SQL Server myth 30th talk about the 11th day mirroring can fail over in an instant after a fault is detected _mssql

Myth #11: Mirroring can fail over instantaneously after a fault is detected

Error

Failover of database mirroring can be initiated either automatically or manually.

In the case of automatic initiation, a failover operation is performed by the mirror server (you are not mistaken, it is not a decision by the witness to fail over), both the witness and the mirror server are found unable to exchange information with the principal server (this process is called "form Quorum", the translator notes: That is, the cluster is supervised through the program, the cluster can be based on the algorithm from the regulatory process, such as according to: Each node configuration, file sharing, disk access, the availability of each node to determine whether the cluster is available, and mirroring is synchronized, you can failover. (Translator Note: The so-called synchronization means that the principal server must wait for the mirror server's log write before it can commit the transaction.) Performance is worse than asynchronous, but more secure and does not require SQL Server to be an enterprise version.

Manual failover is initiated by you, either manually because there is no witness (so that it cannot be "formed"), or if the mirror is not "synchronized" while the principal server is currently having a problem.

When a principal server fails, the mirror server does not go online until the journal queue Redo completes (the so-called log queue is the log that is passed by the principal server to the mirror server, but not yet on the mirror server replay). Even if you mirror the running mode of synchronization, only the log is written to the mirrored disk, but the log is not guaranteed to be replayed on the mirror server. For failover, the mirror server must go through the roll forward phase before it can be online. But the roll back phase is only done when the mirror is online.

In the SQL Server Standard Edition and the Enterprise Edition where the CPU is below 5 cores, Roll forward has only one thread. For Enterprise Edition and CPU redundant 5 cores, allocate a roll forward thread for each 4 cores. So it's clear that the time it takes to failover depends on the size of the queue that needs to be redo for the log, the number of CPUs, and the load on the mirror server.

Since it is believed that mirroring works in a synchronized manner, it can be quickly failover, so few people detect log redo queues. However, since the size of the redo queue determines the size of the downtime when the failover occurs, it is important to detect the redo queue for a mirrored server.

For more detailed articles here, you can see: Estimating the Interruption of Service During role switching