Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Bruno_Petronio
Contributor

Split a MDS HA environment

Jump to solution

Hi all,

I'm wondering if you can share your experience and advices related with the following situation.

I've a Multi-Domain HA environment where all the MDS and DMS(Domain Servers) share the same subnet.

The MDS-1 and MDS-2 will be placed in different locations.
As far as i could understood in the "Multi-Domain Security Management R80.30 Administration Guide" its possible to have a "Multi-Site High Availability Deployment" configuration, which is precisely what i need.

Question is, what is the simplest way to make this change ?

  1. Change the IP in the MDS-2 and all the DMS's running on it;
  2. Delete MDS-2 and create a new MDS-2 and new DMSs for each Domain;

I will have pros and cons on both of them, SIC re-establishment, license, settings in specific files, etc...

Thanks in advance for your help 🙂
Bruno

0 Kudos
1 Solution

Accepted Solutions
Maarten_Sjouw
Champion
Champion

I fully agree with Kapars on this, the simplest way is to delete de backup machine and rebuild in a new network and if you are not comfortable with not having a backup system all the time you could add a third instead, re IP the license install that on the new backup system and first build MDS-3 and when done and happy remove MDS-2.

Regards, Maarten

View solution in original post

3 Replies
Kaspars_Zibarts
Authority
Authority
I would go with rebuild to have clean and solid start and to avoid any gremlins with IP change. It does take that long. Of course considering number of domains 🙂 I have rebuild our production MDS from scratch after total failure and backup being corrupted in two hours I believe. 19 domains
Maarten_Sjouw
Champion
Champion

I fully agree with Kapars on this, the simplest way is to delete de backup machine and rebuild in a new network and if you are not comfortable with not having a backup system all the time you could add a third instead, re IP the license install that on the new backup system and first build MDS-3 and when done and happy remove MDS-2.

Regards, Maarten

View solution in original post

Bruno_Petronio
Contributor

Thanks Maarten, Kaspars,

 

Just want to share my experience with the others about some challenges i had.

  • License:
    • When importing the new generated license for the migrated MDS, i could only do it through SmartUpdate. Not possible ("valid") via CLI or WebUI; 
    • Even though, i can see the license is valid for MDS, for the Domain Management Server it continues saying its trial;
    • I think I'm facing the sk115720 . Waiting for the "Last Judgement Day";
  • Radius authentication via SmartConsole:
    • After configuring MDS with new installation and add it in the MDM environment as a new Secondary MDS Server, i was no able to connect via SmartConsole with Radius users/authentication but i was able to ssh/WebUI to it with Radius users;
    • After some troubleshoot, i realized that the Radius call was never being made when using the SmartConsole;
    • After mdsstop/mdsstart it worked. Thanks for sharing your experience in this thread;

 

With My Best Regards,

Bruno Petrónio

0 Kudos