Technical Guide
1. Introduction
2. MultiSite Overview
3 WANdisco Concepts
  3.1 How Replication Works
  3.2 Replication Example
  3.3 WANdisco is Listening
  3.4 Synchronized Stop of all nodes
4. Handling Node and Network Failure
  4.1 Node Failure
  4.2 Network Failure

Pre-deployment
1 Introduction
  1.1 Deployment Overview
  1.2 System requirements
  1.3 Setting up repositories
  1.4 Using two or more repositories
    1.4.1 Subversion location directive
    1.4.2 About Subversion ParentPath
  1.5 Using the Authz Module
  1.6 MultiSite and Subversion password files
  1.7 Quorum recommendations
  1.8 Firewalls and virus scanners
  1.9 Deployment checklist
  1.10 Creating a new Subversion repository?
  1.11 Configuring Apache
        1.11.1 Changing Subversion port (Unix)
        1.11.2 Sharing Apache, and Using HTTPS
        1.11.3 Using HTTP with Apache
        1.11.4 Apache and SVNKit
        1.11.4.1 SVNKit and Connection Pooling
        1.11.4.2 Optimize Your Configuration
        1.11.5 Apache 2.2/SVN-DAV (Windows)
2 Installing Java and Perl
  2.1 Installing Java
  2.2 Installing Perl

Installation
1. Installation overview
2. Starting the installation
  2.1 Starting the installation
  2.2 Place your license key
3. Run the setup file
4. Complete setup through a browser
5. Login to the admin console
6. Setting up additional nodes
7. Create a replication group
8. Copy the installation files manually
9. Post installation configuration
  9.1 Using pre-commit hooks

Upgrade
1. Upgrade using the upgrader script
2. Upgrade using backed-up data
3. Backup your settings
4. Delete directories
5. Extract and run the setup file
6. Browser based setup
7. Import your saved settings

User Guide
1. Procedures
1.1 Disabling Access to Subversions
  1.1.1 (selected nodes)
  1.1.2 (all nodes)
1.2 Establishing a baseline for replication
    1.2.1 Copying the Subversion Database
    1.2.2 Synchronizing with an older copy
    1.2.3 Copying Over the Network
    1.2.4 Sending repositories on disk
1.3 Finding the Last Committed Transaction
1.4 Adding a repository to a replication group
1.5 Removing a Repository from the Replication Group
1.6 Moving a Repository to another replication group
1.7 Adding a Node to the Replication Group
1.8 Removing a Node from the Replication Group
1.9 Creating a New Replication Group
    1.9.1 Considerations
    1.9.2 Considerations for Majority Quorum
    1.9.3 Procedure
1.10 Deleting a Replication Group
1.11 Emergency Reconfiguration of Quorum
1.12 Changing a prefs.xml File
    1.12.1 Changing One Node's prefs.xml File
    1.12.2 Changing All Nodes' prefs.xml Files
1.13 Performing a Synchronized Stop
1.14 Verifying That the replicator is working
1.15 Installing an updated .jar File
1.16 Changing the Distinguished Node
1.17 Using Subversion triggers for sending e-mails
1.18 Toggling the Quorum Check
1.19 Changing the admin console username
1.20 Changing the admin console password
1.21 Resetting or recovering the admin console password
    1.21.1 Restore the admin console password
    1.21.2 Reset the admin console password as "wandisco"
1.22 Setting Up Hooks"
    1.22.1 Pre-Replication Hook"
      1.22.1.1 Configuration
      1.22.1.2 Repository-Specific Hooks
1.23 Selective Replication
1.24 Updating Apache or Subversion
1.25 Checking Repository Consistency

2. Replicator Management
2.1 Setting Replicator to Start Up on System Boot
2.2 Setting up the Replicator as a Windows Service
2.3 Changing the Quorum Type
2.4 About Watchdog Mode
2.5 Temporary Files

3. Troubleshooting
3.1 How Do I Get WANdisco Support?
3.1.1 How Do I Run the Talkback Script?
3.2 General Subversion MultiSite
    3.2.1 Connection Request Timeout Messages
    3.2.2 VPN, NAT, Firewall Timeouts
    3.2.3 A node is in read-only mode
3.3 Error messages
    3.3.1 Missing License Key file
    3.2.1 Connection Request Timeout Messages
    3.3.2 I'm getting a severe exception
    3.3.3 Compressed Stream Invalid
    3.3.4 Java consistency check on relicator restart
3.4 Oops!
    3.4.1 I Directly Committed to Subversion, How Do I Rsync?
    3.4.2 I Pressed Ctrl-C During a Subversion Command

4. Frequently Asked Questions
4.1 Why Are So Many Java Processes Running?
4.2 Can I Store Logs or Content on NFS?
4.3 Why is Installer Configuring IP Addresses as 0.0.0.0?
4.4 Should I Worry About Time Changes or Time Zones?
4.5 Does WANdisco Support Dynamic DNS?
4.6 Can I Use SSH Tunnel to Navigate a Firewall?
4.7 WANdisco Authentication
4.8 Encryption Around WANdisco Protocol
4.9 How Do I Restrict Direct Access to My Repository?
44.10 About MultiSite log files
4.11 How do I deal with failover agent failure?

5 Guide to the Admin Console
5.1. Security
  5.1.1 Create Roles
  5.1.2 List Roles
5.2. User Administration
  5.2.1 Create User
  5.2.2 List Users
  5.2.3 Import Users
  5.2.4 Change Admin Password
5.3. Group Administration
  5.3.1 Create Group
  5.3.2 List Groups
  5.3.3 Assign Users
  5.3.4 Remove Users
  5.3.5 Import Groups
5.4. ACL Administration
  5.4.1 Create ACLS
  5.4.2 List ACLS
  5.4.3 ACL Options
5.5. System
  5.5.1 Log Viewer
  5.5.2 System Settings
  5.5.3 Transaction Status
  5.5.4 Log Level
  5.5.5 Free Memory
  5.5.6 Dashboard
  5.5.7 Export Settings
  5.5.8 Import Settings
5.6. Proxy
  5.6.1 Proxy Status
  5.6.2 Log Viewer
  5.6.3 SVN Settings
  5.6.4 Email Settings
  5.6.5 Change Distinguished Node
  5.6.6 Stop Proxy
  5.6.7 Shut Down Node
  5.6.8 Nodes
  5.6.9 Replication Groups
  5.6.10 Replication Group History
5.7 Reports
  5.7.1 Configure URI
  5.7.2 User Group Report
  5.7.3 Audit Reports

1. Introduction

This technical guide will help you understand the underlying technology and technical concepts that relate to WANdisco's Subversion MultiSite software.

We'll be using terms like "node" and "replication group" without explaining what we mean. Check out the Glossary for an explanation of these and other WANdisco terms.

2. MultiSite Overview

Subversion is designed to run as a central server to which multiple Subversion clients connect. WANdisco's replication technology makes it possible to have multiple active replicas of a Subversion repository that are in synch. The Subversion replicas can be anywhere on a WAN - distributed throughout a company's campus or throughout the world. WANdisco users experience the performance of a local Subversion repository, with the semantics of a single shared Subversion repository. We call this "active replication with one-copy-equivalence."

Replication ensures that each replica acts as a hot backup to every other replica. If a local server experiences a problem that takes it offline, only local users are disrupted, the rest of the replication group continues as normal.

Example Replication Group

This illustration shows a replication group with five Subversion severs.

WANdisco offers a High Availability solution that ensures no disruption in service. Even if a Subversion server failed, a local backup takes over so service is uninterrupted. High Availability sub groups reside on a LAN, which can either be implemented stand-alone for a local Subversion server, or as part of the WAN-based MultiSite.

MultiSite with High Availability

This illustration shows a MultiSite group of six nodes at four locations, with two High Availability sub groups of two nodes. Each High Availability sub group contains a Failover Agent, a stateless member of the replication group.

Subversion MultiSite acts as a proxy between the Subversion Server and clients. An instance of the proxy runs at each replica. All the communication paths involved in the operation of WANdisco are illustrated in diagram above.

3. WANdisco MultiSite Concepts

All MultiSite nodes are synchronized at all times: each Subversion repository is a functional replica of the others. WANdisco replication technology is the concept of one repository, multiplied. Because there are multiple synchronized repositories, each replicated node is effectively a current hot backup, which makes disaster recovery easy to plan and implement.

The Subversion usernames and passwords on all repository hosts must match. This is required because MultiSite creates a peer-to-peer replication system. Any replica of the Subversion repository is accessible by every valid Subversion user. WANdisco offers the user the option of having MultiSite manage the Subversion password file.

3.1 How Replication Works

The sites in the replication group are continuously coordinating the Subversion write transactions users are making. The group establishes transaction ordering through the agreement of a quorum of replicas. When you install the first node, that node by default is the distinguished node with Singleton quorum. When you create the replication group that includes other nodes, you select the quorum type best suited to your configuration. For which quorum is best for particular situations, see Quorum Recommendations.

Singleton Quorum Singleton Response quorum - only one of the nodes in the membership decides on the transaction order. With Singleton Response quorum, the node that decides transaction ordering is called the distinguished node. The Singleton quorum offers the fastest response time for those users working at the distinguished node, because as soon as the distinguished node determines that a transaction can be processed in the correct order, the transaction is sent to Subversion. Any replicator except the distinguished node can go down, but the replication group continues. The replication group replays the missing transactions when that node rejoins the group. However, the Singleton quorum also represents a single point of failure, since replication halts if the distinguished node fails.

Majority Quorum Majority Response is another quorum option, whereby you specify that a majority of the sites must agree on transaction order before any transaction is committed. Having a majority quorum ensures that if one site goes down in a replication group, even the distinguished node, the other sites can continue uninterrupted, as long as a majority of the sites remain available. The replication group replays the missing transactions when that site rejoins the group.

In a majority quorum, the distinguished node?s role is that of a tie-breaker. For example, in a four node replication group, three sites make the quorum (three sites must agree about transaction ordering). If two nodes want one transaction first, and the other two want another transaction first, then the distinguished node gets a weighted vote. The group with the distinguished node determines the transaction ordering. With an even number of nodes with majority quorum, you can schedule the distinguished node to rotate to different nodes around the world, to "follow the sun".

Unanimous Quorum The last quorum option is unanimous response, which requires that all replicators must be reachable to accomplish transaction ordering.

3.2 Replication Example

Here is an overview of what occurs when a write transaction is received by any replicator in the replication group.

1. The originating client sends the transaction to Subversion MultiSite, which passes it along through the replication group.
2. Transaction data is successfully received by the quorum (the distinguished node for Singleton quorum, or a majority of sites for Majority quorum). The quorum assigns the transaction a Global Sequence Number (GSN).
3. After receiving the transaction, each Subversion MultiSite passes the transaction data to its local Subversion server.
4. Each local Subversion server processes the transaction.
5. Subversion MultiSite waits for Subversion to complete the transaction. Subversion MultiSite only marks the transaction complete when Subversion returns a completion status. If for some reason replication goes down during this process (the replicator crashes, is stopped by an admin or the server it's running on shuts down), Subversion MultiSite does not mark the transaction as complete, and it gets reprocessed upon replication restart.

3.3 WANdisco is Listening

There is a field in the Admin Console that tells you whether WANdisco is accepting any incoming Subversion client requests. Replication still continues among the WANdisco sites, whether WANdisco is listening or not at one or more sites.

You can turn the listening on and off through the Admin Console (through the Start Proxy and Stop Proxy commands). Issuing the Stop Proxy command on a site puts that Subversion server in read-only mode.

The following illustration shows Sites 2 and 5 are not listening. (An administrator executed the Stop Proxy command for those sites.) Replication continues, and Sites 2 and 5 are still receiving and processing replicated transactions originating from the other sites. However, Subversion users at Sites 2 and 5 cannot make any write transactions. Once an administrator issues the Start Proxy command for Sites 2 and 5, the local Subversion users can again issue Subversion commands.

For High Availability sub groups, shutting down the Failover Agent stops WANdisco from accepting local client requests.

Please follow your company guidelines in regards to notifying Subversion users of maintenance.

3.4 Synchronized Stop of All Sites

When an administrator issues a synchronized stop command, the Subversion servers stop accepting write commands from clients. Pending transactions are processed, but no new write transactions are accepted. Subversion users continue to have read access to the repository, but cannot perform write operations, such as commit or lock.

When an administrator issues a resume command, the WANdisco proxies restart and begin accepting write transactions.

4. Handling Node and Network Failure

4.1 Node Failure

For Singleton Response quorum: say you have a five node replication group, spread across three continents. One of the nodes goes down. Replication continues at the remaining nodes, as long as the quorum is reached, although users connecting to the downed node are read-only until that node can reach the quorum.

As soon as a node comes back up, the replication group catches up the node on its missing transactions, so that all nodes are again synchronized.

For Majority Response quorum: say you have a five node replication group. One or two nodes could go down, and replication would continue at the other nodes, as long as a majority of nodes remain up. The one or two downed nodes go into read-only mode. As soon as a node comes back up, the replication group catches up the node on its missing transactions, so that all nodes are again synchronized.

4.2 Network Failure

If a network link goes down for one node, and outside connectivity is completely lost, there are two possible scenarios, depending on your quorum:

• If you have Singleton quorum, and the distinguished node's network link goes down, the distinguished node alone can make progress. The Subversion users local to the distinguished node continue working uninterrupted, while users at other sites in the replication group can make only read operations (like up, co, log, etc.) working with stale data.
• If you have Majority quorum, and one site's network link is lost, then users at that site can execute only read operations (like up, co, log, etc.) working with stale data. Providing that the remaining sites can still meet quorum (having a majority of sites responding), the other sites continue working uninterrupted

When connectivity is restored or the errored node is back online, the local node syncs up with the replication group automatically. First, the local node consults its local recovery journal (similar to a database redo log), and then, if necessary, attempts recovery from any of the quorum sites.

The recovery infrastructure and details of WANdisco fault-tolerance can be found at http://www.wandisco.com/pdf/dcone-whitepaper.pdf.

Copyright © 2010 WANdisco
All Rights Reserved

This product is protected by copyright and distributed under licenses restricting copying, distribution and decompilation.