Osirium PAM guide to High Availability (HA)
This guide is to help you understand PAM HA and how it works.
This section covers:
Introduction
Configuring PAM to work as a HA Pair allows a Primary PAM Server to replicate to a Secondary PAM Server.
The Primary PAM Server will receive all user traffic and replicate to the Secondary PAM Server.
The Secondary PAM Server will be on standby and ready to take over if the Primary PAM Server fails.
The benefits of implementing a PAM HA solution include:
- Minimal downtime for users if the Primary server fails as you have a Secondary server on standby.
- Increased availability as the Secondary server can quickly be promoted to Primary and continue operations.
- Minimises the loss of data through replication.
Management Interface
The Management Interface is used to manage HA configuration and execute HA commands on the PAM Servers.
It is accessed via a web browser by navigating to [IP Address of the PAM Server]:8443. Only a PAM user who has PAM Owner level access can log in.
Once logged in you will be presented with an SSH window.
HA Server Roles
The Primary PAM Server handles all the user traffic and sends database updates to the Secondary PAM Server.
The Secondary PAM Server receives a replica of the Primary PAM Server database.
HA Server States
| State | Description |
|---|---|
| Active | Server is operational. In BAU, the Primary PAM Server is the active server. In failover, the Secondary PAM Server will become the active server. |
| Standby | The PAM Server is receiving information from the active PAM Server. The data replicated to the standby will allow it to take over operations in the active server fails |
| Demoted | Only a Primary PAM Server can be demoted. Operation has been switch to the standby server. |
| Failed | The PAM Server is broken and is not functional, it could be off line, have a major issue, or has been deleted. |
| Inactive | Server is not operational. A demoted Primary or a standby Secondary can be considered as inactive. |
Data Replication
The data that is replicated from the Active to the Standby Server includes the:
- Database
- MEK
If an SMB share or a data disk is configured then the following are saved externally, otherwise they will be saved to the system disk which is not recommended.
- Backups
- Techouts
- Task files
- Session Recordings
- Session archives (if enabled)
Warning
If an SMB share is not configured then you are at risk of losing files stored locally on the PAM Server.
Master Encryption Key
When a PAM Server is configured as a HA Primary, the master encryption key is very important. The master encryption key of the Primary PAM Server should be kept safe and stored in your vault as it is required when recovering a server from a backup.
When the Secondary PAM Server is created, there is no master encryption key. When you initialise your HA Pair, the master encryption key of the Primary PAM Server is replicated to the Secondary PAM Server.
Note
If the secondary server is reverted back to a standalone PAM Server it will keep the MEK replicated from the Primary HA Server.
HA Commands
The following commands are used to manage your HA.
| Command | Description |
|---|---|
| ha-initialise | Used to create an HA Pair and start replication between two Standalone PAM Servers. |
| ha-create-joining-code | If a joining code is not available on the Secondary PAM Server then this command can be run on the Secondary to create the required joining code needed to create the HA Pair. |
| ha-failover | Run on the Standby Server. If the Primary fails then this command is used on the Secondary to switch it to Active so it can start receiving user traffic. |
| ha-demote-primary | Run on the Primary Server. Used to demote the Primary so the operation is switched to the Standby server. |
| ha-failback | Run on the Standby Server. If a Primary failed and has been recovered, the Secondary PAM Server can hand back operations to the Primary PAM Server. The Primary will again become the Active server and the Secondary will go back to being a Standby Server. |
| ha-status | Provides server and HA status information. |
| ha-make-standalone | Can be run on the Primary or Secondary to revert a HA Server back to a standalone PAM Server and stop replication. |
SMB Share RECOMMENDED
We recommend you use an SMB shared network drive to ensure files (Backups, Techouts, Task files, Session Recordings, Session archives) are available to both the Primary and Secondary PAM Servers.
The SMB share configuration is done on the Admin Interface here.
Floating IP RECOMMENDED
Applying a floating IP address will allow one IP address to be used to connect to the Active or Promoted Active server and makes the transition a lot smoother for users as they don't have to be informed of a different IP address to connect to.
Logging
The logging information relating to the HA commands run can be found in the following locations.
-
HA commands:
/var/log/osirium/ha-commands.log -
Declustering commands:
/var/log/osirium/install/decluster.log
Supporting documentation
Further information relating to the Osirium PAM can be found here.