Failover Service for Key Manager Plus (MS SQL Server Cluster)

(Feature available only for Windows installations of Key Manager Plus with MS SQL cluster as backend database.)

1. Overview
2. How does Failover Service Work?
3. Prerequisites to Set Up Failover Service
4. Steps to Configure Failover Service
5. Uninstalling Failover Service

1. Overview

The Failover Service in Key Manager Plus is aimed at ensuring uninterrupted access to keys and certificates. It functions with redundant Key Manager Plus server instances that have access to a common MS-SQL cluster.

2. How does Failover Service Work?

1. There will be redundant Key Manager Plus server instances which will have access to a common MS-SQL cluster.
2. Both the instances of Key Manager Plus server will be primary installations providing read/write access to the users. While one instance acts as the primary, the other will act as the standby. (Primary, standby and SQL cluster database will be installed on three separate machines)
3. In this setup, Key Manager Plus installed in the primary will normally be up and running. The standby machine will keep monitoring the primary. The Key Manager Plus application in the standby is configured to start up and take-over, in case the primary crashes or goes down.
4. When the primary server is brought back to service, it will automatically act as the 'standby'. The server, which was originally configured to act as standby will become the primary.

3. Prerequisites to Set Up Failover Service

1. FailOver service(FOS) can be configured only for builds that have MS SQL as backend.
2. Both the primary and secondary servers should be bound by a common public static IP and Key Manager Plus web-interface will always be connected to this specific IP. So end-users can connect to Key Manager Plus anytime using the same public IP irrespective of whether Key Manager Plus running on primary or secondary server.
3. Failover service can be set up only if the processor versions of both the primary and secondary machines are compatible with one another. i.e., 64 bit or 32 bit.
4. The same version of Key Manager Plus should be installed in both the primary and secondary machines.
5. The common static IP should not be assigned to any other machine.
6. The subnet mask value of both primary and secondary servers should be the same as that of the subnet mask value of the common IP.
7. During configuration process, make sure the Key Manager Plus service is not running.

4. Steps to Configure Failover Service

4.1 Set Up Primary and Standby Servers

Install Key Manager Plus in two machines. One will act as the primary server and the other will act as the standby server.
(You can choose which machines should act as primary / secondary through a configuration later.)

4.2 Database Setup

Failover service can be configured only with MS SQL clusters as back end database. To configure MS SQL as your backend database, refer to this section of the help documentation.

4.3 Set Up Failover Service in your Primary Installation

To set up failover service in your primary installation,

1. Stop Key Manager Plus service in your primary server.
2. Open the command prompt with administrative privileges, and navigate to <kmp installation="" folder="">/bin directory. </kmp>
3. Run the script: FOSSetup.bat
4. A pop-up opens and enter the details as specified below for each field:
   1. Common IP: Assign a common IP address for both the Primary and Standby servers, so that the Key Manager Plus web interface could always be connected to this specific IP. The Key Manager Plus server will be bound by this single public IP and irrespective of whether Key Manager Plus is running as Primary or Standby, end-users can connect to the same public IP. The common IP that you enter here should be static and not be assigned to any other machine.
   2. Common IP Netmask: Specify the subnet mask value of the common IP.
   3. Standby IP: Enter the IP address of the standby server. This step ensures that the primary knows where the standby is running and vice-versa.
   4. Network Connection Type: Ensure that both primary and secondary servers rest on the chosen network.
      
      

Once you enter the details and click Save. The configuration settings will be created as a .zip file in primary. This configuration pack will be named as FOSPack.zip and placed under the directory: Key_Manager_Plus_Primary_Installation_Folder>/FailoverService. With this, the failover service configuration in the primary server is complete. To configure FOS in the standby, the first step is to copy this .zip file and place it in the Key Manager Plus standby installation home directory.

4.4 Set Up Failover Service in your Secondary Installation

To set up failover service in the standby server,

1. Open the command prompt with administrative privileges, and navigate to/bin directory.
2. Run the script: ConfigureStandbyFOS.bat<file-path> passing the location of FOS configuration settings pack .zip file as the command line argument. Once unzipped, FOS instance will get installed in the standby installation as well.
3. Once the FOS settings pack has been unzipped and installed in the Standby, copy the pmp_key.key file, which contains the master encryption key, from primary server and place it in the secondary server and map the path location to <Key Manager Plus installation folder>/conf/manage_key.conf file)

4.5 Start Failover Service in the Primary and Standby Servers

After configuring FOS in both the servers, start the Key Manager Plus service in both the servers from the Windows services panel. A common static IP is used to access the application. e.g., https://<Common ip>:<Port>. When the primary server goes down, the standby server will get started.

5. Uninstalling Failover Service

You can deactivate the failover service either from the primary or the standby server.

1. Navigate to <Key_Manager_Plus_Installation_Folder>/bin using command prompt in either of the servers.
2. Execute the following script: UninstallFOS.bat
3. The failover service will get deactivated.