High Availability (HA) configuration ensures continuous availability of AssetExplorer during disasters or unexpected hardware/software failures.
Currently, Failover Service and Disaster Recovery are supported only for servers running on Windows OS.
Role Required: SDAdmin
To access High Availability configuration, go to Admin > General Settings > HA Configuration.
Benefits of HA Configuration
- Availability of AssetExplorer at all times.
- Smooth and automatic take-over of the failed server.
- Provides quick recovery from hardware or software failures.
- Prevents data loss during server failure.
Workflow of HA
The high availability setup involves the following components:
- Primary Server - The server where the application is currently hosted.
- Secondary Server - The standby backup server that monitors the primary server's health and constantly replicates files from it.
- Database Server - The primary and secondary servers are linked to a shared database server. The database server monitors the primary server's health and replicates its data.
The primary server, secondary server, and database server are connected to a common network.
The primary server's status can be monitored in two ways:
- DB heartbeat Mechanism: The primary server communicates its status to the database server every minute. If there is no update, the secondary server will take over. This is the default method to monitor a peer machine's health.
- Ping Mechanism: In this method, when the primary server goes down, the backup server is pinged about the status, and the secondary server takes over.
Ping Mechanism requires an SSL certificate and can be configured only in the HTTPS protocol. In case of database failure, the application automatically sets up this method.
When the primary server goes down, the secondary server instantly begins the takeover process. It pulls the latest files from the primary server and takes over its functions.
When the primary server comes back online, it assumes the role of the standby server, while the other server remains the primary server. Thus, the cycle continues.
Failover Service vs Disaster Recovery
Depending on the organization requirements, administrators can set up high availability for AssetExplorer via Failover Service (FOS) or Disaster Recovery (DR). The differences between the two features are detailed in the following table:
Failover Service
| Disaster Recovery
|
Ensures availability of the application during hardware or software failure.
| Ensures availability of the application when an infrastructure is down due to disasters.
|
Servers (primary, secondary, and database) are present in the same region.
| Servers (primary, secondary, and database) are present in different geographical regions.
|
When the server is down, the application is made available by connecting to the backup server in the same network.
| When the server is down, the application is made available by connecting to the backup server in a different network.
|
A virtual IP address is used to provide access to the application.
| The IP address of the server running the application is used to access the application.
|
Prerequisites
- Two 64-bit server machines with high network connectivity.
- AssetExplorer 64-bit .exe installation is preferred.
- Two virtual or physical servers with different NIC card addresses.
- A common IP Address for the primary and secondary servers.
- Both servers must have two-way read-write access for the ManageEngine folder (where AssetExplorer is installed).
AssetExplorer Configuration Requirements
- The application must be installed in the same location on both servers.
- Purchase an FOS license as an add-on for your application.
The database must be externalized from primary and secondary servers but remain accessible to both. You can either use an MSSQL database or migrate to version 7520 and use an external PGSQL database.
- Set File attachment network path to the same domain and accessible to both servers.
- Obtain HTTPS certificate for Alias URL of common IP.
- Bind the common URL (for which the SSL certificate is obtained) to the common IP address configured in the DNS.
- Start the application as a service using Java Service Wrapper.
- Applications on primary and secondary servers must run on the same port.
- Use the same polling and retry parameters in both servers.
Prerequisites for Endpoint Central installed within AssetExplorer
For customers who have purchased Endpoint Central separately, please refer here for steps to follow if you do not have a Failover Server setup.
Update the following file location to a network share accessible to both installations (primary & secondary servers).
- Endpoint Central > Admin > Tools > Database Backup > Backup Directory.
- Endpoint Central > Admin > Software Repository > HTTP Repository > New Location.
- Endpoint Central > Patch Mgmt > Downloaded Patches > Settings > Patch Repository Location.
Setup Process
You can set up servers for HA configuration in two ways:
Approach 1: Install AssetExplorer separately on each server and configure them to the same database server.
Approach 2: Use Robocopy to mirror the configurations between servers.
- Run mirrorSetup.bat from the \bin directory after installing the application on the primary server.
- However, the application will not start as a service. To start it as a service, run sd_service.bat -i from the {AssetExplorer_Home}/bin directory on the secondary server.
Folder Permissions
- Share the ManageEngine folder between the primary server and the secondary server.
- Set the folder permission to Everyone to ensure the servers have full read/write permissions.
- To access the shared folder on your server, go to the start menu > Run > \\<machineIP>\ManageEngine.
- Provide the username and password (if needed) to make sure an IPC connection is established between the machines.
- If you want to restrict the folder access to one particular user account,
- Run services.msc.
- Search for AssetExplorer and go to Properties.
- Select the Log on tab and choose This account option.
- Enter the login credentials of the domain user and save it.
To configure FOS in AssetExplorer,
- Go to Admin > General Settings > HA Configuration.
- Select the HA Mode as Failover Service.
- Select the Enable FOS Startup Mode.
- Use the pointers below to configure the primary and secondary server details.
- Primary Server IP: Enter the IP address of the server where the application is running.
- Secondary Server IP: Enter the IP address of the standby server.
- NIC of Primary Server/NIC of Secondary server: Enter the NIC address of the primary and secondary servers in the respective fields within curly braces { }. For example, {117C3D5B-4395-4369-8812-741EEA26D76D}. Click here to learn how to identify the NIC addresses.
- Subnet Mask of Primary Server/Subnet Mask of Secondary Server: Enter the subnet mask of your primary and secondary servers in the respective fields. Refer here for the valid subnet values.
How to identify NIC address?
AssetExplorer contains an inbuilt provision to help you identify your NIC address.
- Go to \bin directory in your secondary server.
- Execute the iflist.exe tool.
- Locate the NIC Card whose Adapter Status is UP. The adapter name is the NIC address for the IP address to which the application is bound.
- Copy the value in the Adapter Name field to the application.
Valid Subnet Mask Values
/30
| 255.255.255.252
|
/29
| 255.255.255.248
|
/28
| 255.255.255.240
|
/27
| 255.255.255.224
|
/26
| 255.255.255.192
|
/25
| 255.255.255.128
|
/24
| 255.255.255.0
|
/23
| 255.255.254.0
|
/22
| 255.255.252.0
|
/21
| 255.255.248.0
|
/20
| 255.255.240.0
|
/19
| 255.255.224.0
|
/18
| 255.255.192.0
|
/17
| 255.255.128.0
|
/16
| 255.255.0.0 |
How to test a virtual IP address?
The virtual IP address is a common IP address in the local network, that is not bound to any specific machine. A simple way to check if an IP address can be used as a common one is to ping the IP address. If the IP is not reachable, then it can be used as a common IP address.
To test the virtual IP address,
- Open your command prompt and execute the following command: ping {insert IP address}.
- If you receive a request timed-out message, it indicates that the virtual IP address is available for use.
Use the pointers below to configure the General Details fields.
- Virtual IP: Specify the IP address to which the primary and secondary servers must be bound. Click here to learn how to test a virtual IP address.
Ensure that the virtual IP address you configure belongs to the subnet mask and is not bound to any existing servers in the network.
- Common Alias Name: Specify an alias name to access the application.
- In case of failover notify to: Enter the email address for server failure notifications. Separate multiple addresses with commas.
For the notification emails to be sent, the
outgoing mail server should be configured for the application.
- Click Save and restart the application for the configurations to take effect.
When the primary server is switched to the secondary server, the server configurations on the FOS page must be manually updated.
- Navigate to Admin > General Settings > HA Configuration.
- Select the HA Mode as Disaster Recovery.
- Select the Enable DR startup mode check box.
- Use the following pointers to configure the application in DR mode.
- Primary Server IP: Enter the IP address of the server where the application is running.
- Secondary Server IP: Enter the IP address of the standby server.
- Common Alias Name: Specify an alias name to access the application.
- In case of disaster notify to: Enter the email address for server failure notifications. Separate multiple addresses with commas.
For the notification emails to be sent, the
outgoing mail server should be configured for the application.
- Click Save and restart the application for the configurations to take effect.
When the secondary server takes over as the primary server, the configurations in the DR page must be updated manually.
Modify Primary Server's Listening Time
By default, the primary server monitors the secondary server's status every 5 minutes. In the event of secondary server failure, an email is triggered to the configured email address. You can modify the primary server's listening time as needed by following the steps below:
- Navigate to {AssetExplorer_home} / conf.
- Open the ha.conf file and find the entry #peer.status.check.time.period=
- Uncomment the entry by removing the hashtag
- Specify the required time limit in minutes. For example: peer.status.check.time.period=10.
Upgrade HA Configuration
Announcement for Users using AssetExplorer version 6957 and below
The current FOS configurations will not work after the upgrade and you will be automatically migrated to the new FOS.
Enable new FOS for continued support.
Announcement for Users using AssetExplorer version 6971 and above
Users upgrading to version 6971 and above are not required to mirror the updates in both servers as the changes are automatically pushed during the upgrade.
To upgrade your application,
- Invoke \bin\shutdown.bat in the primary and secondary servers. This will stop AssetExplorer.
- Upgrade the build in the primary server. Click here to learn how.
- Mirror the settings in the secondary server via Robocopy by invoking \bin\mirrorSetup.bat. This step applies only to users upgrading to version ≥ 6900.
- Invoke \bin\run.bat in both servers to start AssetExplorer.
Alternatively, you can also start AssetExplorer as a service.
Ensure that you backup your files before upgrading your application.
Click here to know more.
Restore HA Configuration
In the event of an upgrade failure, you can restore the application to its previous version by following the steps mentioned below.
- Invoke \bin\shutdown.bat in the primary and secondary servers. This will stop AssetExplorer.
- Restore the data in the primary server. Click here to learn how.
- Mirror the settings in the secondary server via Robocopy by invoking \bin\mirrorSetup.bat
- Invoke \bin\run.bat in both servers to start AssetExplorer.
Alternatively, you can also start AssetExploreras a service. After successfully restoring the application, FOS/DR will be disabled by default. Enable
FOS or
DR and restart the application again.
Why is FOS/DR disabled on restoring AssetExplorer and an application reboot is required?
Backups with FOS/DR may fail to restore on a different machine, causing the application to not start due to an incorrect NIC address in ha.conf. To prevent this, FOS/DR will be disabled by default. SDAdmins can enable FOS or DR and configure the NIC address under Admin > General Settings > HA Configuration.
Disable Failover Service/Disaster Recovery
To disable Failover Service/Disaster Recovery from the application,
- Go to Admin > General Settings > HA Configuration.
- Uncheck the Enable FOS Service Startup Mode/Enable DR Startup Mode in the Failover Service and Disaster Recovery configurations respectively.
- Invoke \bin\shutdown.bat in both the primary and secondary servers. This will stop AssetExplorer.
- You can then restart the application in the servers individually by invoking \bin\run.bat command. On restarting, the servers will behave individually as two separate machines.
Related Articles
HA File Replication Configuration
HA file replication configuration lets you schedule automated replication of data from the primary server to the secondary server. The replication occurs every minute to ensure that in the event of a primary server failure, the secondary server can ...
Agent Configuration
Agent-based scanning is supported for Windows, Linux, and Mac machines. Before proceeding with an agent-based scan, Endpoint Central has to be installed. Click here to learn more. Configure Endpoint Central agent settings in AssetExplorer under Admin ...
Edit/Delete Replenishment Configuration
You can edit only the threshold limit of replenishment configuration. Fields such as Site, Product Type, and Product Name are cannot be edited. On the replenishment list view, click beside a replenishment configuration. Update the threshold count. ...
Introduction - SNMP Configuration
Using this feature, you can configure and map Object IDs (OIDs) to SNMP device attributes. How does SNMP scan work? When you scan an SNMP device, its sysOID is initially fetched. The sysOID uniquely identifies the device's model name, product type, ...
Configuration Item Types
Configuration Item Types (CI Types) denote the categorization of the CIs. Any organization-specific entity can be considered as a CI Type, such as Business Services, Workstations, Servers, Documents, or the People working for your organization. Each ...