Failover is the process of reconfiguring the application so that the secondary takes over as the new primary. This might be a planned activity, such as bringing down the primary system for hardware maintenance, or it may be unplanned such as maintaining application availability when the primary system or the network to the primary goes down.
Implementing and managing failover is outside the scope of GT.M. In designing failover, it is important to ensure that:
There is only one primary at any one time, and database updates only occur on the primary system. If there is no primary system, the application is not available.
Messages received from clients during a failover are either rejected, so the clients will timeout and retry, or are buffered and sent to the new primary.
If the former primary continues operation or is back online after a crash, it must operate as a secondary.
Failing to follow these rules may result in the loss of database consistency between primary and secondary systems.