We have, unfortunately, for the time being, very few design choices with Zentyal:
- because Zentyal doesn't provide any feature that would offer high(er) availability
(1), the remaining choice is
active/passive cluster, using either highly available SAN or DRBD based on
dedicated network. As said above, "quorum" node is required too.
- if Zentyal evolves toward something more flexible
(2), we can think about better and lighter but more complex redundant design where only services that need "data" replication will be part of this active/passive cluster, others being redundant, therefore with higher availability.
- thinking about Zentyal landscape alone would result in truncated view. E.g, look at network
(3) - again and again, backup strategy must also be part of your HA design: what if you wrongly delete accounts or corrput your DB? This operation will be quickly duplicated and cluster will not help. Is current Zentyal backup fitting your needs or would you dream about snapshot with quicker rollback?
Because of this and depending of your RPO/RTO requirements, it may happen that "state-of-the-art" highly available Zentyal platform is far too much for SMB market and more efficient approach is active/passive cluster. This is, for one part, due, IMHO, to the "all-in- one" initial design. But one can't have both "easy to manage simple box" and (complex) highly available environment. There is no such thing as a free lunch isn't it?
(1)Zentyal is not designed to handle "multiple Zentyal box" management. in case of multiple Zentyal servers, there is no "service redundancy" but different services, per server.
- no DNS replication, zone transfer but local DNS
- one single mail service per mail domain
- LDAP replication still not flexible enough (+ internal LDAP for Samba)
(2)If Zentyal was able to split "infrastructure" services then handle high availability at this level and permit to configure "front-end services" (i.e. end-users oriented services") so that it can benefit from the highly available Zentyal infrastructure, then we could imagine to have:
- redundant DNS, LDAP, NTP, Kerberos, CA
- multiple MTA, HTTP proxy, web servers (?),
- failover (meaning active/passive mode) for file sharing, DHCP
- we should then look at all Zentyal services and decide whenever we can or want to have it redundant or in failover mode.
(3)Highly available Zentyal doesn't make sense without highly available network, at least for the core part. This means that one should think about redundancy in term of service and server but also in term of network, to be split into core network and end-user network, including dedicated network for DRBD and heartbeat.