摘要: 在大型科研装置与工业控制系统中，EPICS架构因其分布式、高实时性的特性被广泛应用，其中IOC作为关键组件，其运行稳定性直接影响控制系统的安全性与数据完整性。针对IOC可能出现的宕机、网络中断等故障风险，本文设计并实现了一套基于高可用集群的EPICS IOC冗余系统。该系统以Pacemaker与Corosync构建集群调度框架，结合ETCD的分布式锁机制与DRBD的块级数据同步能力，实现主备节点的自动切换与数据一致性保障。同时，引入Autosave与Archiver Appliance工具对IOC状态及历史数据进行实时保存与归档。经多组故障模拟实验验证，系统具备良好的容错能力与稳定性，IOC故障切换时长控制在30秒以内，PV数据持续性良好，验证了系统在高可靠性控制应用中的可行性与稳定性。

Abstract: EPICS (Experimental Physics and Industrial Control System) has been widely adopted in large-scale scientific facilities and industrial control systems due to its distributed architecture and real-time performance. As a core component, the IOC (Input/Output Controller) plays a critical role, and its operational stability directly impacts the system’s safety and data integrity. To address potential failures such as controller crashes or network interruptions, this paper proposes and implements a high-availability EPICS IOC redundancy system. The system integrates Pacemaker and Corosync to form a cluster scheduling framework, uses ETCD for distributed locking, and leverages DRBD for block-level data synchronization, enabling automatic failover between the primary and backup nodes while ensuring data consistency. Additionally, Autosave and Archiver Appliance tools are employed to persist IOC states and archive historical data in real time. Experimental validation under multiple fault scenarios demonstrates the system’s robust failover capability and stability. The switchover time between nodes can be controlled within 30 seconds, with no significant interruption in PV data, making the system suitable for high-reliability control applications.