Macero,
With all due respect, I do not agree with the proposed procedure for recovering in the event of a failure of the primary system. Shutting down each node and rebooting the alternate node from the primary's system root means a restart time on the order of minutes, at best.
The way that OpenVMS clusters were designed to failover uses the fact that the functions can be failed over to another cluster member without the need to restart the other cluster member. This can be initiated automatically, using a program or a background batch job; or it can be done manually using a command procedure specifically tailored for that particular application. It is important to realize that "failure" is not a all or nothing proposition, it is quite possible to move one group or one application from one node in a cluster to another, without shifting all of the load to the other, or in the case of a cluster that is larger than two active members, re-distribute the load among the other members.
My recommendation would be to carefully look at the application and how it interacts. In working with clients to architect, design, and implement OpenVMS clusters since they were first announced in 1982, I have almost always found solutions that did not require the re-boot of the entire cluster.
I have also found that solutions that require manual intervention tend to be highly prone to operational error and mistakes, and are best to be avoided as much as possible.
I hope that the above is helpful. If I have been unclear, please feel free to followup in this forum or privately.
- Bob Gezelter,
http://www.rlgsc.com
