v2.25 Preview Preview release - not for production v2024.2 LTS Stable release with long-term support v2024.1 STS Stable release with standard-term support v2.20 LTS Stable release with long-term support Unsupported versions

Planned switchover

Switch application traffic to the DR replica

Planned switchover is the process of switching write access from the DR primary to the DR replica without losing any data (zero RPO). Planned switchover is typically performed during a maintenance window.

Switchover can be used by enterprises when performing regular business continuity or disaster recovery testing. Switchover can also used for failback purposes. That is, after a Failover followed by a Repair DR, you can use switchover to switch traffic back to the original DR primary after it is brought back online.

Perform switchover

First, confirm there is no excessive lag between the DR primary and replica. You can monitor lag on the xCluster Disaster Recovery tab.

While the switchover task is in progress, both universes are in read-only mode and reject write operations.

If the DR configuration has any tables that don't have a replication status of Operational, switchover will be unsuccessful. In that case, you can do one of the following:

Verify that the list of tables in the DR primary's database(s) match the list of tables in the DR replica's database(s). Switchover will fail if there is a mismatch in this list.

Use the following steps to perform a planned switchover:

  1. Ensure there is no significant lag between DR primary and replica, and that there are no critical alerts active on either universe.

  2. Stop the application traffic on the DR primary.

  3. Navigate to your DR primary universe xCluster Disaster Recovery tab and select the replication configuration.

  4. Click Actions and choose Switchover.

  5. Enter the name of the DR replica and click Initiate Switchover.

    The switchover process waits for all remaining changes on the current DR primary to be replicated to the DR replica.

  6. Resume the application traffic on the new DR primary.

Abort, retry, and rollback

While in progress, the swtchover task is displayed on the universe Tasks tab. From there you can abort, retry, and roll back the switchover task.

During switchover, writes to both universes are rejected until the task completes. The Abort, Retry, and Rollback options provide flexibility in case the switchover is taking too long, and you want to quickly restore write availability on at least one universe.

If a switchover task fails or you abort it, you have the option to roll back to the previous state, keeping the current primary universe as primary and the replica universe as replica.

Rollback is only possible if the switchover hasn't progressed beyond a certain point. If you make a rollback request beyond this point, the system will return an error indicating that rollback is no longer possible. At that stage, the new primary universe will already be able to accept writes.

To revert roles, you must retry the original switchover to success, and then (if needed) initiate a new switchover task to swap roles again.