High Availability Click Studios' offers an optional High Availability module for Passwordstate, which by default provides a read-only replica of your production installation in an active/passive configuration.

With the High Availability module, users are able to perform all normal operations within Passwordstate, except those which modify data in the database. It's purpose is to provide you access to view your passwords in the event your production installation becomes unavailable for whatever reason.


Architectural Options

The standard design for the High Availability module is an active/passive configuration, where you have two separate web and database servers, and data is replicated one direction from the primary database server to the High Availability database server - as per the 'Active/Passive Configuration' diagram below.

With this design, the High Availability web site is read-only, and should rarely be accessed - unless you have an extended outage on your primary server.

It's also possible to configure the High Availability module in Active/Active configuration, although this requires an additional hardware appliance such as Citrix Netscaler, or F5 Load Balancer - to monitor the availability of the two web sites, and automatically fail over between them as required.

In the 'Active/Active Configuration' diagram below, it demonstrates the use of such a hardware load balancer, as well as SQL Server 2012 High Availability Groups - where bidirection data replication occurs real-time.

Active/Passive Configuration

Active/Active Configuration

Passwordstate Architecture Diagram - Active/Passive Passwordstate Architecture Diagram - Active/Active


Auditing

If using the active/passive configuration, the High Availability web site is read-only by default. Even though users cannot update data on the HA server, full auditing is still recorded locally, and then replicated back to the primary server once available again.