Failover Service for PMP (MS-SQL Server Clusters)

(Feature available only in Enterprise Edition. Applicable only for Windows installations of PMP with MS SQL cluster as backend database.)

Overview

The Failover Service in PMP is also aimed at ensuring uninterrupted access to passwords and other privileged resources. While the 'High Availability' feature in PMP requires two separate database instances to be mapped to the Primary and secondary servers of PMP respectively, the 'Failover Service' functions with redundant PMP server instances which have access to a common MS-SQL cluster, which in turn has multiple PMP database instances bound to it.

Note: Failover Service for PMP allows configuration of a maximum of TWO instances of PMP only.

How does Failover work?

  • There will be redundant PMP server instances which will have access to a common MS-SQL cluster, which in turn has multiple PMP database instances bound to it.
  • Both the instances of PMP server will be primary installations providing read/write access to the users. While one instance acts as the primary, the other will act as the Standby. (Primary, standby and SQL cluster database will be installed on three separate machines)
  • In this setup, PMP installed in the primary will normally be up and running. The standby machine will keep monitoring the primary. The PMP application in the standby is configured to start up and take-over, in case the primary crashes or goes down.
  • When the primary server is brought back to service, it will automatically act as the 'standby'. The server, which was originally configured to act as standby will become the primary.
  • Both the primary and standby servers are bound by a common public IP and the PMP web-interface will always be connected to this specific IP. Irrespective of whether PMP is running on the Primary or Standby server, end-users can anytime connect to PMP using the same public IP.

Note: All three machines should be in the same subnet. In case the primary crashes and goes into an unrecoverable state, you can configure a yet another alternate server from the standby server itself, which, by then, will be up & running and also serve as the primary thereafter.



How to set up Failover Service? ( Supported from version 8100 and above )

Step 1: Install Primary and Standby Servers

Install PMP in two different machines. One will act as the primary server and the other one as standby. (You can specify which machine should run as primary and which one as Standby through a configuration later).

Important Note

  • Failover service can be set up only if the processor compatibility of both PMP installations are the same, i.e. 64-bit or 32-bit.
  • The same version of PMP should be installed in both the machines.
  • In the installation wizard, you can select 'High availability secondary server' during the Failover service standby installation.
  • If you want to remove High Availability and migrate to Failover Service, follow the steps in this document

Step 2: Database Setup

Failover service can be configured only with MS-SQL cluster setups as backend database. Follow the steps in this document to use MS-SQL cluster as backend database.

Note: While mapping the clustered instance of the MS-SQL database with PMP, ensure that you enter only the fully qualified DNS name of the failover clustered instance.


Step 3: Failover Service configuration in Primary and Standby installations

A) Configuration to be done in Primary Installation:

Open the command prompt with administrator privileges and navigate to <PMP_Primary_Installation_Folder>/bin directory. Run the script FOSSetup.bat
In the pop-up that appears, enter the details as specified below for each field:

Common IP: Assign a common IP address for both the Primary and Standby PMP servers, so that the PMP web interface could always be connected to this specific IP. The PMP server will be bound by this single public IP and irrespective of whether PMP is running as Primary or Standby, end-users can connect to the same public IP. The common IP that you enter here should be static and not be assigned to any other machine.

Common IP Netmask: Specify the subnet mask value of the Common IP.

Standby IP: Enter the IP address of the Standby server. This step ensures that the Primary knows where the standby is running and vice-versa.

Network Connection Type: Ensure that both Primary and secondary servers rest on the chosen network.


Note: Before saving the details, make sure that PMP is not running during the configuration process.

Once you enter the details and click 'Save', the configuration settings will be created as a .zip file in primary. This configuration pack will be named as "FOSPack.zip" and placed under the directory: PMP-Primary-Installation-Folder>/FailoverService. This step completes the Failover service configuration in Primary. To configure FOS in the standby, the first step is to copy this .zip file and place the same in the PMP standby installation home directory.

B) Configuration to be done in Standby Installation

Open the command prompt with administrator privileges and navigate to <PMP_Standby_Installation_Folder>/bin directory. Run the script ConfigureStandbyFOS.bat <file-path>, passing the location of FOS configuration settings pack .zip file as the command line argument. Once unzipped, FOS instance will get installed in the Standby installation as well.

Once the FOS settings pack has been unzipped and installed in the Standby, ensure that the pmp_key.key file, which contains the encryption key, is present in the configuration file named manage_key.conf under <PMP_HOME>/conf folder in both the primary and standby installations.

Note: PMP License - Normally, when the FOS Settings file is unzipped in the standby, the PMP license will also get automatically reflected respectively. Therefore, standby does NOT require a separate license file. You can use the same license you purchased for primary. On the other hand, if you are changing your PMP license in the future, the same will not get reflected in the standby. In that case, you need to apply the license file in the standby as a separate step.

Step 4: Start Failover Service(FOS) in Primary and Standby

Navigate to Windows Services Panel. Upon configuration of Failover Service, the panel will begin showing two PMP services - "Password Manager Pro" and "PMP Modules". For the Failover service to function, only the "Password Manager Pro" service should be started in both Primary and Standby. While PMP application in the primary will be up and running, PMP application in the standby will just be monitoring the primary in FOS mode. It will get started when the primary goes down.

Note : By default, the standby monitors the primary's status once in every 40 seconds. In case, it finds that the primary is down and not running, it tries twice to ensure that the primary is down before starting up PMP application.

Uninstalling Failover Service

You can deactivate Failover service either from the primary or secondary server. To uninstall, execute UninstallFOS.bat in {Prod-home}/bin folder, from any of the servers. With the completion of this step, failover service will get deactivated. Next, you can uninstall PMP itself completely from the other server.

Troubleshooting Tips

  • After configuring Failover Service, you should run Password Manager Pro service and PMP Modules service with a domain account that has sysadmin privileges in the MS SQL server.
  • Ensure all the machines are accessible from both master and standby instances of PMP.

©2014, ZOHO Corp. All Rights Reserved.

Top