Creating an HA Cluster
Pairing a primary host, secondary high-availability (HA) host, and a virtual IP address using JSA creates an HA cluster.
If external storage is configured for a primary HA host, you must also configure the secondary HA host to use the same external storage options. For more information, see the Juniper Secure Analytics Configuring Offboard Storage Guide.
Ensure that no undeployed changes exist before you create an HA cluster.
If disk synchronization is enabled, it might take 24 hours or
more for the data in the
on the primary HA host
to initially synchronize with the secondary HA host.
If the primary HA host fails and the secondary HA host becomes active, the Cluster Virtual IP address is assigned to the secondary HA host.
In an HA deployment, the interfaces on both the primary and secondary HA hosts can become saturated. If performance is impacted, you can use a second pair of interfaces on the primary and secondary HA hosts to manage HA and data replication. Use a crossover cable to connect the interfaces.
- On the navigation menu, click Admin.
- Click System and License Management.
- Select the host for which you want to configure HA.
- From the Actions menu, select Add HA Host and click OK.
- Read the introductory text. Click Next.
- Type values for the parameters:
Primary Host IP address
A new primary HA host IP address. The new IP address replaces the previous IP address. The current IP address of the primary HA host becomes the Cluster Virtual IP address.
The new primary HA host IP address must be on the same subnet as the virtual host IP address.
Secondary HA host IP address
The IP address of the secondary HA host. The secondary HA host must be on the same subnet as the primary HA host.
Enter the root password of the host
The root password for the secondary HA host. The password must not include special characters.
Confirm the root password of the host
The root password for the secondary HA host again for confirmation.
- To configure advanced parameters, click the arrow beside Show Advanced Options and type values for the parameters.
Heartbeat Interval (seconds)
The time, in seconds, that you want to elapse between heartbeat pings. The default is 10 seconds.
For more information about heartbeat pings, see Heartbeat ping testsYou can test the operation of the primary high-availability (HA) host by configuring the time interval of heartbeat ping tests..
Heartbeat Timeout (seconds)
The time, in seconds, that you want to elapse before the primary HA host is considered unavailable if no heartbeat is detected. The default is 30 seconds.
Network Connectivity Test List peer IP addresses (comma delimited)
The IP addresses of the hosts that you want the secondary HA host to ping. The default is to ping all other managed hosts in the JSA deployment.
For more information about network connectivity testing, see Network connectivity testsTo test network connectivity, the JSA Console automatically pings all existing managed hosts in your JSA deployment..
Disk Synchronization Rate (
The disk synchronization rate. The default is 100 MB/s.
Note: Increase this value to 1100 MB/s when you are using 10 G crossover cables.
Disable Disk Replication
This option is displayed only when you are configuring an HA cluster by using a managed host.
Configure Crossover Cable
Crossover cables allow JSA to isolate the replication traffic from all other JSA traffic, such as events, flows, and queries.
You can use crossover cables for connections between 10 Gbps ports, but not the management interface.
Select the interfaces that you want to connect to the primary HA host.
Note: All interfaces with an established link, or an undetermined link, appear in the list. Select interfaces with established links only.
Crossover Advanced Options
Select Show Crossover Advanced Options to enter, edit, or view the property values.
- Click Next, and then click Finish.
When an HA cluster is configured, you can display the IP addresses that are used in the HA cluster. Hover your mouse over the Host Name field on the System and License Management window.
- On the navigation menu, click Admin.
- Click Admin >Advanced >Deploy Full Configuration to enable network connectivity tests.