You can use dynamic cluster isolation to isolate
applications from other applications that are deployed in the cell.
For example, you might create a dynamic cluster isolation configuration
to isolate the critical applications that an external customer uses
from your internal applications, which can tolerate some instability.
Scenario
Your company hosts Web applications
for external customers and for internal departments in the company.
To provide the most stable and secure service for your external customers,
you want to be sure that their applications run on separate computers.
Your hosting environment must adhere to the following requirements:
- All customer applications must run on different servers than applications
from other companies for optimal security. For example, customer_1
applications must run on a different set of servers than customer_2
applications.
- Customer_2 also has a critical application that must be completely
separate from both their other applications and any other applications
in the cell.
- You also must host several internal applications that do not have
performance and security requirements, including the company employee
directory.
Solution
Use dynamic cluster isolation to
meet the requirements of your customers. Dynamic cluster isolation specifies
whether the dynamic cluster runs on the same nodes as other instances
of dynamic clusters, or whether the dynamic cluster is the only dynamic
cluster that is running on a node. The following configurations meet
your customer requirements:
- Create dynamic clusters for customer_1 and customer_2. For the
isolation requirement for each of the dynamic clusters, click group
isolation when you create the dynamic cluster. With group isolation,
a dynamic cluster instance can run on the same node only with instances
of dynamic clusters that are a part of the same isolation group. Create
an isolation group for customer_1 dynamic clusters, and another isolation
group for customer_2 dynamic clusters.
- To separate the critical customer_2 application, define strict
isolation for the dynamic cluster that is hosting the critical application.
With strict isolation, a dynamic cluster instance can run only
with other instances of the same dynamic cluster on a node.
- Because the internal employee directory application does not have
any isolation requirements, click No isolation requirements when
you create the dynamic cluster for that application.
By configuring the dynamic cluster with specific isolation requirements,
you are providing the most stable and secure service for customers
while also hosting internal applications for your company.
Priority of isolated dynamic clusters
Dynamic
cluster isolation ensures that dynamic cluster instances from different
dynamic clusters do not run on the same node, but it does not make
guarantees about how the system avoids a violation of the isolation
mode. Configuring strict isolation does not give a dynamic cluster
priority over any other dynamic clusters.
For example, you might
have an environment with one available node, and two dynamic clusters.
Each dynamic cluster has the minimum number of cluster instances set
to 1. Consider the following isolation configuration scenarios:
- Both of the dynamic clusters are configured with strict isolation.
- One of the dynamic clusters is configured with strict isolation,
and the other dynamic cluster does not have strict isolation defined.
In both of these scenarios, the application placement controller
can place a single cluster instance for one of the dynamic clusters.
Dynamic cluster instances cannot be placed for both dynamic clusters
because only one node is available. In both scenarios, no guarantee
is made about which dynamic cluster starts an instance. Even in the
second scenario, where one of the dynamic clusters has strict isolation
defined, the isolated dynamic cluster does not have priority over
the other dynamic cluster. This restriction can be problematic for
small systems, such as a single node environment, or environments
with a large number of constraints.