cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 10

Solarwinds High availability configuration

Jump to solution

Dear Team,

We want to configure Solarwinds in High Availability mode with different subnet i.e., primary server will be in one location lets say in India and secondary server will be in another location lets say USA. This will act as HA and also as DR in case of any issue on primary location. But customer doesn't want to provide AD permission issue for configuring this in multi subnet mode. Hence is there any other way we can achieve this configuration. Kindly suggest. Thanks in advance.

0 Kudos
1 Solution
Product Manager
Product Manager

Hello,

When you state "AD permission issue" I understand you are referring to the required DNS Permissions and steps to set up a High Availability Pool and access Microsoft DNS?

If so the following article may help understand how to Grant access to a non-administrator account for DNS Management Success Center

Note that there’s no requirement to use a Virtual hostname with HA. It’s provided only as a convenience. Many customers opt instead to use a load balancer.

While rare, those who do encounter similar security concerns when implementing HA sometimes create a separate DNS zone and run the DNS services on the Orion server for that zone. Others still, have gone so far as to utilize Route53, Cloudflare, etc. to keep their virtual DNS hostname name completely separate from the rest of their name services infrastructure. Microsoft however, does not provide such capabilities natively, though BIND does.

View solution in original post

19 Replies
Product Manager
Product Manager

Hello,

When you state "AD permission issue" I understand you are referring to the required DNS Permissions and steps to set up a High Availability Pool and access Microsoft DNS?

If so the following article may help understand how to Grant access to a non-administrator account for DNS Management Success Center

Note that there’s no requirement to use a Virtual hostname with HA. It’s provided only as a convenience. Many customers opt instead to use a load balancer.

While rare, those who do encounter similar security concerns when implementing HA sometimes create a separate DNS zone and run the DNS services on the Orion server for that zone. Others still, have gone so far as to utilize Route53, Cloudflare, etc. to keep their virtual DNS hostname name completely separate from the rest of their name services infrastructure. Microsoft however, does not provide such capabilities natively, though BIND does.

View solution in original post

Hi Tony,

Thank you very much for sharing the info. We tried and tested the option mentioned in the link, but it didn't work. Do you have any article or link from Solarwinds on how to configure using load balancer. Because I have never configured any application using LB. In our environment we have Citrix NetScaler LB.

Thanks again.

Regards

BB

0 Kudos

The following KB from Citrix appears to walk you through the process.

Citrix NetScaler - Simple HTTP Site Load Balancing

Hi aLTeReGo,

Just wanted to check one thing here, initially we are installing Solarwinds application on primary server and we select scalability option to install the Solarwinds application on secondary server. Now we don't have HA configured using either DNS or BIND method. If we are going to use net scaler load balancer here, its just going to check the active member and send the traffic to it. If its not available it send the traffic to secondary server.

But my doubt is how the Solarwinds services on secondary server gets initiated if primary (active) is down and netscaler load balancer is redirecting the traffic to secondary?

Do we need to start the Solarwinds services on secondary server (passive) manually?

Do we need to do any configuration on netscaler load balancer to initiate Solarwinds services to start if primary or active server is down?

I am really having doubts how the application is going to start and how load balancer is going to work here. I really appreciate if you could clarify my doubts. Thanks in advance.

0 Kudos

bharath08  wrote:

Do we need to start the Solarwinds services on secondary server (passive) manually?

Any failure of the 'Active' member will first attempt local recovery. If local recovery fails or is not possible, a failover occurs. This can be a takeover event from the passive member, where the passive member takes over the 'Active' role from the other member of the pool, or a handoff event where the 'Active' member surrenders control over to the other member of the pool. Regardless of how the 'Active' member responsibility was transferred, the process is completely automatic. You can always force a failover event to occur through the Orion Web Interface if you so desire. Alternatively, you can also trigger a failover event to occur as an alert action through the Alert Manager, or programmatically through the Orion SDK. Again, neither of those are a requirement since Orion HA will handle the failover automatically in the event of an issue.

Do we need to do any configuration on netscaler load balancer to initiate Solarwinds services to start if primary or active server is down?

As part of configuring the vserver in the NetScaler you will also configure monitors. These monitors probe the Orion website on both Active and Passive members to determine where to route the traffic. If Server 'A' is the Active member of the pool, the load balancer will know because it is the only pool member properly accepting web requests. When Server 'A' fails over to Server 'B', the NetScaler monitors will mark 'Server A' as being 'down' and route all traffic to Server 'B'.

Note that if both Primary and Secondary Orion servers are in the same subnet, there's no need to use a Virtual Hostname or a load balancer. When Orion High Availability is configured in a same-subnet configuration a VIP (Virtual IP address) is used which ensures that traffic going to Orion is directed to the active member. A load balancer is typically only used in a multi-subnet configuration as an alternative to a virtual hostname, or in instances where customers have a number of Additional Web Servers they want to load balance user traffic across.

Hi aLTeReGo,

Thank you very much for providing clarification. I will keep you posted and get back in case of any doubts.

Dear Alterego,

We are also facing similar issue in our environment, Where Customer is not ready to provide DNS access to Solarwinds, We are looking for a similar approach here, To understand above said approach , After installing primary & secondary servers,, I believe i will not able to create the HA Pool, As i dont have VIP setup or Virtual Host name(with DNS access)  which are mandatory to create the HA pool. Please correct me if my understanding is wrong here

0 Kudos

dhinagar_j  wrote:

Dear Alterego,

We are also facing similar issue in our environment, Where Customer is not ready to provide DNS access to Solarwinds, We are looking for a similar approach here, To understand above said approach , After installing primary & secondary servers,, I believe i will not able to create the HA Pool, As i dont have VIP setup or Virtual Host name(with DNS access)  which are mandatory to create the HA pool. Please correct me if my understanding is wrong here

Neither are mandatory in a multi-subnet configuration. Orion will let you create an HA pool without these and it will work without issue. The virtual hostname is there only as a convienece option to customers. Note that the virtual hostname and VIP are both only used for incomming traffic to Orion. This is typically end-users accessing the Orion web interface. If you don't need a solution for redirecting incomming web requests to the active member of the pool, then this is not something you need to worry about. The Orion web interface on the active member is still accessible using the IP/hostname of the individual members as it would be without HA.

If you do need some method of ensuring that web traffic to the Orion web interface is automatically routed to the 'Active' member in a multi-subnet failover configuration, a load balacner is typically the most popular option. EIther with the HA pool itself, or as a seperate cluster of Additional Web Servers behind a load balancer.

 You say neither are mandatory in a multi-subnet configuration. But I cannot create a HA pool without this information.

I have a new HA Poller and I want to failover to this poller. The HA poller shows green and says standby.  I have the option to Set Up High Availability Pool, but I dont not have any rights to DNS. The server is also on a different subnet so I cannot use VIP.

Does anyone know what is created on the DNS server when using SolarWinds to create the Pool? I would like to do this Manually because of permission issues and change board process to allow another application to DNS.

We do have an F5 loader balancer but i would like to leave this out for now. Later I would like load balance between the Web servers but that doesn't require  HA Pool. 

 

 

0 Kudos

"The virtual hostname is there only as a convienece option to customers. Note that the virtual hostname and VIP are both only used for incomming traffic to Orion. This is typically end-users accessing the Orion web interface. If you don't need a solution for redirecting incomming web requests to the active member of the pool, then this is not something you need to worry about"

The details with respect to Web Traffic is 100% clear, To understand further , In our environment we have SAM agents( Agent initiated ) & these agents traffic are  incoming requests to Orion platform, So definitely i need to have a solution (Default DNS update by HA or custom Load balance solution)  to direct these traffic to active member, or does the agent have any intelligence to identify itself, which is the active member of the pool (without any above mentioned option).

And to add, incase of agent with Server initiated communication , i assume we will able to achieve continuous monitoring, without traffic re-direct option like  "Default DNS update by HA or custom Load balance solution".

kindly help to validate my understanding, Please

0 Kudos

dhinagar_j  wrote:

In our environment we have SAM agents( Agent initiated ) & these agents traffic are  incoming requests to Orion platform, So definitely i need to have a solution (Default DNS update by HA or custom Load balance solution)  to direct these traffic to active member, or does the agent have any intelligence to identify itself, which is the active member of the pool (without any above mentioned option).

Agents are fully HA aware, so they do not rely upon on either the virtual hostname or VIP. The Agents are fully aware of both servers in the pool and will attempt to communicate with the other member in the event communication is lost to the AMS. The Agent will continue hunting until the AMS on one of the members responds. Until that time, polling continues on the Agent and results are queued in the Agents SQLlite database.

dhinagar_j  wrote:

And to add, incase of agent with Server initiated communication , i assume we will able to achieve continuous monitoring, without traffic re-direct option like  "Default DNS update by HA or custom Load balance solution".

kindly help to validate my understanding, Please

Passive Agents (Server Initiated) are completely unaffected by HA. Whichever member is 'Active' is the one that connects to the agent to collect job results and update job definitions. Again, agents are fully HA aware and have absolutely zero reliance on the VIP or virtual hostname.

0 Kudos

We have deployed agents in our environment , which are connected to APE -constructed over multi subnet HA pools..

But while the secondary polling engines get activated,.. most All agents previously reported to solarwinds are now not communicating (only few agents are working ),, i see below related error in the console.

Agent plugin ServiceDirectory on agent sampleserver.net failed to start

All these agent connection status are currently - unable to connect the agent

Could you kindly help what could be the problem here

0 Kudos

@aLTeReGo 

We have HA pool created across multi subnet.

While during a failover,, Agent are not able to connected to 'secondary polling engines', Few able to connect by most of them have below error

Agent plugin ServiceDirectory on agent Sampleserver.net failed to start

Any directions here. This looks similar in linux and windows agent 

0 Kudos

@dhinagar_j wrote:

@aLTeReGo 

We have HA pool created across multi subnet.

While during a failover,, Agent are not able to connected to 'secondary polling engines', Few able to connect by most of them have below error

Agent plugin ServiceDirectory on agent Sampleserver.net failed to start

Any directions here. This looks similar in linux and windows agent 


Have you confirmed those endpoints are able to resolve the name of the poller, that the appropriate port is open and no firewall or access control lists are preventing those agents from communicating with the secondary member of the pool? 

0 Kudos

Thanks aLTeReGo...document is really helpful.

As we dont have any official documentation for configuration of 3rd party products this may help SolarWinds High Availability - HA - In a WAN Environment!!!

I just posted some HA questions in NPM forum. If you don't see them let me know. 

0 Kudos

Hi Tony,

Just wanted to check one thing here, initially we are installing Solarwinds application on primary server and we select scalability option to install the Solarwinds application on secondary server. Now we don't have HA configured using either DNS or BIND method. If we are going to use net scaler load balancer here, its just going to check the active member and send the traffic to it. If its not available it send the traffic to secondary server.

But my doubt is how the Solarwinds services on secondary server gets initiated if primary (active) is down and netscaler load balancer is redirecting the traffic to secondary?

Do we need to start the Solarwinds services on secondary server (passive) manually?

Do we need to do any configuration on netscaler load balancer to initiate Solarwinds services to start if primary or active server is down?

I am really having doubts how the application is going to start and how load balancer is going to work here. I really appreciate if you could clarify my doubts. Thanks in advance.

0 Kudos
Level 10

Hi All,

Can someone update on this. Thanks in advance.

Best Regards

Bharath

0 Kudos