Availability and Redundancy Security Reflection - lpcyber1/SEC440 GitHub Wiki

Problem: VRRP Failover time could take too long or if it is frequently changing then it could result in short but unnecessary downtime.

Solution: Fine tune VRRP advertisement interval and priority values to reduce failover time without being too aggressive, which might lead to network instability.

Problem: Galera nodes offer high-availability but can lead to split-brain scenarios where network segmenting causes multiple nodes to believe they are the primary, which can lead to data corruption or inconsistency.

Solution: Deploy an "arbitrator node" to avoid split-brain issues such as Galera Arbitrator (garbd).

Problem: HAProxy distributes traffic among the backend servers, but without proper configuration then the load may not be evenly distributed. This could lead to resource exhaustion on certain nodes while others remain underutilized.

Solution: Make sure to configure load balancing appropriately based on the nature of your traffic using leastconn for fewer connections or roundrobin for evenly distributed traffic.