Appliance General FAQ
From Swivel Knowledgebase Wiki
Appliance General FAQ
Q). What appliance versions are there
A). The following PINsafe appliances exist
ID Appliance running the Engarde OS
ID Appliance running Redhat Linux
Dell PINsafe Appliance running Redhat Linux
Dell PINsafe Appliance 2 running Redhat Linux
see also Appliance Versions FAQ
Q) How do I tell my appliance is synchronised
See the following article: MySQL Database How To Guide specifically Active/Active appliance replication synchronisation check]
Q). What appliance do I have? Am I running standalone, Active/Passive, Active/Active, or a DR?
A). A lot of installs appear to be the same from the external view, and may require command line access to determine the type.
Standalone: Running on its own using the internal PINsafe data store. A Standalone appliance may be Hardware or VMware.
Active/Passive: These are only hardware appliances and a VMware is not available. HA pair with a cross over cable between the secondary interface, it uses a Virtual IP address that switches from the Active machine to the standby machine when it is fails over and file replication to share data between systems, using a process called drbd. In this configuration there is only one PINsafe instance to configure, the entire file system including the PINsafe application automatically fails over. This system may not scale to more than 2 PINsafe servers. To see if this system is running enter:
cat /proc/drbd
Expected Results:
primary
drbd driver loaded OK; device status:
version: 0.7.14 (api:77/proto:74)
SVN Revision: 1989 build by buildcentos@build-i386, 2006-03-18 19:03:54
0: cs:Connected st:Primary/Secondary ld:Consistent
ns:8492552 nr:22716 dw:8515268 dr:284982 al:106 bm:2286 lo:0 pe:0 ua:0 ap:0
secondary
drbd driver loaded OK; device status:
version: 0.7.14 (api:77/proto:74)
SVN Revision: 1989 build by buildcentos@build-i386, 2006-03-18 19:03:54
0: cs:Connected st:Secondary/Primary ld:Consistent
ns:22716 nr:10565672 dw:10588388 dr:36158 al:20 bm:128 lo:0 pe:0 ua:0 ap:0
Active/Active: These may be hardware or VMware. Each PINsafe server is able to receive authentication requests regardless of the state of the other. On the appliance this will be used with a MySQL database, although it would be possible to use another external Database. Using the Virtual IP address is optional. To verify it is in active/active mode, check from the PINsafe Administration console to see if the MySQL database is being used and mode is synchronised.
DR or Slave: These may be hardware or VMWare. Here each PINsafe server is able to receive authentication requests regardless of the state of the other. The appliance may appear to be Active/Passive if the deployment scenario directs all authentication requests to one PINsafe server, although it is an Active/Active deployment. On the appliance a MySQL database is used, although it would be possible to use another external Database. To verify it is in DR or slave mode and not an Active server, check from the PINsafe Administration console to see if the MySQL database is being used and mode is slave.
Q). Which video ports should be used?
A). The DELL appliances have onboard VGA cards but these are non functional when a DRAC card is installed in the PCI slot of the appliance.
Q). What are the default IP addresses of the appliance?
A). The following default IP addresses are used:
Standalone/DR ETH0 192.168.0.35
Primary of A/A ETH0 192.168.0.36 ETH1 172.16.0.1
Standby of A/A ETH0 192.168.0.37 ETH1 172.16.0.1
A/A VIP 192.168.0.38
Q). If I am not using the VIP what should I use instead?
A). Leave the default IP. Ensure that Heartbeat and Mon are set not to run at boot (this is the default)
Q). Does the appliance automatically adjust for daylight savings?
A). Yes the PINsafe appliance will automatically adjust for daylight savings appropriate for the timezone.
Q). Can I upgrade a standalone appliance to an A/A appliance?
A). No, the appliance build is different and would need to be replaced by an A/A appliance pair.
Q). Can I install A/A appliances in separate subnets or locations?
A). If the VIP is being used then the PINsafe servers must be in the same broadcast domain, see VIP on PINsafe Appliances. If the Session Sharing is being used, then the PINsafe servers must be in the same multicast domain. If the VIP and Session Sharing are not used, then the servers may be in different subnets, with a direct link between the secondary Ethernet ports ETH1. It is not recommended but may be possible to put an A/A pair of appliances in different geographical locations, reliable links with adequate bandwidth must be in place to ensure the databases maintain synchronisation. The standard practice is to place an A/A pair at a single location and a DR appliance at a DR site for use if the primary site is not available.
Q). What PINsafe Appliance Hardware Support is available?
A). The hardware support is provided by Dell and is 24 x 7 if the hardware is within the support contract time period, i.e has not expired. Dell usually perform remote-diagnostics and if it is required to send an engineer to site, the engineer will be on-site within 4 hours. Note this support is only valid for the country of sale, unless Swivel Secure have been notified in advance that the hardware has been shipped to a differing country. For more information contact Swivel Secure support.
Q). What PINsafe Appliance Hardware Specification?
A). For the Hardware Appliance Specification see Hardware Appliance Specification
