To configure an EMS server as a fault-tolerant backup, set these parameters in its main configuration file (or on the server command line):
● server Set this parameter to the same server name in the configuration files of both the primary server and the backup server.
● ft_active In the configuration file of the primary server, set this parameter to the URL of the backup server. In the configuration file of the backup server, set this parameter to the URL of the primary server.When the backup server starts, it attempts to connect to the primary server. If it establishes a connection to the primary, then the backup server enters standby mode. If it cannot establish a connection to the primary, then the backup server assumes the role of the primary server (in active mode).While the backup server is in standby mode, it does not accept connections from clients. To administer the backup server, the admin user can connect to it using the administration tool.EMS authorization interacts with fault tolerance. If authorization is enabled and the two EMS Servers are configured for fault tolerance, then both servers in a fault-tolerant pair must be configured as follows:
● The tibemsd.conf file for each server must have the same server name and password (the server and password parameters must be the same on each server).
● The user name and password in the users.conf file for each server must match the values of the server and password parameters in the tibemsd.conf file.
If the two EMS Servers are not sharing a users.conf file, make sure that you create a user with the same name as the EMS Server, and set the user's password with the value of the "server" password.For example, you have two EMS Servers (Server 1 and Server 2) that are named "EMS-SERVER" and are to use a password of "mySecret", but which do not share a users.conf file. To set the user names and passwords, start the EMS Administration Tool on each server, as described in Using the EMS Administration Tool, and do the following.Parameters in the main configuration file (tibemsd.conf) affect this behavior. The relevant parameters all begin with the prefix ft_ssl.The server initializing a secure connection to another server uses the ft_ssl parameters to determine the properties of its secure connection to the other server. The receiving server validates the incoming connection against its own ssl_ parameters. For more information about ft_ssl parameters, see Fault Tolerance Parameters. For more information about ssl_ parameters, see SSL Server Parameters.When a backup server assumes the role of the primary server during failover, clients attempt to reconnect to the backup server (that is, the new primary) and continue processing their current message state. Before accepting reconnects from the clients, the backup server reads its message state from the shared state files.You can instruct the server to clean up state information for clients that do not reconnect before the time limit specified by the ft_reconnect_timeout configuration parameter. The ft_reconnect_timeout time starts once the server has fully recovered the shared state, so this value does not account for the time it takes to recover the store files. See ft_reconnect_timeout on page 187 for details.When configuring a fault tolerant pair that does not share state, you must ensure that both servers use identical configurations. This is especially important for these configuration settings:
● Destinations Both servers must support the same destinations.
● Routes Messages must be able to arrive at the endpoints, using equivalent or identical routes across servers.
● Access Control Access control must be setup identically in both servers, so that the users.conf, groups.conf, and acl.conf file settings match.
● SSL When SSL is deployed, both servers must use the same certificate(s).
Copyright © TIBCO Software Inc. All Rights Reserved.