In addition to the services we've described, there are background services that Application Center runs, namely cluster time synchronization and reliable name resolution.
Application Center provides its own mechanism for ensuring that the internal clocks of all the cluster members are synchronized. The main reason for doing this is to ensure that monitoring and performance data that is logged is time stamped accurately. This is particularly important with performance data, which is collected across the cluster and aggregated.
NOTE
This is not a native operating system service but is provided by the Application Center Cluster Service.
A cluster member's clock may get out of synchronization with the other members because:
The Cluster Time Synchronization Service keeps the cluster member clocks synchronized by replicating the controller's date and time setting:
The design criteria for the Cluster Time Synchronization Service is to keep all member clocks set to within +/- 5 seconds of the time on the controller. However, this level of accuracy may not always be possible because:
The time synchronization service is enabled and disabled in the metabase by setting MD_WEBCLUSTER_DO_TIME_SYNC to 1 or 0 (/AppCenter/Cluster, property ID (5739), type DWORD).
This ability to toggle time synchronization is necessary because it allows you to take advantage of the Reliable Time Service (RTS) of a domain controller, which you should use if you're using Kerberos V5 authentication. (It's possible to break Kerberos V5 authentication because the Cluster Time Synchronization Service is unaware of time settings on the domain controller or ticket granter.) Other situations that may require disabling of the Cluster Time Synchronization Service is the presence of conflicting software services, such as some virus checkers.
At cluster creation time, Application Center checks to see whether the computer that will become the controller is part of a domain. It the controller is part of a domain, the configuration flag is set to 0; if it isn't, this flag is set to 1.
NOTE
The Cluster Time Synchronization Service is active under the same conditions as the System Application, which is to say date and time is synchronized even if a member is out of the synchronization loop. For more information, see Chapter 6, "Synchronization and Deployment."
The Reliable Name Resolution Service ensures that cluster administration services, such as the Cluster Service and the Synchronization Service, only use the back-end network adapters for their traffic. The main reason for this requirement is that network connections on the front-end adapter can be torn down at any time—specifically when TCP/IP or NLB configuration settings get altered. A second, but equally important consideration, is the segregation of production and administration traffic, either for reasons of performance or security. The Reliable Name Resolution Service also helps to ensure that Application Center services do not try to communicate with unusable IP addresses.
The Reliable Name Resolution Service addresses traffic control issues in the following manner.
NOTE
Both the time (in seconds) between host file updates and the update mechanism itself can be controlled via metabase entries. The update interval, which is set to 5 minutes by default, can be changed by editing the 57448 entry. The minimum legal value is greater than or equal to 60 seconds. You can disable the update mechanism by setting the 57449 entry to False.