This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
jwmac
Participant
‎2018-04-20 07:59 AM

Shutting Down Checkpoint ClusterXL

I have a couple of simple questions regarding the shut down procedure for a checkpoint cluster. I have a 2 node Cluster running in HA new mode (not legacy) in active/standby non bridge mode.

1.    If I need to move the hardware or rerack, etc, and need to completely power off the gateways/cluster. What is the proper process to gracefully shutdown all nodes in a cluster?

2. If I am moving the internal interfaces to a new core switch on both checkpoint gateways in the cluster and thereby need to physically disconnect all interfaces on both gateways at the same time, what is the proper way to do this without causing an unwanted failover?  Should I completely power off the gateways or just shutdown the cluster software via some method? Something else?  How would I do this?

Thanks

4 Replies
PhoneBoy
Admin
Admin
‎2018-04-20 10:24 AM

For temporarily shutting down individual nodes of a cluster, there is no special procedure.

Make sure the unit is halted using the "halt" command on the CLI or similar using the Gaia WebUI.

I'm curious why you think you need to disconnect ALL interfaces rather than, say, the ones you're changing. 

Also, how long will it take to physically swap the cables?

That will probably determine the best approach to take. 

0 Kudos
jwmac
Participant
‎2018-04-20 03:09 PM
In response to PhoneBoy

I have both nodes connected via 802.3ad LAG to the core switches that will be replaced.  These bonds are what handle all internal traffic. What I mean by ALL interfaces is I will be disconnecting these bonded interfaces which connect to the core.  It will probably take at least a minute to move the interfaces to the new core switches. 

I don't want to cause an inadvertent failover when I move the interfaces on the Master gateway which is why I ask question 2. Ideally I would like to temporarily stop/disable the cluster to prevent a failover from happening when moving the interfaces on the master, not sure how to do this.  Should I halt the standby node?  Would cphastop work and then run cphastart after moving interfaces?  I want to make sure I have the safest procedure..

0 Kudos
PhoneBoy
Admin
Admin
‎2018-04-20 09:24 PM
In response to jwmac

If you check out the ClusterXL Admin guide, it suggests that cphastop should only be run by cpstop.

As such, a cpstop would probably be safer as it stops all related processes/sync and a bit quicker than a reboot.

After you've swapped the cables, you can do a cpstart.

0 Kudos
Victor_MR
Employee
Employee
‎2018-04-21 01:50 AM

I'm also curious about this:

...need to physically disconnect all interfaces on both gateways at the same time, what is the proper way to do this without causing an unwanted failover?

I see you're worried about preventing fail-overs in the cluster. However, if you're going to shutdown all the members, and also to disconnect the interfaces from both at the same time, why worring about fail-overs? I just want to be sure I'm understanding the situation 🙂