CONCEPT Cited by 1 source

Active-passive failover

Definition

Active-passive failover (also: active-standby) is a deployment topology where only one instance (the active) serves traffic at any time, while one or more passive instances stand ready to take over if the active fails. Traffic is routed exclusively to the active; the passive receives no client requests until promotion.

Distinction from active-passive replication

concepts/active-passive-replication refers specifically to database write topology (single writer, read replicas). Active-passive failover is the broader pattern applied to any stateless or stateful service tier — APIs, load balancers, schedulers — where only one should be active.

When active-active hurts: the latency anti-pattern

Running a service active-active across regions while its backing store exists in only one region introduces per-request cross-region latency for every operation that touches the store. This can exhaust client-side connection pools (connections are held longer) and cause cascading timeouts.

The fix: switch to active-passive with the active collocated with the primary database. Failover to the remote instance only when the primary region is unavailable.

Seen in

• sources/2026-06-12-cloudflare-scaling-security-insights — Cloudflare's internal API was active-active in Portland + Amsterdam, but Postgres primary was Portland-only. Amsterdam API calls averaged ~3 seconds vs. 10ms in Portland, exhausting connection pools and causing Kafka partition starvation. Switching to active-passive (API follows primary) fixed it overnight.