HAC monitors the health and status of the HotStandby servers. In failure situations, such as a database process failure or a computer node failure, HAC performs failovers and other necessary state transitions to maintain the best possible availability of the database service.
For all failures considered, it is assumed that they happen in a normal, fully operational state that is expressed by the PRIMARY ACTIVE and SECONDARY ACTIVE states of the two HSB servers. HAC takes care of single failures only. In other words, it is assumed that a failure cannot occur before the system has recovered from a previous failure. There is, however, a number of predefined multiple-failure scenarios that HAC can handle.
As far as single failures are concerned, HAC maintains an almost uninterruptible database service. If multiple failures occur, HAC attempts to avoid an erroneous system state (such as dual primaries).
The failures HAC can handle are:
▪Single failures
– The primary (ACTIVE) database server process fails
– The secondary (ACTIVE) database server process fails
– Primary node fails
– Secondary node fails
– If an External Reference Entity is used, HAC can also handle a HotStandby link failure, that is, a lost connection between the two HotStandby database processes. For more information about the External Reference Entity, see External Reference Entity (ERE)
– Server is unresponsive to external clients
▪Double failures
– While recovering from a previous failure, HAC recognizes an error in the synchronization between the Primary and the Secondary database.
– HAC also takes care several less common failures, such as a server process failure while servers are establishing HSB link after previous failure.