HA requires redundant components: multiple app servers behind a load balancer, DB replication, and shared-nothing where possible. Plan for failure of any single component; test failover periodically.
Remove single points of failure
- App tier: Two or more app servers behind a load balancer; if one fails, traffic goes to the others.
- DB tier: Primary-replica or cluster; automatic or manual failover with minimal data loss (within RPO).
- Load balancer: Use a managed LB or pair; avoid a single LB as the only entry point where possible.
Shared-nothing and state
- Stateless app servers: No local session state; scale horizontally and replace instances without affinity.
- State in shared store: Session in Redis/DB; cache in Redis or Memcached so any app node can serve.
- Avoid single-node state that would make one server irreplaceable without migration.
Test failover
- Periodic tests: Simulate node failure (e.g. stop one app server) and verify LB and app behavior.
- DB failover: Test promotion of replica to primary; verify app reconnects and data is consistent.
- Runbooks: Document how to trigger and verify failover; who is on call and escalation.
Summary
HA = redundant app servers + load balancer + DB replication + shared state where needed. Test failover regularly and keep runbooks updated.
