Procedure for Shutdown and Snapshot:
- Shutdown of the Secondary Instance:
- Shut down the secondary instance and proceed with the creation of the snapshot. After the snapshot, turn on the secondary instance again.
- Shutdown and Snapshot of the Primary Instance:
- Once the secondary instance is turned on and synchronized in the cluster, outside the primary instance. After completing the snapshot, turn on the primary instance again.
Advantages of the Process:
- This method, which proceeds from the last node to the first, ensures that the “split-brain” does not occur, since there is always an active instance during the process, promoting a scheduled shutdown.
Restarting Instances Without Snapshots:
- In situations of restarting without the need for snapshots, there is no need to follow a specific order, as long as the servers are restarted one at a time.
Full Cluster Shutdown:
- For a full cluster shutdown, the ideal order is:
- Shut down the secondary instance.
- Shut down the primary instance.
- Start the primary instance.
- Start the secondary instance.
- Start the secondary instance.
- Return the arbitrator to the cluster (if applicable).
- However, be aware that even following this order, there may be cases where the database goes into error or “split-brain” conditions, requiring manual synchronization.
Additional Considerations:
- Manual Synchronization: In the event of a database error or “split-brain” error, a manual synchronization action may be necessary to restore order and data integrity in the cluster.
For more details and guidelines on how to update and manage your cluster, see the official documentation at: senhasegura Documentation.
Conclusion:
Following a structured protocol for shutdowns, snapshots, and reboots is crucial to maintaining cluster integrity and minimizing risks of “split-brain” in senhasegura.