matt4 Trusted Contributor.
Trusted Contributor.
1167 views

Question on Published Host Name for Adv. Auth. Cluster

I have a question on setting up an Adv. Auth cluster. I've setup single-box Adv. Auth before (and put it behind NAM), but I haven't done a cluster and I'm not clear on what I should be using for the DNS entry on the master and cluster members. I plan on putting these behind a load balancer. Say I want a published DNS name of auth.mydomain.com. Where do I put that value? When you setup the master, it asks for the DNS name. Do I put the name I want it actually published as (auth.mydomain.com) or the actual DNS entry of the appliance I just built (e.g. server1.mydomain.com). What about on the cluster members? The docs weren't clear to me. Is it possible to change this name after the fact as well?

Thanks.

Matt
0 Likes
3 Replies
Micro Focus Contributor
Micro Focus Contributor

Re: Question on Published Host Name for Adv. Auth. Cluster

1. While installing first AA server(Global Master), select "New Cluster" in the "Mode" page
2. And then you must specify the FQDN of the server which is getting installed in the "DNS hostname" page. For that you must first add the host name of that server in your DNS server. Eg: aa.domain.com and map the IP address of the AA server you deployed.

Note: If you have configured the reverse look up entries in DNS server then the FQDN will be automatically fetched. You need not enter it manually in the "DNS hostname" page. If reverse lookup isn't configured the server IP address will be fetched and you can edit it manually.

Note: You may not be able to change this setting later after the server installation is done.

In order to pair up another server to the cluster,

1. Install one more server instance and select "Existing Cluster" in "Mode" page and provide the FQDN of the server which is getting installed now in the "DNS hostname" page.
2. Then in the next screen you have to provide the Local\admin 's password which you have set for the first AA server you installed.
3. Login to the first AA server 's admin web portal and navigate to the cluster page
4. Click Register new site in Cluster.
5. Specify the FQDN of the second server you are trying to install
6. Specify a name of the new site in Site name.
7. Click Register.
8. Go to the new server and click Next.
9. Then click Copy.

You can follow the same procedure by clicking "Register the new server" from cluster page suppose if you want to setup cluster inside a same site

Note: The server will be automatically restarted within 60 seconds after the database completes copying from a Global Master server.

You should not configure the load balancer host name anywhere in the AA installation. After installation you can configure the load balancer IP under Policies -> Public external URLs (load balancers). You can refer the documentation for more details on configuring load balancer addresses based on sites - https://www.netiq.com/documentation/advanced-authentication-61/server-administrator-guide/data/configuring_policy.html#t43x2jo974d2

Hope this helps. Please let me know in case you have any other question.
0 Likes
matt4 Trusted Contributor.
Trusted Contributor.

Re: Question on Published Host Name for Adv. Auth. Cluster

Thanks. This does help. I think the piece I was missing was the Public External URLs.

But I am still a little confused by the whole Clustering setup. If I only have 2 appliances in the same data center, do I just create a single site and add the second server to that site? Or do I create a second site still? There terminology is very confusing to me. Do I need more than 2 appliances ideally to do this?

Thanks.

Matt
0 Likes
Micro Focus Contributor
Micro Focus Contributor

Re: Question on Published Host Name for Adv. Auth. Cluster

matt;2492551 wrote:
Thanks. This does help. I think the piece I was missing was the Public External URLs.

But I am still a little confused by the whole Clustering setup. If I only have 2 appliances in the same data center, do I just create a single site and add the second server to that site? Or do I create a second site still? There terminology is very confusing to me. Do I need more than 2 appliances ideally to do this?

Thanks.

Matt


If you have only two servers and both of them residing in the same Geo-location or data center then it's not required to create sites. So instead of selecting "Register new site" in 4th step you can click "Register new server" and continue with the other steps.

Basically the terminology "site" is to describe different Geo Locations
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.