You must have already deployed and configured each appliance, as described in Configure the Sheriff CSM Hardware.
You must have configured the following:
Important: When setting up HA in Sheriff CSM Enterprise systems, the root user password must not contain the following characters: ? * [ ] { } ! \ ^ $ " / ' ` < > |
Log into the secondary Enterprise Server, jailbreak the console, and set HA values, as described in Configuring High Availability for Sheriff CSM Standard Servers.
Configure the secondary Enterprise Database:
/etc/vigilante/vigilante_setup.conf
, as indicated in the angle-bracketed variables: ha_heartbeat_start=yes ha_local_node_ip=<slave_database_admin_IP> ha_other_node_ip=<master_database_admin_IP> ha_role=slave
Log back into the secondary Enterprise Server node and jailbreak the console.
At the command line prompt, enter:
screen sheriff-ha-assistant -e
Note: Use screen to keep the process running in the background even when the session disconnects.
Check that the secondary node is up and running by executing:
sheriff-ha-assistant -s
The system prompts you for the primary (master) root user password.
Enter the password, then wait approximately five minutes until a screen appears, showing a value of Heartbeat status=Running.
Follow the steps in Configuring HA in the Secondary Enterprise Server and Database, but in /etc/ossim/ossim_setup.conf, make the changes shown in the angle-bracketed variables below:
ha_heartbeat_start=yes ha_local_node_ip=<master_database_admin_IP> ha_other_node_ip=<slave_database_admin_IP> ha_role=master
Log into the primary, or master, Enterprise Server, jailbreak the console, and, at the command line prompt, enter:
screen sheriff-ha-assistant -e
Note: Use screen to keep the process running in the background even when the session disconnects.
Log into the secondary Enterprise Server.
Add the primary Enterprise Database to the secondary Enterprise Server node, using the command:
sheriff-api add_system --system-ip=<master_database_admin_ip> --password=<root_password_to_master_database>
Log into the primary Enterprise Server node as previously described, and add the secondary Enterprise Database:
sheriff-api add_system --system-ip=<slave_database_admin_ip> --password=<root_password_to_slave_database>
Using the virtual IP address referenced in ossim-setup.conf, launch the Sheriff CSM web interface in a browser.
Go to Configuration > Deployment > Components > Sheriff Center. Both databases should be visible, including the one functioning as a secondary, or slave, database.