Fault Tolerance : Configuring Fault-Tolerant Servers

Configuring Fault-Tolerant Servers
Shared State
To configure an EMS server as a fault-tolerant backup, set these parameters in its main configuration file (or on the server command line):
server    Set this parameter to the same server name in the configuration files of both the primary server and the backup server.
ft_active    In the configuration file of the primary server, set this parameter to the URL of the backup server. In the configuration file of the backup server, set this parameter to the URL of the primary server.
When the backup server starts, it attempts to connect to the primary server. If it establishes a connection to the primary, then the backup server enters standby mode. If it cannot establish a connection to the primary, then the backup server assumes the role of the primary server (in active mode).
While the backup server is in standby mode, it does not accept connections from clients. To administer the backup server, the admin user can connect to it using the administration tool.
Authorization and Fault-Tolerant Servers
EMS authorization interacts with fault tolerance. If authorization is enabled and the two EMS Servers are configured for fault tolerance, then both servers in a fault-tolerant pair must be configured as follows:
The tibemsd.conf file for each server must have the same server name and password (the server and password parameters must be the same on each server).
The user name and password in the users.conf file for each server must match the values of the server and password parameters in the tibemsd.conf file.
If the two EMS Servers are not sharing a users.conf file, make sure that you create a user with the same name as the EMS Server, and set the user's password with the value of the "server" password.
For example, you have two EMS Servers (Server 1 and Server 2) that are named "EMS-SERVER" and are to use a password of "mySecret", but which do not share a users.conf file. To set the user names and passwords, start the EMS Administration Tool on each server, as described in Using the EMS Administration Tool, and do the following.
From the active (Server 1), enter:
   set server password=mySecret
   create user EMS-SERVER password=mySecret
From the backup (Server 2), enter:
   set server password=mySecret
   create user EMS-SERVER password=mySecret
From the active (Server 1), enter:
   set server authorization=enabled
From the backup (Server 2), enter:
   set server authorization=enabled
SSL
You can use SSL to secure communication between a pair of fault-tolerant servers.
Parameters in the main configuration file (tibemsd.conf) affect this behavior. The relevant parameters all begin with the prefix ft_ssl.
The server initializing a secure connection to another server uses the ft_ssl parameters to determine the properties of its secure connection to the other server. The receiving server validates the incoming connection against its own ssl_ parameters. For more information about ft_ssl parameters, see Fault Tolerance Parameters. For more information about ssl_ parameters, see SSL Server Parameters.
See Also
Chapter 18, Using the SSL Protocol
Reconnect Timeout
When a backup server assumes the role of the primary server during failover, clients attempt to reconnect to the backup server (that is, the new primary) and continue processing their current message state. Before accepting reconnects from the clients, the backup server reads its message state from the shared state files.
You can instruct the server to clean up state information for clients that do not reconnect before the time limit specified by the ft_reconnect_timeout configuration parameter. The ft_reconnect_timeout time starts once the server has fully recovered the shared state, so this value does not account for the time it takes to recover the store files. See ft_reconnect_timeout on page 197 for details.
Unshared State
When configuring a fault tolerant pair that does not share state, you must ensure that both servers use identical configurations. This is especially important for these configuration settings:
Destinations  Both servers must support the same destinations.
Routes  Messages must be able to arrive at the endpoints, using equivalent or identical routes across servers.
Access Control  Access control must be setup identically in both servers, so that the users.conf, groups.conf, and acl.conf file settings match.
SSL  When SSL is deployed, both servers must use the same certificate(s).