|
|
|
Configuring Verastream AADS Failover in Windows
Technical Note 10049
Last Reviewed 25-Apr-2008
Applies To
Verastream Host Integrator version 5.5 or higher
Summary
Figure 1: Typical Verastream production environment
Technical Note 10049
Last Reviewed 25-Apr-2008
Applies To
Verastream Host Integrator version 5.5 or higher
Summary
This technical note describes how to install and configure multiple Verastream Host Integrator (VHI) Authentication Authorization and Directory Services (AADS) servers to achieve failover support in a Microsoft Windows environment.
AADS Failover Environment
The Authentication Authorization and Directory Services (AADS) component of Verastream authorizes client access to Session Servers and provides security and directory services for Verastream installations. AADS tracks servers and domains and is required for Verastream to run.
With an AADS failover configuration, the AADS servers replicate information with each other. If one of the active AADS servers fails or is taken off-line, any other AADS server associated with the Host Integrator installation can provide AADS services, with no loss of data or compromise to security. Thus, a failover configuration provides fault tolerance for production environments.
A typical Verastream environment has two server systems with both AADS and Session Server components installed.
Figure 1: Typical Verastream production environmentAADS and Session Server components have separate failover mechanisms. AADS failover is implemented during installation and is described in this technical note. Session Server load balancing (which also provides Session Server failover) is configured after installation and addressed separately in Technical Note 10052.
AADS failover is based on standard IP name resolution functionality, which allows an alias name to be mapped to multiple IP addresses.
Installing Verastream with AADS Failover Support
To configure Verastream for AADS failover support, you need to perform the steps presented in the following sections:
I. Create One Common Name for Your AADS Servers
II. Install the Primary AADS Server and Session Server
III. Install Additional Servers
IV. Add AADS Common Name to Administrative WebStation Login Page
II. Install the Primary AADS Server and Session Server
III. Install Additional Servers
IV. Add AADS Common Name to Administrative WebStation Login Page
I. Create One Common Name for Your AADS Servers
Create one common (symbolic) name for all of your AADS Servers by editing the DNS or the Hosts file on each machine that will have Verastream server and client components installed (including connectors used by client applications). The Hosts file is typically located in the directory C:\Windows\system32\drivers\etc\. Each machine that will have the AADS Server installed should be listed by its unique IP address, but each IP address must be assigned the same common name. For example, in your Hosts file or DNS server you might have the following entries:
10.0.0.1 my_aads10.0.0.2 my_aads10.0.0.3 my_aadsEach IP address refers to a machine with Verastream AADS Server installed. Whenever AADS services are requested, a request for my_aads is made and the DNS or Hosts file returns the list of IP addresses associated with that common name. Connections to the AADS server will attempt to contact the first host on the list. If no response is received, the second AADS server is tried, and so forth.
Note: It is strongly recommended that you use a consistent order (primary AADS server first, etc.). If you are editing Hosts files, the entries should be the same on all systems in the Verastream environment. If you are configuring DNS, the DNS server should not return results in round-robin or random order.
The AADS common name is also referred to as the DNS Symbolic Name for Multiple AADSes (DSNMA) by the version 5.5 installer on Windows.
II. Install the Primary AADS Server and Session Server
Follow these steps to install Verastream in a typical production environment (both primary AADS Server and Session Server are installed on the same machine).
Note: You cannot change your AADS configuration after you install Verastream. Before proceeding, you should be certain of the computer name and AADS common name. Future changes require uninstalling and reinstalling all servers in the Verastream installation environment.
- Start the Verastream installation. You must be logged in with administrative privileges. For more information on running Setup, refer to the Installation Guide.
- On the Select Installation Type panel, select Custom. Click Next.
- On the Locate AADS Installation panel, select "This AADS is the first in a new installation." Click Next.
- On the Enter AADS Name panel, enter the computer's Windows name (the value of the Windows COMPUTERNAME environment variable) or fully qualified domain name.
Note: This is the unique computer name—not the common name you created in the Hosts file or DNS.
- Click through to the Please Locate AADS panel. In the AADS field, enter the AADS common name you created when configuring the Hosts file or DNS in section I above. (This is used to register the Session Server component.) Click Next.
- Click through to the Enter Server Name panel. In the Host name field, enter the computer's Windows name or fully qualified domain name. Click Next.
Note: This step seems redundant, but it is required to configure and register the Session Server component.
- Complete the installation.
III. Install Additional Servers
Follow these steps to install each additional AADS Server and Session Server.
Note: You cannot change your AADS configuration after you install Verastream. Before proceeding, you should be certain of the computer name and AADS common name. Future changes require uninstalling and reinstalling all servers in the Verastream installation environment.
- Start the Verastream installation. You must be logged in with administrative privileges. For more information on running Setup, refer to the Installation Guide.
- On the Select Installation Type panel, select Custom. Click Next.
- On the Locate AADS Installation panel, select "This AADS will be added to an existing installation."
- Click through to the Please Locate AADS panel. In the AADS field, enter the AADS common name you created in section I above. This will be used to link the additional AADS server with its peer(s).
Note: If you see the error "Could not connect to AADS," verify that your DNS or Hosts file is configured (as described in section I above) and the primary AADS service is running (as described in Technical Note 10054).
- Click through to the Enter AADS Name panel. Enter this computer's Windows name (the value of the Windows COMPUTERNAME environment variable) or fully qualified domain name. Click Next.
Note: This is the computer name of this additional AADS Server—not the common name you created in the Hosts file or DNS, nor the primary AADS Server computer name.
- The AADS Administrator Credentials panel displays. If security is enabled on the AADS server, enter a user ID and password that belongs to the Administrator profile. Otherwise, leave these fields blank.
- After you click Next, a message displays stating "Setup is registering this AADS with <common name>" and the AADS service starts. Installation proceeds for the Session Server component.
- On the Please Locate AADS panel, enter the common name again.
Note: This step seems redundant, but it is required to register the Session Server component with the AADS failover support environment.
- Click through to the Enter Server Name panel. In the Host name field, enter this computer's Windows name or fully qualified domain name.
Note: This step seems redundant, but it is required to configure and register the Session Server component.
- After you click Next, a message displays stating "Setup is registering this server with <common name>." Complete the installation.
Note: In the future, if you uninstall a Verastream server in your installation environment, the remaining AADS server(s) should be running at the time. This allows the AADS and/or Session Server component(s) to properly unregister.
IV. Add AADS Common Name to Administrative WebStation Login Page
When the installation is complete, prior to logging into the Verastream Administrative WebStation console, follow the steps below to add the directory server.
- Click Start > Programs > Verastream > Host Integrator > Administrative WebStation.
- In the top toolbar, click the DIRECTORY SERV button.
- In the Server Name field of the Set Directory Server panel, enter the AADS common name you created for your AADS installation in section I above, and then click Add Server.
- Verify the fingerprint, and then click Submit.
- Click Save.
Note: When logging into Administrative WebStation, use the AADS common name for the Directory Server. After logging in, all the Verastream servers in the failover environment will be displayed.
Additional Tips
- Using AADS common name versus specific server names:
In order for failover AADS to function properly, always use the AADS common name where specifying a Directory Server in Administrative WebStation, Session Monitor, and client applications connecting via a domain.
However, when deploying models (using activatemodel and deactivatemodel commands), use the specific Session Server system names.
- Updating Hosts files throughout your environment:
If you implemented the AADS common name by editing Hosts files, remember to update all systems where Verastream server and client components are installed (including connectors used by client applications).
- Starting your AADS servers:
- In an AADS failover environment, it is recommended that you stagger startup of the AADS servers (separated by 5 minutes or so) to avoid any possible inter-communication circular wait condition.
- AADS servers within an installation environment automatically replicate configuration data. If an AADS has been stopped, make sure it is started last during an installation restart to avoid data corruption.
