cost of increased transaction latency.
There are two mirroring operating modes. One of them, high-safety mode supports synchronous operation. Under high-safety mode, when a session starts, the mirror server synchronizes the mirror database together with the principal database as quickly as possible.
As soon as the databases are synchronized, a transaction is committed on both partners, at the cost of increased transaction latency.
The second operating mode, high-performance mode, runs asynchronously. The mirror server tries to keep up with the log records sent by the principal server. The mirror database might lag somewhat behind the principal database.
However, typically, the gap between the databases is small. However, the gap can become significant if the principal server is under a heavy work load or the system of the mirror server is overloaded.
In high-performance mode, as soon as the principal server sends a log record to the mirror server, the principal server sends a confirmation to the client. It does not wait for an acknowledgement from the mirror server.
This means that transactions commit without waiting for the mirror server to write the log to disk. Such asynchronous operation enables the principal server to run with minimum transaction latency, at the potential risk of some data loss.
All database mirroring sessions support only one principal server and one mirror server. This configuration is shown in the following illustration.
High-safety mode with automatic fail over requires a third server instance, known as a witness. Unlike the two partners, the witness does not serve the database. The witness supports automatic failover by verifying whether the principal server is up and functioning.
The mirror server initiates automatic failover only if the mirror and the witness remain connected to each other after both have been disconnected from the principal server.
The following illustration shows a configuration that includes a witness.
Transaction Safety and Operating Modes
Whether an operating mode is asynchronous or synchronous depends on the transaction safety setting. If you exclusively use SQL Server Management Studio to configure database mirroring, transaction safety settings are configured automatically when you select the operation mode.
If you use Transact-SQL to configure database mirroring, you must understand how to set transaction safety. Transaction safety is controlled by the SAFETY property of the ALTER DATABASE statement. On a database that is being mirrored, SAFETY is either FULL or OFF.
- If the SAFETY option is set to FULL, database mirroring operation is synchronous, after the initial synchronizing phase. If a witness is set in high-safety mode, the session supports automatic fail over.
- If the SAFETY option is set to OFF, database mirroring operation is asynchronous. The session runs in high-performance mode, and the WITNESS option should also be OFF.
Role Switching
Within the
context of a database mirroring session, the principal and mirror roles are
typically interchangeable in a process known as role
switching. Role switching involves transferring the principal role to
the mirror server. In role switching, the mirror server acts as the failover partner for the principal server. When a role
switch occurs, the mirror server takes over the principal role and brings its
copy of the database online as the new principal database. The former principal
server, if available, assumes the mirror role, and its database becomes the new
mirror database. Potentially, the roles can switch back and forth repeatedly.The following three forms of role switching exist.
Automatic fail over
- This requires high-safety mode and the presence of the mirror server and a witness. The database must already be synchronized, and the witness must be connected to the mirror server.
- The role of the witness is to verify whether a given partner server is up and functioning. If the mirror server loses its connection to the principal server but the witness is still connected to the principal server, the mirror server does not initiate a fail over.
This requires high-safety mode. The partners must be connected to each other, and the database must already be synchronized.
Forced service (with possible data loss)
Under high-performance mode and high-safety mode without automatic fail over, forcing service is possible if the principal server has failed and the mirror server is available.
Note:
High-performance mode is intended to run without a
witness. But if a witness exists, forcing service requires that the witness is
connected to the mirror server.
No comments:
Post a Comment