Skip to content

Osirium PAM guide to High Availability (HA)

This guide is to help you understand PAM HA and how it works.

This section covers:

Introduction

Configuring PAM to work as a HA Pair allows a Primary PAM Server to replicate to a Secondary PAM Server.

The Primary PAM Server will receive all user traffic and replicate to the Secondary PAM Server.

The Secondary PAM Server will be on standby and ready to take over if the Primary PAM Server fails.

The benefits of implementing a PAM HA solution include:

  • Minimal downtime for users if the Primary server fails as you have a Secondary server on standby.
  • Increased availability as the Secondary server can quickly be promoted to Primary and continue operations.
  • Minimises the loss of data through replication.

Management Interface

The Management Interface is used to manage HA configuration and execute HA commands on the PAM Servers.

It is accessed via a web browser by navigating to [IP Address of the PAM Server]:8443. Only a PAM user who has PAM Owner level access can log in.

Management Interface

Once logged in you will be presented with an SSH window.

Management Interface shell window

HA Server Roles

The Primary PAM Server handles all the user traffic and sends database updates to the Secondary PAM Server.

The Secondary PAM Server receives a replica of the Primary PAM Server database.

HA Server States

State Description
Active Server is operational. In BAU, the Primary PAM Server is the active server. In failover, the Secondary PAM Server will become the active server.
Standby The PAM Server is receiving information from the active PAM Server. The data replicated to the standby will allow it to take over operations in the active server fails
Demoted Only a Primary PAM Server can be demoted. Operation has been switch to the standby server.
Failed The PAM Server is broken and is not functional, it could be off line, have a major issue, or has been deleted.
Inactive Server is not operational. A demoted Primary or a standby Secondary can be considered as inactive.

Data Replication

The data that is replicated from the Active to the Standby Server includes the:

  • Database
  • MEK

If an SMB share or a data disk is configured then the following are saved externally, otherwise they will be saved to the system disk which is not recommended.

  • Backups
  • Techouts
  • Task files
  • Session Recordings
  • Session archives (if enabled)

Warning

If an SMB share is not configured then you are at risk of losing files stored locally on the PAM Server.

Master Encryption Key

When a PAM Server is configured as a HA Primary, the master encryption key is very important. The master encryption key of the Primary PAM Server should be kept safe and stored in your vault as it is required when recovering a server from a backup.

When the Secondary PAM Server is created, there is no master encryption key. When you initialise your HA Pair, the master encryption key of the Primary PAM Server is replicated to the Secondary PAM Server.

Note

If the secondary server is reverted back to a standalone PAM Server it will keep the MEK replicated from the Primary HA Server.

HA Commands

The following commands are used to manage your HA.

Command Description
ha-initialise Used to create an HA Pair and start replication between two Standalone PAM Servers.
ha-create-joining-code If a joining code is not available on the Secondary PAM Server then this command can be run on the Secondary to create the required joining code needed to create the HA Pair.
ha-failover Run on the Standby Server.
If the Primary fails then this command is used on the Secondary to switch it to Active so it can start receiving user traffic.
ha-demote-primary Run on the Primary Server.
Used to demote the Primary so the operation is switched to the Standby server.
ha-failback Run on the Standby Server.
If a Primary failed and has been recovered, the Secondary PAM Server can hand back operations to the Primary PAM Server. The Primary will again become the Active server and the Secondary will go back to being a Standby Server.
ha-status Provides server and HA status information.
ha-make-standalone Can be run on the Primary or Secondary to revert a HA Server back to a standalone PAM Server and stop replication.

We recommend you use an SMB shared network drive to ensure files (Backups, Techouts, Task files, Session Recordings, Session archives) are available to both the Primary and Secondary PAM Servers.

The SMB share configuration is done on the Admin Interface here.

Applying a floating IP address will allow one IP address to be used to connect to the Active or Promoted Active server and makes the transition a lot smoother for users as they don't have to be informed of a different IP address to connect to.

Logging

The logging information relating to the HA commands run can be found in the following locations.

  • HA commands: /var/log/osirium/ha-commands.log

  • Declustering commands: /var/log/osirium/install/decluster.log

Supporting documentation

Further information relating to the Osirium PAM can be found here.