Configuring Hot Standby Redundancy
  • 05 Feb 2024
  • 10 Minutes to read
  • Contributors
  • Dark
    Light
  • PDF

Configuring Hot Standby Redundancy

  • Dark
    Light
  • PDF

Article summary

Configuring redundancy involves the following tasks:

A. Obtain all the information that you will need for the procedures.
See Information Needed to Configure Hot Standby Redundancy.

B. Ensure that all required appliances are installed.
See Ensuring All Required Appliances Are Installed.

C. Perform basic configuration of all appliances at both sites.
See Basic Appliance Configuration.

D. Copy the license file for redundancy to both sites.
See Copying the License File to Both Sites.

E. Configure and start the redundancy.
See Configuring and Starting Redundancy.


CAUTION: For all changes to the redundancy configuration, a redundancy restart is required for the change to take effect.

Information Needed to Configure Hot Standby Redundancy

InformationSite-ASite-BNotes
For KVM host or VMware host IP adress of applianceOnly for deployments with virtual appliances. Credentials of root account are required
username/passwordOnly for deployments with virtual appliances. Credentials of root account are required
Host name of applianceMust be unique for entire Skylight orchestator system.
IP address/CIDR for management interfaceWill be used for interface eth0
IP address/CIDR for replication interfaceTypically used for interface eth1
IP address/CIDR for monitoring interfaceTypically used for interface eth2
Default gateway IP address
Static routes
Preferred siteOptional. Possibly values: none (default), site-A, site-B. See Preferrred Site and Recovery After Failover.
Virtual IP address[single address for both sites][single address for both sites]Optional. Same subnet should be present at both sites.
Primary interface for Virtual IP addressOptional, Virtual IP primary interface name (for expample, eth4) is optional. Defaults to eth0 if not set.
IP addresses of DNS serversCan set one or two.
IP addresses of NTP servers[list of NTP servers used for all appliances][list of NTP servers used for all appliances]Can set two or more.
Redundancy license fileObtained from Accedian Technical Support
Automatic failoverEnable (default) Disable (need to disable)Enable (default) Disable (need to disable)For more information, see Disabling Automatic Failover

Basic Appliance Configuration for Hot Standby Redundancy

Configuration taskProcedure in User MaterialNotes
Configure the management interfaceEditing the MGMT InterfaceThe management interface is normally eth0
Set host nameEditing the HostnameHost names for all appliances must be unique for the entire deployment (both sites).
Configure NTP clientConfiguring the NTP ClientThe same list of NTP servers must be set on all appliances at both sites.
Configure DNS serversSetting DNS ServersThe same list of DNS servers must be set on all appliances at both sites.
Add an interface for data replicationAdding an InterfaceTypically assigned to interface eth1 Address must be in IPv4 format.
Add an interface for monitoringAdding an InterfaceTypically assigned to interface eth2 Address must be in IPv4 format.
Add routes (optional)For information about route commands, see the Skylight Appliance Monitor Command Reference.Although not required, we recommend routing the traffic of the monitoring and replication interfaces over a distinct gateway. Sending all traffic to the default gateway will work but will become a single point of failure that could result in a split brain condition.

Ensuring All Required Appliances Are Installed

You must ensure that all appliances required at Site-A and Site-B have been installed and are connected to the network.

If you are setting up redundancy for an existing Skylight orchestrator system, you will need to install the required appliance(s) at the additional site.

If you are moving from a Warm Standby setup to a Hot Standby setup, note that the database of the second site will be wiped out when Hot Standby Redundancy is enabled.

For detailed information about installing appliances, see:

Accessing the Appliance Console

All procedures must be performed in the console of the appliance being configured. You can connect to the console of an appliance in one of these ways:

  • Use an SSH client
  • Access the console of a virtual appliance from the host

The procedures must be executed as the visionems user. You must know the account credentials.

Basic Appliance Configuration

The following table summarizes the basic configuration that is required on all appliances at both sites. It also gives you links to the relevant configuration procedures in this guide or other manuals.

Basic Appliance Configuration for Hot Standby Redundancy

Configuration taskProcedure in this guideNotes
Configure the management interfaceEditing the MGMT interfaceThe management interface is normally eth0
Set host nameEditing the HotnameHost names for all appliances must be unique for the entire deployment (both sites).
Configure NTP clientConfiguring the NTP ClientThe same list of NTP servers must be set on all appliances at both sites.
Configure DNS serversSetting DNS ServersThe same list of DNS servers must be set on all appliances at both sites.
Add an interface for data replicationAdding an ubterfaceTypically assigned to interface eth1. Address must be in IPv4 format.
Add an interface for monitoringAdding an InterfaceTypically assigned to interface eth2. Address must be in IPv4 format.
Add routes (optional)For information about route commands, see the Appliance Monitor Command Reference.Although not required, we recommend routing the traffic of the monitoring and replication interfaces over a distinct gateway. Sending all traffic to the default gateway will work but will become a single point of failure that could result in a split brain condition.

The basic configuration must have been done on all appliances. All procedures must be performed on newly installed appliances. Certain procedures can be skipped on previously installed appliances. The number of appliances that must be configured depends on the installation scenario:

  • If you are setting up a second site for an existing Skylight orchestrator system consisting of a single Skylight orchestrator appliance, you must configure the appliance at the new site only.
  • If both sites are new installations and each site only includes a single Skylight orchestrator appliance, you must configure both appliances.

Copying the License File to Both Sites

The redundancy feature requires a license. The license must be available on the appliances on both sites so that you can import it during the procedure in the next section.

You will need an SCP client (such as WinSCP) on your computer.

  1. Obtain the license file from Accedian Technical Support and save to your computer.

  2. Copy the license file to Site-A:
    a. Use the SCP client and the visionems account to access the Skylight orchestrator appliance for Site-A.
    b. Copy the redundancy license file from your computer to the /data directory on the appliance for Site-A.

  3. Copy the license file to Site-B:
    a. Use the SCP client and the visionems account to access the Skylight orchestrator appliance for Site-B.
    b. Copy the redundancy license file from your computer to the /data directory on the appliance for Site-B.

  4. If you are not already logged in on the appliance console, log in as the visionems user.
    The Skylight prompt is displayed.


    Note: Perform this procedure in the console of the Skylight orchestrator appliance for Site-B.

  5. Import the license for the redundancy feature by entering:
    redundancy license import filename fullPath/licenseFilename
    Example of full path and filename: /data/drbd-proxy.license

  6. If you are not already logged in on the appliance console, log in as the visionems user.
    The Skylight prompt is displayed.


    Note: This procedure is performed in the console of the Skylight orchestrator appliance for Site-A.

  7. Import the license for the redundancy feature by entering:
    redundancy license import filename fullPath/licenseFilename
    Example of full path and filename: /data/drbd-proxy.license

Configuring and Starting Redundancy

The procedures in this section cover all the tasks required to configure and start the redundancy feature, this procedure needs to be executed on Site-A only.
You will need to set the preferred site, including:

  • Configure the virtual IP
  • Start the redundancy feature
  • Test that the redundancy feature is operating normally.

To configure redundancy

  1. Configure redundancy by entering these commands:
    redundancy config site-a hostname nameSiteA
    redundancy config site-a replication-ip a.a.a.a
    redundancy config site-a monitor-ip c.c.c.c

    where:
    nameSiteA is the hostname that was previously assigned to the appliance of Site-A.
    a.a.a.a is the address of the interface previously configured for data replication.
    c.c.c.c is the address of the interface previously configured for monitoring.


CAUTION: You must configure and activate redundancy on Site-A. The configuration will be automatically replicated to Site-B.

  1. Configure redundancy by entering these commands, and provide Site-B details:
    redundancy config site-b hostname nameSiteB
    redundancy config site-b monitor-ip b.b.b.b
    redundancy config site-b replication-ip d.d.d.d

    where:
    nameSiteB is the hostname that was previously configured for the appliance at Site-B
    b.b.b.b is the address of the interface previously configured for data replication
    d.d.d.d is the address of the interface previously configured for monitoring

  2. If you want to designate the preferred site (this will be the active site at startup and after recovery from a failover), enter:
    redundancy config preferred siteOption
    where:
    siteOption is your choice of preferred site. Possible values: none (default), site-a, site-b

  3. Configure the virtual IP for the Skylight orchestrator system as follows:


Note: By default, the virtual IP state is enabled.

If the user needs to configure the virtual IP, they must follow the two steps below.

a. Set the virtual IP address by entering:
redundancy config virtual-ip vip-address e.e.e.e
where:
e.e.e.e is the virtual IP address (previously configured for the Skylight orchestrator system)

b. Configure the primary interface associated with virtual IP address:
redundancy config virtual-ip vip-primary-interface ethX
where:
ethX is the primary interface (previously configured for the virtual IP address)

If the user does not need to configure the virtual IP, enter:
redundancy config virtual-ip vip-state disable


CAUTION: The next step (disabling auto-failover) is NOT recommended. For more information, see Disabling Automatic Failover.

  1. If you want to disable automatic failover, enter:
    redundancy config auto-failover disable
  2. Display the redundancy configuration by entering:
    redundancy show configuration
    The configuration should be similar to the following:

22.png

  1. Start the redundancy feature by entering:
    redundancy control start
    After a short delay, redundancy becomes operational and the Skylight prompt is displayed. If a preferred site has been set, it is the active site. If preferred site is set to none (default value), Site-A is the active site. Data is being replicated from the active site to the passive site. Connectivity between the two sites is being monitored.

  2. Check whether the redundancy feature is operating normally by entering:
    redundancy test
    The test checks that redundancy is configured properly and that data replication is taking place. The results are displayed.

Disabling Automatic Failover

By default, redundancy is configured with automatic failover enabled. The system will determine when it is necessary to switch from the active to the passive site and will do so without human intervention.

If you prefer to decide when to fail over from the active site to the passive site, you can change the redundancy configuration to disable automatic failover. If you disable automatic failover, replication and monitoring will continue. It will be necessary to manually switch from the active site to the passive site in the event of a failure on the active site. See the redundancy control switch command in Controlling Redundancy.

If you decide to disable automatic failure, we recommend that you do so during the initial configuration of redundancy. See Configuring and Starting Redundancy.

To change the automatic failover configuration

If you decide to disable automatic failover after redundancy has been started, you can do so as explained in this procedure. You can do this on the appliance at Site-A.

  1. If you are not already logged in on the appliance console, log in as the visionems user.

  2. Stop the redundancy feature by entering:
    redundancy control stop

  3. Ensure that redundancy has been stopped by entering:
    redundancy show status
    The output should indicate that the global status is Stopped.

  4. To disable the automatic failover configuration, enter:
    redundancy config auto-failover disable

  5. Ensure that redundancy configuration has changed by entering:
    redundancy show configuration
    The output should indicate that auto-failover has been Disabled.

  6. Start the redundancy feature by entering:
    redundancy control start

  7. Ensure that redundancy has been started by entering:
    redundancy show status
    The output should indicate that the global status is Started.

© 2024 Accedian Networks Inc. All rights reserved. Accedian®, Accedian Networks®,  the Accedian logo™, Skylight™, Skylight Interceptor™ and per-packet intel™, are trademarks or registered trademarks of Accedian Networks Inc. To view a list of Accedian trademarks visit: http://accedian.com/legal/trademarks/. 


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.