Designing a Multi‑Dimensional High‑Availability Architecture for a Game Access System

When discussing high‑availability (HA) architecture, most focus on system‑level structures such as master‑slave, cluster, or multi‑data‑center designs, but technology alone cannot guarantee 100% uptime; real‑world incidents show that even robust systems fail.

The author distinguishes between "system‑oriented" HA and "business‑oriented" HA, advocating the latter, which aligns HA goals with actual business impact rather than merely technical redundancy.

For Alibaba's Jiuyou game access system, which handles login, registration, payment, and CP verification, the team set a concrete HA target: locate issues within 3 minutes, restore services within 5 minutes, and limit incidents to at most one every two months—equivalent to a 4‑nine (99.99%) availability metric.

To meet this target, three sub‑goals were defined: (1) prevent problems as much as possible, (2) quickly locate problems, and (3) quickly recover business, emphasizing business recovery over root‑cause elimination.

The solution includes client‑side retry combined with HTTP‑DNS: clients retry failed requests, while HTTP‑DNS replaces unreliable traditional DNS during incidents, providing fast address updates without the latency of full DNS propagation.

Function separation and degradation were introduced: core functions (e.g., login, registration) are isolated from non‑core functions (e.g., messaging, logging) both logically and physically, allowing non‑core services to be disabled instantly via a backend control panel when issues arise.

For multi‑active deployment, the team moved from traditional cross‑city or same‑city multi‑data‑center models to a business‑driven approach that uses asynchronous data distribution, secondary reads, and deterministic data generation to achieve eventual consistency while preserving real‑time consistency for critical data.

A three‑dimensional, automated, visual monitoring system was built to collect metrics from the business layer, application service layer, interface call layer, infrastructure component layer, and hardware layer, enabling fault information to be displayed instantly and reducing the time to locate issues to the required three minutes.

Overall, the architecture combines business‑focused HA goals, client‑side resilience, functional isolation, intelligent multi‑region data handling, and comprehensive monitoring to meet the stringent availability requirements of a large‑scale game platform.