Hello everyone,
I am referring to the HA option using SAN as explained in this document.
I am wondering if anyone has implemented HA using SAN and if so, can you please share your experience?
Reading through older posts it looks like the data replication seems to be the preferred way.
Is there any distinct advantage of one method v/s another? We have just started using Splunk and want to do some analysis before commiting to our production setup.
Thanks,
Komal
The SAN overview in that link describes an HA scenario by which you remount a single SAN volume onto a failover server instance when a primary server instance goes down.
There is also another SAN architecture that you can use to achieve an HA and DR position whereby you can enable SAN replication to your DR site. This is my preferred approach.
The alternative approach by using Splunk functionality is configuring your Splunk Forwarders to "auto load balance" and "data clone" over your primary and DR Indexer Clusters, which has additional license cost implications.