Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

ON THIS PAGE

Configure Security Director Insights High Availability

 

Security Director Insights supports two-node high availability (HA) with the following specifications:

  • Once you enable HA, one Security Director Insights virtual machine (VM) becomes the active node and another Security Director Insights VM becomes the standby node.

  • You must specify the virtual IP address assigned to the HA system to inject logs through the virtual IP address.

  • If the active node is abnormal or down, the failover to the standby node occurs automatically. You need not change anything when you inject logs.

This topic explains how to setup Security Director Insights HA.

Before You Begin

Before you enable HA:

  1. Read Security Director Insights High Availability Deployment Architecture.Note

    If you are using Policy Enforcer inside Security Director Insights and Policy Enforcer is not in HA, you must not deploy Security Director Insights in HA.

  2. The two Security Director Insights VMs must have the same Security Director Insights software versions. In each Security Director Insights VM, configure the following network interfaces to enable HA:

    • Eth0—For normal Security Director Insights data and management

    • Eth1—For HA monitoring

    Without the HA feature, Security Director Insights VM requires only a single network interface, eth0, for data and management. The standard Security Director Insights OVA deployment configures only the eth0 interface.

  3. Use the following procedure to configure IP addresses for the network interfaces:

    • Go to Security Director Insights CLI.

      # ssh admin@${security-director-insights_ip}

    • Enter the Settings menu.

      # server

    • View already configured IP addresses.

      # show ip

    • Configure the eth0 IP address.

      # set ip interface management address ${eth0_ip} gateway ${eth0_gateway} netmask ${eth0_netmask}

    • Configure the eth1 IP address.

      # set ip interface ha-monitoring address ${eth1_ip} gateway ${eth1_gateway} netmask ${eth1_netmask}

    • Verify the configured IP addresses.

      # show ip

    Note

    You must ensure that:

    • On each node, the IP addresses of the eth0 and eth1 interfaces are in different subnets.

    • The IP address of the eth0 interface of the active and standby nodes are in the same subnet.

    • The IP address of the eth1 interface of the active and standby nodes are in the same subnet.

Enable HA

Before you enable HA, you must add the active node.

  1. To add the active node:

    • Select Security Director > Administration > Insights Management > Insights Nodes.

      The Insights Nodes page appears.

    • Enter the IP address of the active node, admin password, and click Save.

  2. Once the active node is added successfully, toggle the Enable HA option on, as shown in Figure 1.
    Figure 1: Enable HA
    User interface for managing Insights Nodes with fields for IP Address, Username, SSH Password, Save and Clear & Save buttons, toggle for High Availability, node status as Standalone and Healthy, hostname fei-insight3-1, Refresh Data button, and navigation options.

    The HA Setup page appears.

  3. Complete the configuration according to the guidelines provided in Table 1, and click Save & Enable.

    Table 1: Fields on the HA Setup Page

    Setting

    Guideline

    Secondary Node Details

    Secondary system IP

    Enter the IP address of the eth0 interface of the standby node.

    Username

    Username is “admin” and you cannot modify it.

    Password

    Enter the Security Director Insights VM password.

    HA Settings

    Data Virtual IP/Netmask

    Enter the virtual IP address of the HA management interface.

    HA monitor Virtual IP/Netmask

    Enter the virtual IP address of the HA monitoring interface.

    Ping IPs

    (Optional) Enter one or more IP addresses that both nodes can reach to check the connectivity.

    You are taken back to the Insights Nodes page. You will see the status messages, as shown in Figure 2. Note that the HA enabling takes several minutes.

    Figure 2: Enable HA in Progress
    Web interface for enabling High Availability for Insights Nodes, showing configuration fields, status notifications, and node health status.
  4. Click Refresh Data.

    You will see intermittent status messages, as shown in Figure 3.

    Figure 3: Enable HA Intermittent Status
    Interface for enabling High Availability for Insight Nodes. Shows notification for enabling HA, primary node details fields, HA toggle on with virtual IPs, statuses of active node fei-insights3-2 as services offline and standby node fei-insights3-1 as healthy, and node details table with roles and statuses.
  5. Keep clicking the Refresh Data option until you see that:

    • Both nodes are healthy.

    • Data and management virtual IP addresses are the same as the ones configured on the HA Setup page.

    Figure 4 shows the status of the nodes once the HA is enabled successfully.

    Figure 4: HA Enabled
    Dashboard for managing a high availability setup for Insights Nodes. The active node fei-insights3-1 is healthy with primary Pgsql status. The standby node fei-insights3-2 is healthy with sync status. The high availability feature is enabled.

Manually Trigger Failover

You can initialize the HA failover if the active node encounters any issues.

To enable failover to the standby node:

  1. In the Insights Node page, click Failover under the active node, as shown in Figure 5.
    Figure 5: Initiate Failover
    High Availability interface with two nodes: Active node fei-insight3-1 is healthy and primary. Standby node fei-insight3-2 is healthy and in sync mode. Virtual IPs for data/management and monitoring are shown.

    A confirmation message appears, as shown in Figure 6.

    Figure 6: Failover Confirmation Message
    Dialog box titled Failover with message This will trigger a task Failover and buttons OK in blue and Cancel.
  2. Click OK.

    The failover action takes several minutes to complete. During the process, you will see intermittent status messages, as shown in Figure 7.

    Figure 7: Failover Intermittent Status
    Insights Nodes interface showing fei-insight3-1 as Healthy and fei-insights3-2 as Out of Sync. Action failover in progress.

    Once the failover is enabled, the original standby node becomes the new active node and the original active node is put in an offline mode, as shown in Figure 8.

    Figure 8: Standby Node Offline
    High Availability configuration interface showing fei-insights3-2 as active node with healthy status and fei-insight3-1 as offline standby node.
  3. To bring the new standby node back online, click Start, as shown in Figure 9.
    Figure 9: Start Standby Node
    Dashboard interface for managing high availability nodes with enabled HA toggle, two virtual IPs, and status indicators for active and standby nodes. Active node fei-insights3-2 is healthy, standby node fei-insight3-1 has services offline with options to rebuild or start.

    A confirmation message appears, as shown in Figure 10.

    Figure 10: Start Standby Confirmation
    Confirmation dialog box titled Start Standby with message This will trigger a task Start Standby and buttons OK and Cancel.
  4. Click OK to continue.

    The Start action takes several minutes to complete.

    Once the Start action is complete, the status of both the nodes shows online and healthy. The original active node is now online as a standby node, as shown in Figure 11.

    Figure 11: Standby Start Action
    Dashboard for managing Insights Nodes with high availability showing active node fei-insights3-2 as primary and healthy, and standby node fei-ingisht3-1 as streaming sync and healthy.
  5. If the standby node encounters any synchronization issues with the active node, click Stop under the Standby node.
  6. Click Rebuild to synchronize data between the two nodes.

Disable HA

To disable HA:

  1. In the Insights Nodes page, toggle the Enable HA option off.

    A confirmation message appears before HA is disabled, as shown in Figure 12.

    Figure 12: Disable HA Confirmation
    Dialog box titled Disable HA informing user that disabling HA returns system to Standalone mode and affects analytics service. Buttons OK and Cancel.
  2. Click OK to confirm the HA disabling.

Disabling HA takes several minutes. During the process, intermittent status messages are displayed, as shown in Figure 13. Keep clicking Refresh Data until HA is disabled successfully.

Figure 13: HA Disabling Status
Error notification: couldn't open db connection failed. Action notification: disable HA task started. Enable HA toggle off. Refresh Data button. Warning: task in progress, don't log out, click refresh data for updates.

Once HA is disabled successfully, you can see only the active node VM in the Insights Nodes page, as shown in Figure 14.

Figure 14: HA Disabled
Screenshot of Insights Node interface with hostname fei-insight3-1 showing healthy status, CPU usage 0.79 percent, memory usage 39.07 percent, online status true, role standalone. High Availability is off. Data and Monitoring Virtual IPs are N/A. Options to save, clear, or refresh data are available.

Upgrade HA

When a new Security Director Insights software version is available, perform the following procedure to upgrade the HA nodes. You must upgrade HA only from the active node for both the nodes to be upgraded.

  1. Go to Security Director Insights CLI.

    ssh admin@${active_node_ip}

  2. Enter the Settings menu.

    #server

  3. Obtain the software upgrade package.

    #set system-update copy user@${pkg_location_ip}:/${package_file_path/name}

  4. View the software upgrade package version.

    # show system-update versions

  5. Initiate the upgrade.

    # set system-update start software ${new_version}

    Command-line interface showing system update process. Version 20.3R1.449, size 1.97 GB, is ready for upgrade. Update initiated.
  6. Verify the HA upgrade status.

    # ha system-update status

    Wait until the upgrade is finished successfully in both active and standby nodes, as shown in Figure 15.

    Figure 15: HA Upgrade
    System update process completed successfully with timestamps and logs detailing preparation, system updates, reconfiguration, and data synchronization.

Related Documentation