×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Documentation update

   

To provide a better user experience, we have now created a separate documentation space for BMC Helix Automation Console (previously called BMC Helix Vulnerability Management).
Users of BMC Helix Automation Console can find the latest documentation at BMC Helix Automation Console. Open link .
TrueSight Automation Console 21.02 ... Installing Configuring after installation

Configuring application clusters

For a medium or large sized deployment, an administrator deploys multiple instances of the TrueSight Automation Console application server component and creates an application cluster. You must configure a cluster of application servers to replicate information, so if one fails, other members of the cluster have access to the same information. 

You can use any proxy solution to configure application clusters. This topic provides instructions on how to share data in a TrueSight Automation Console (on-premises) application cluster using the High Availability Proxy (HA Proxy) solution. 

Configuring an application cluster using HA Proxy

  1. On a host where the Automation Console application is not installed, run the following command to install HA Proxy.

    yum install haproxy

    A configuration file, haproxy.cfg gets created in the /etc/haproxy directory.

  2. Navigate to the /etc/haproxy directory and replace the content in the default haproxy.cfg file with the following content. 

    #---------------------------------------------------------------------
#Exmple configuration for a possible web application.  See the
# full configuration options online.
#
#   http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------

#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
    # to have these messages end up in /var/log/haproxy.log you will
    # need to:
    #
    # 1) configure syslog to accept network log events.  This is done
    #    by adding the '-r' option to the SYSLOGD_OPTIONS in
    #    /etc/sysconfig/syslog
    #
    # 2) configure local2 events to go to the /var/log/haproxy.log
    #   file. A line like the following can be added to
    #   /etc/sysconfig/syslog
    #
    #    local2.*                       /var/log/haproxy.log
    #
    log 127.0.0.1 local2

    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon

    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats

defaults
        timeout server 86400000
        timeout connect 86400000
        timeout client 86400000
        timeout queue   1000s


frontend localnodes
bind *:<portNumber>
    mode tcp
    default_backend http_1


# Learn SSL session ID from both request and response and create affinity.
backend http_1
    mode tcp
    balance roundrobin

    # maximum SSL session ID length is 32 bytes.
    stick-table type binary len 32 size 30k expire 30m

    acl clienthello req_ssl_hello_type 1
    acl serverhello rep_ssl_hello_type 2

    # use tcp content accepts to detects ssl client and server hello.
    tcp-request inspect-delay 5s
    tcp-request content accept if clienthello

    # no timeout on response inspect delay by default.
    tcp-response content accept if serverhello

    # SSL session ID (SSLID) may be present on a client or server hello.
    # Its length is coded on 1 byte at offset 43 and its value starts
    # at offset 44.
    # Match and learn on request if client hello.
    stick on payload_lv(43,1) if clienthello

    # Learn on response if server hello.
    stick store-response payload_lv(43,1) if serverhello

     server server1 <IPAddress_hostA>/<FQDN_hostA>:<portNumber>
     server server2 <IPAddress_hostB>/<FQDN_hostB>:<portNumber>

  3. Open the file in a text editor, and locate the frontend localnodes section and replace <portNumber> with the secure port used to access the Automation Console application. 

    Example 
    frontend localnodes
bind *:10443
    mode tcp
    default_backend http_1


  4. At the end of the file, replace <IPAddress_hostA>/<FQDN_hostA> with the Fully Qualified Domain Name or IP Address of the application server host and port number with the secure port used to access Automation Console application. 
    Increase the number of entries based on the number of applications you have installed. For example, if you have four instances of application, add four server counter entries. 

    Note

    You must specify the same port number for all the application servers.


  5. Save changes and run the service haproxy restart command to restart the HA Proxy service.

Related topics

Deployment scenarios

Deployment sizing requirements

Was this page helpful? Yes No Submitting... Thank you
Last modified by Shweta Hardikar on Dec 08, 2020

Comments

  1. Sathish Kanth Swarna

    Are these steps validated by Product Development team?

    There is an defect around this #DRSMP-4658

    May 05, 2021 03:05
    1. Shweta Hardikar

      Hi Satish,

      Yes, they are, however, let me check and update the docs. 

      May 19, 2021 12:48
    1. Bipin Inamdar

      Thank you for your feedback on the documentation. We have entered the following internal tracking ID for this (DRSMP-6213) and will address your query as soon as possible.

      Jun 25, 2021 06:01

Log in or register to comment.

Migrating from a containerized database to an external PostgreSQL database
Adding a trusted certificate
© Copyright 2019 - 2021 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.