Configure a Cluster

Configure a cluster from the Clustering option in the UI. Configure each member in the cluster individually then activate the cluster by turning on synchronization. The exception to this rule is the configuration of third-party authentication, which is replicated.
capam332
Configure a cluster from the Clustering option in the UI. Configure each member in the cluster individually then activate the cluster by turning on synchronization. The exception to this rule is the configuration of third-party authentication, which is replicated.
You configure the cluster on a Primary Site member.
Follow these steps:
  1. Select
    Configuration
    ,
    Clustering
    .
    The
    Clustering
    page appears with the
    Local Settings
    tab selected.
  2. Generate a Shared Key by entering a Passphrase and selecting
    Generate Key
    , unless you use another method to do so. This
    cryptographic key ensures secure communications between the clustered appliances. All members of all sites in the cluster must use the same key value. (Do not use the same shared key on separate clusters.) To share the key, manually add the same key to all
    CA PAM
    instances that are part of the cluster.
    The
    Generate Key
    button is disabled in FIPS Mode, and you must provide the
    Key
    . You can use a third-party tool or this OpenSSL command in Linux or Cygwin:
    openssl rand -hex 16
  3. Select the interface that is used for communications between the clustered appliances and select
    Save Config Locally
    . The same interface must be used by all the clustered members.
    This interface is dimmed and unavailable if AWS or Azure is being used.
  4. Select the
    Global Settings
    tab.
  5. Under
    Multi-Site
    , determine the behavior of the secondary site when the primary site is unavailable. To change the behavior globally, first turn off the cluster. The options for the secondary site are:
    • Operationally Safe
      • Users can view passwords from the local
        CA PAM
        database.
      • Users can continue to access devices and can create sessions to devices.
      • All workflow functions are disabled. These functions are check-in/check-out, dual authorization, credential rotation, Service Desk integration, and reason to view credentials.
    • Security Safe
      • Users cannot create sessions to devices that are configured for auto-login using Credential Manager.
      • Users cannot view passwords.
    Workflow functions are not available when the primary site is down.
  6. On Secondary sites, the
    Disaster Recovery
    tab
    defines the behavior of an
    individual
    secondary site member in case the primary site fails. For a secondary member to behave in Operationally Safe mode, keep the
    Run Secondary Site in Operationally Safe Mode
    checkbox selected. To run in Security Safe mode, clear this checkbox.
  7. Use the buttons under
    Sites
    on the
    Global Settings
    tab to add primary and secondary sites and administer them. Add a site manually or load the configuration from an existing cluster member. See Add a Cluster Site for instructions.
  8. To receive email notifications of the following types of cluster events, select the
    Notification
    tab then set the
    Enable Email Notifications
    option:
    • Group Replication Quorum Failure
      : Notifies the configured administrator when a MySQL group replication quorum failure has occurred.
    • Group Replication Quorum Recovery
      : Notifies the configured administrator when a MySQL group replication quorum failure has occurred and that
      CA PAM
      is going to reboot each member of the cluster.
    • Member - Out of Sync
      : Notifies the configured administrator when a cluster member has now been marked out of sync.
    • Member - Timeout
      : Notifies the configured administrator when a cluster member has timed out.
    • Member - In Sync
      : Notifies the configured administrator when a cluster member that was previously out of sync is now in sync again.
    Email notifications are sent to the
    Admin Email
    that is set at
    Configuration
    ,
    Monitor
    . This setting is not replicated, so each primary member needs the email set separately. Each member should have the same monitor settings.
Cluster Tuning
Use cluster tuning
only
with the direction of
Broadcom Support
. To change configuration items that are not already visible on the Clustering page, follow these steps:
  1. Ensure that the Cluster is off.
  2. Go to the
    Configuration
    ,
    Diagnostics
    ,
    System
    page.
  3. Find
    Cluster Tuning Mode
    . Select the
    On
    button.
  4. Go to the
    Configuration
    ,
    Clustering
    page.
  5. Select the
    Tuning
    tab.
  6. Inspect and modify the following settings as directed by
    Broadcom Support
    :
    • Enable Cluster Status Replication Timestamps:
      When you select this option, two more columns appear for Site Members on the Status tab. A replication sample is sent from each member every minute. The column values are updated every five minutes. Select the
      Refresh Replication Status
      button to update the status immediately. These times will usually not differ between Primary Site members which are sending to and from each other, due to group replication.
      • Last Replication Sample Received:
        The elapsed time since this member last received a replication sample from the primary site or secondary leader.
      • Last Replication Sample Sent:
        The elapsed time since this member last sent a replication sample to the primary site or secondary leader.
    • Duration to Preserve MySQL Binary Logs (hours):
      Replication uses these logs to keep secondary sites in sync. If a secondary site goes further out of sync than logs are available, the entire database must be delivered to the site. The default value is 24 hours.
    • Time of Day to Perform Log Trim and DB Dump:
      The UTC time to perform this action.
    • Primary Member Recovery Period (hours):
      If a primary site member goes further out of sync than this period, the entire database must be delivered to the member. The default value is 24 hours.
    • Cluster Database Consistency Check Period (minutes):
      Configure how often, in minutes, the sync status is updated across the cluster. The default value is 5 minutes.
    • Allowed Replication Lag Before Secondary Member Warning (minutes):
      When a Secondary member loses connectivity with the primary site, it receives a warning after this duration.
    • Allowed Replication Lag Before Secondary Member Out-of-Sync (minutes):
      When a Secondary member loses connectivity with the primary site, it is marked Out-of-Sync after this duration.
    • Allowed Replication Lag Before Secondary Member Deactivation (minutes):
      When a Secondary member loses connectivity with the primary site, it is marked as Deactivated after this duration.
    • Database Connection Timeout (minutes):
      If the primary site cluster members detect quorum loss, wait for this duration before initiating quorum loss mode. If you set this value too low, you risk false alarms. Switching into quorum loss mode and back is time-consuming.
Next Steps