EDB Failover Manager FAQs

Frequently Asked Questions

Q. How many cluster nodes does EDB Failover Manager support?

A. Failover Manager 2.0 supports multiple standby nodes. We have tested up to 20 nodes in our labs.

Q. Can other replication solutions other than Streaming Replication be used?

A. No, not in the 2.0 release.

Q. Does EDB Failover Manager support synchronous mode with Streaming Replication?

A. Yes. You can configure streaming replication in whatever way is required to meet your business needs. The role of Failover Manager is to monitor the health of the cluster and take action if necessary.

Q. Do I have to use a Virtual IP address?

A. No. VIP usage is optional. Failover Manager supports the ability for you to create your own fencing script that performs a similar type of operation, such as rendering the master node unreachable in the event of a failover.

Q. What is the Witness node? Do I really need it?

A. Starting in the 2.0 release, the witness node is optional, as the use of multiple standby nodes serves the same purpose as the witness. The witness node is a specialized node that provides a safeguard against 'split-brain' scenarios. When the replica ‘thinks’ the master node/database has failed, it asks the witness to confirm. If the witness confirms, then failover occurs. If confirmation is not made, then no failover happens and thus prevents that situation where both the master and replica think they are the master node. Without the witness, the replica could have initiated failover and promoted itself to master, which would result in applications/users connecting to both database nodes with the resulting possibility of data corruption or lost integrity.

Q. Can I manually trigger a failover?

A. Yes, there is a 'promote' command that triggers a failover so the replica becomes the new master.

Q. Can I turn off automatic failover in such a way that a DBA is notified in the event of a failure detection but have time to investigate and decide what to do?

A. Yes, you can turn off automatic failover. Failover Manager will simply log the failure detection and send an email to the supplied address. A DBA can then investigate the cause of the failure and decide if they can recover the master or if they need to failover to the replica.

Q. Are the timeouts for the cluster health checking configuration, i.e. can I set it to check every second?

A. Yes, you have complete control over all timing. To change any time element, simply modify the appropriate parameter in the properties file and restart Failover Manager.

Q. Which database servers and versions does EDB Failover Manager support?

A. Failover Manager supports versions 9.2.x, 9.3.x, and 9.4.x of Postgres Plus Advanced Server and PostgreSQL.

Q. Is EDB Failover Manager free?

A. Failover Manager is an add-on extra with the purchase of a Postgres Plus Standard Edition subscription for PostgreSQL. Failover Manager is included in the purchase of a Postgres Plus Enterprise Edition subscription for Postgres Plus Advanced Server. See subscription details.

Q. How does EDB Failover Manager compare to pgpool, pgHA and repmgr?

A. The biggest difference between Failover Manager and those other tools is that Failover Manager is the only tool EDB supports for providing a failover solution for your Postgres databases.

pgpool: This tool does provide a failover mechanism but it does not have the safeguard of a witness node. Therefore, ‘split brain’ scenarios are possible.

pgHA: This tool also lacks a witness node safeguard and thus can cause split brain scenarios.

repmgr: This tool uses a similar architecture with a witness node and configures and manages your streaming replication configuration. Failover Manager provides the failover management with technology that has been tested and proven over the last several years in EDB's Postgres Plus Cloud Database, thus offering enterprises a well-tested failover mechanism that they can trust.