Host-based Failover (Local HA)
In this configuration Security Manager is installed on a virtual machine on an ESXi host within a VMware cluster. In the event of a hardware failure on the existing ESXi host, the host-based failover configuration automatically starts up the same virtual machine (VM) on another host within the VMware cluster.
The VMware HA agent monitors the heartbeats, which are sent every second (by default), between the primary and the secondary hosts to detect host failure. It is recommended that you configure redundant heartbeat networks. This allows reliable detection of failures and helps to prevent isolation conditions from occurring.
The same primary VM, with the same Operating System and Application Volume, is started on a different ESXi host. The hostname and IP address remain the same in host-based failover configuration. This configuration works with shared SAN infrastructure between the physical hosts. This process of failover to another host may take few minutes.
Note |
The following configuration is meant for reference only. You must refer to the VMware documentation for the specific steps to set up the VMware infrastructure. The steps described in this chapter are not Security Manager specific steps. |
Prerequisites for Creating VMware HA Clusters
The following prerequisites must be met for creating VMware clusters:
-
All virtual machines and their configuration files must reside on shared storage, such as a Storage Area Network (SAN).
-
The ESXi hosts must be configured to have access to the same virtual machine network.
-
Each host in the VMware HA cluster must have a host name assigned to it and a static IP address.
-
There must be CPU compatibility between the hosts. An ideal cluster is a cluster with exactly the same hardware and memory size.
-
It is recommended that you use redundant Service Console and VMkernel networking configuration.
Configuring Security Manager for Host-based Failover
Follow these steps to configure Security Manager for host-based failover:
Procedure
Step 1 |
Configure two physical hosts that meet the requirements described in the Deployment Planning Guide for Cisco Security Manager 4.24.
|
||
Step 2 |
Install VMware ESXi on each of the hosts that you created in Step 1. |
||
Step 3 |
Create a VMware cluster and add the hosts to the cluster. |
||
Step 4 |
Configure vSphere HA settings on the ESXi hosts. See VMware documentation for more information. |
||
Step 5 |
Create a VM on one of the ESXi hosts. See Deployment Planning Guide for Cisco Security Manager 4.24 for more information. |
||
Step 6 |
Install Security Manager on the VM you created in Step 5. See Installation Guide for Cisco Security Manager 4.24 for more information. |
||
Step 7 |
Start Security Manager. In the event of a hardware failure on the ESXi host on which Security manager is installed on a VM, the VM is moved to the other ESXi host within the cluster and the VM is started. This movement takes a few minutes to complete and hence there is a downtime. |
Limitations
The following limitations exist in the host-based failover configuration:
-
You need to manually restart the virtual machine on the failed host.
-
If an application stops running on the VM on a failed host and the application data becomes corrupt, then even though the VM is manually restarted after the failover, the application may still remain unusable.
-
If a host in the VMware cluster loses its connection to the heartbeat network but the host itself is running, it is isolated from the cluster. In this event, VMware High Availability solution waits for 12 seconds before it decides that the host is isolated from the cluster.
Note |
Application-based monitoring is not supported in Security Manager. This means that if a Security Manager process stops running, it will not be restarted automatically. You must manually resolve the problem and restart the process, and then manually restart Security Manager. |