In This Section: |
High Availability is redundancy and database backup for management servers. Synchronized servers have the same policies, rules, user definitions, network objects, and system configuration settings.
Management High Availability uses the built-in revisions technology and allows the High Availability procedure to synchronize only the changes done since the last synchronization. This provides:
The first management server installed is the primary. If the primary Security Management Server fails, or is off line for maintenance, the administrator can initiate a changeover, so that the secondary server takes over.
Notes:
A Management High Availability environment includes:
For full redundancy, the active management server at intervals synchronizes its database with the secondary server or servers.
Active vs. Standby
In a standard High Availability configuration there is one Active server at a time. The administrator uses the Active server manage the High Availability configuration. The Active server automatically synchronizes the standby server(s) at regular intervals. You can open a Standby server only in Read Only mode. If the Active server fails, you can initiate a changeover to make a Standby server become the Active server. If communication with the Active server fails, there may be more than one Active server. This is called Collision Mode.
Primary Server vs. Secondary Server
The sequence in which you install management servers defines them as Primary or Secondary. The first management server installed becomes the Primary active server. When you install more Security Management Servers, you define them as Secondary. Secondary servers are Standby servers by default.
Important notes about backing up and restoring in Management High Availability environment:
For more information:
migrate export
and migrate import
commands, see the R80.20 CLI Reference Guide.mds_backup
and mds_restore
commands, see the R80.20 Multi-Domain Security Management Administration Guide.In the SmartConsole connected to the Primary server, create a network object to show the Secondary Security Management Server. After you publish, synchronize starts between the primary and secondary servers.
To configure the secondary server in SmartConsole:
This automatically selects the Secondary Server, Logging and Status, and Provisioning.
On publish, the initialization and synchronization between the servers start.
At intervals, the Active server synchronizes with the standby server or servers, and when you publish the session. Sessions that are not published are not synchronized.
The High Availability Status window shows the status of each Security Management Server in the High Availability configuration.
To see the server status in your High Availability environment:
The High Availability Status window opens.
For the management server and its peer or peers in the High Availability configuration, the High Availability Status window shows:
Status messages can be general, meaning that they apply to the full system, or they can apply to a specified active or standby server. General messages show in the yellow overview banner.
General Status messages in overview banner |
Description |
---|---|
|
The database of the primary Security Management Server is identical with the database of the secondary. |
Some servers could not be synchronized |
A communication issue prevents synchronization, or some other synchronization issue exists. |
|
The active and standby servers are not communicating. |
Communication Problem |
Some services are down or cannot be reached. |
Collision or HA conflict |
More than one management server configured as active. Two active servers cannot sync with each other. |
When connected to a specified active management server:
Status window area: |
Peer Status |
Additional Information |
---|---|---|
Connected to: |
Active |
SmartConsole is connected to the active management server. |
Peers |
Standby |
The peer is in standby. The message can also show:
|
|
Not communicating, last sync time |
|
|
Active |
A state of collision exists between two servers both defined as active. |
When connected to a specified standby management server:
Status window area: |
Peer Status |
Description |
---|---|---|
Connected to: |
Standby |
Also shows: last sync time. |
Peers |
Active |
The peer is in standby. The message can also show:
|
|
Standby or Unknown |
Can also show: no communication. |
Changeover between the primary (active) and secondary (standby) management server is not automatic. If the Active fails or it is necessary to change the Active to a Standby, you must do this manually. When the management server becomes Standby it becomes Read Only, and gets all changes from the new Active server.