PK Protect has the option to set up failover recovery for the controller. In the case of controller failure, all saved data will transfer to the secondary controller. Detection and protection tasks that are running when the primary agent or controller goes down may have to be re-run. However, HDFS tasks that are running when the primary controller goes down will continue to run once the secondary controller comes online.
To implement the single node recoverability in both the controller and IDP side, Configure the following properties:
Enable the EnableHDFSAgentHighAvailability=Y in ProjectParams.properties file. If the Controller goes down, on coming up, it will remember all the tasks it submitted to various IDPs and ping them to get their statuses.
Enable the HA.enabled=Y property in HDFSAgentConfig.properties file. If any IDP goes down, upon coming up, it will remember all the tasks which were in the middle of the execution. Also, it will try to restart or get statuses for those tasks.
Perform the following steps to set up high availability:
Install the first instance of PK Protect and once the installation is complete, stop the Tomcat service of this instance.
Install the second instance of PK Protect on a different machine using the same metadata repository of the first instance. Once the installation is complete, stop the Tomcat service of this instance.
Start Tomcat from any of the above two PK Protect instances but make sure Tomcat service is running only for one instance at any given time.
Login to Admin for the instance on which the Tomcat service was started.
You can manage the High Availability (HA) feature through the HA Management screen. Access the HA Management screen by clicking the HA option in the left side pane. The HA Management screen is depicted below:
Perform the following steps to manage high availability:
Select the HA option from the dropdown. The options are:
None: The High Availability feature will not be set.
Warm Standby: You can run two instances with only one active instance. In case the primary instance goes down, you need to make the secondary instance active. To know more, refer Warm Standby.
The main component of PK Protect is the DG controller which is backed up by another controller in warm standby mode. The other controller is activated when the primary controller goes down. Warm Standby configuration enables two PK Protect Instances to point at the same backend database (metadata repository). One important condition for Warm Standby to work is that only one of the Tomcat Services should be up at any time.
When warm standby is enabled by selecting Warm Standby as the HA option, the user can select which instance should be considered active. Select the passphrase that will be used when switching active instances.
Switching Active Instance:
When the user tries to bring up the Secondary Instance, the user will see the following screen:
When PK Protect is starting up, it checks the DBMS table in the metadata repository to verify if the Warm Standby option is selected.
Then checks if another instance is Active. If another instance is Active, PK Protect gives the below warning.
Click Override Active Instance.
A message is displayed asking the user to confirm the instance is not running. Click Yes.
PK Protect asks for another verification that the user wants to switch active instances. Click Yes.
Enter the Passphrase. It needs to be set from the Admin HA screen when the user configures Warm Standby.
After authenticating, switch the Active Instance and user will be redirected to login screen.
User should not be able to log into main UI of Inactive PK Protect Instance. Instead, they will get an error message “Please configure this instance as the Active one in Admin.” If Active Instance is switched, PK Protect invalidates all the active sessions to avoid multiple login sessions from both instances.