Failover Service for PAM360 (MS-SQL Server Clusters)
(Procedure applicable ONLY for Windows installations of PAM360 with MS SQL cluster as the backend database)
The Failover Service in PAM360 is also aimed at ensuring uninterrupted access to passwords and other privileged resources. While the 'High Availability' feature in PAM360 requires two separate database instances to be mapped to the Primary and secondary servers of PAM360 respectively, the 'Failover Service' functions with redundant PAM360 server instances which have access to a common MS-SQL cluster, which in turn has multiple PAM360 database instances bound to it.
Note: Failover Service for PAM360 allows configuration of a maximum of TWO instances of PAM360 only.
At the end of this document you will have learnt the following:
- How does the Failover Work?
- How to Set Up a Failover Service?
- How to Uninstall the Failover Service?
- Troubleshooting Tips
1. How does the Failover Work?
- There will be redundant PAM360 server instances which will have access to a common MS-SQL cluster, which in turn has multiple PAM360 database instances bound to it.
- Both the instances of PAM360 server will be primary installations providing read/write access to the users. While one instance acts as the primary, the other will act as the Standby. (Primary, standby and SQL cluster database will be installed on three separate machines)
- In this setup, PAM360 installed in the primary will normally be up and running. The standby machine will keep monitoring the primary. The PAM360 application in the standby is configured to start up and take-over, in case the primary crashes or goes down.
- When the primary server is brought back to service, it will automatically act as the 'standby'. The server, which was originally configured to act as standby will become the primary.
- Both the primary and standby servers are bound by a common public IP and the PAM360 web-interface will always be connected to this specific IP. Irrespective of whether PAM360 is running on the Primary or Standby server, end-users can anytime connect to PAM360 using the same public IP.
Note: All three machines should be in the same subnet. In case the primary crashes and goes into an unrecoverable state, you can configure a yet another alternate server from the standby server itself, which, by then, will be up & running and also serve as the primary thereafter.
2. How to Set Up a Failover Service?
Step 1: Install Primary and Standby Servers
Install PAM360 in two different machines. One will act as the primary server and the other one as standby. (You can specify which machine should run as primary and which one as Standby through a configuration later).
Important Notes:
- Failover service can be set up only if the processor compatibility of both PAM360 installations is the same, i.e., both the processors should be 64-bit.
- The same version of PAM360 should be installed in both the machines.
- If you want to remove High Availability and migrate to Failover Service, follow the steps in this document.
Step 2: Database Setup
Failover service can be configured only with MS-SQL cluster setups as backend database. Follow the steps in this document to use MS-SQL cluster as backend database.
Note: While mapping the clustered instance of the MS-SQL database with PAM360, ensure that you enter only the fully qualified DNS name of the failover clustered instance.
Step 3: Failover Service configuration in Primary and Standby installations
A) Configuration to be done in Primary Installation:
Open the command prompt with administrator privileges and navigate to <PAM360_Primary_Installation_Folder>/bin directory. Run the script FOSSetup.bat
In the pop-up that appears, enter the details as specified below for each field:
Common IP: Assign a common IP address for both the Primary and Standby PAM360 servers, so that the PAM360 web interface could always be connected to this specific IP. The PAM360 server will be bound by this single public IP and irrespective of whether PAM360 is running as Primary or Standby, end-users can connect to the same public IP. The common IP that you enter here should be static and not be assigned to any other machine.
Common IP Netmask: Specify the subnet mask value of the Common IP.
Standby IP: Enter the IP address of the Standby server. This step ensures that the Primary knows where the standby is running and vice-versa.
Network Connection Type: Ensure that both Primary and secondary servers rest on the chosen network.
Note: Before saving the details, make sure that PAM360 is not running during the configuration process.
Once you enter the details and click 'Save', the configuration settings will be created as a .zip file in primary. This configuration pack will be named as "FOSPack.zip" and placed under the directory: PAM360-Primary-Installation-Folder>/FailoverService. This step completes the Failover service configuration in Primary. To configure FOS in the standby, the first step is to copy this .zip file and place the same in the PAM360 standby installation home directory.
B) Configuration to be done in Standby Installation
Open the command prompt with administrator privileges and navigate to <PAM360_Standby_Installation_Folder>/bin directory. Run the script ConfigureStandbyFOS.bat <file-path>, passing the location of FOS configuration settings pack .zip file as the command line argument. Once unzipped, FOS instance will get installed in the Standby installation as well.
Once the FOS settings pack has been unzipped and installed in the Standby, ensure that the pam360_key.key file, which contains the encryption key, is present in the configuration file named manage_key.conf under <PAM360_HOME>/conf folder in both the primary and standby installations.
Note: PAM360 License - Normally, when the FOS Settings file is unzipped in the standby, the PAM360 license will also get automatically reflected respectively. Therefore, standby does NOT require a separate license file. You can use the same license you purchased for primary. On the other hand, if you are changing your PAM360 license in the future, the same will not get reflected in the standby. In that case, you need to apply the license file in the standby as a separate step.
Step 4: Start Failover Service(FOS) in Primary and Standby
Navigate to Windows Services Panel. Upon configuration of Failover Service, the panel will begin showing two PAM360 services - "PAM360" and "PAM360 Modules". For the Failover service to function, only the "PAM360" service should be started in both Primary and Standby. While PAM360 application in the primary will be up and running, PAM360 application in the standby will just be monitoring the primary in FOS mode. It will get started when the primary goes down.
3. How to Uninstall the Failover Service?
You can deactivate Failover service either from the primary or secondary server. To uninstall, execute UninstallFOS.bat in {Prod-home}/bin folder, from any of the servers. With the completion of this step, failover service will get deactivated. Next, you can uninstall PAM360 itself completely from the other server.
4. Troubleshooting Tips
- After configuring Failover Service, you should run PAM360 service and PAM360 Modules service with a domain account that has sysadmin privileges in the MS SQL server.
- Ensure all the machines are accessible from both master and standby instances of PAM360.