Digg this!
Del.ico.us
Google
Yahoo bookmarks
Reddit
Spurl
SimpyHow to configure WiKID for Replication
The last thing you want is a hardware failure to knock your remote access services offline. Setting up your WiKID two-factor authentication servers for replication will allow quick recovery in the event of a failure.
First, validate that both machines have the same time otherwise you will have some issues. If they are too far apart, you can reset the time using the date command:
# datewill show the current date and time. It can be set by using ntpdate
# ntpdateIf you are running a non-appliance version of WiKID, be sure that you have installed the compatibility library:
yum install compat-libstdc++-296
Now set up the master server as you normally would, without replication (that is, when prompted during the setup command, select No for replication). Once the master is configured with a certificate, any network clients, etc., stop the server. Currently, each time you add a new network client you will have to rerun the sync command, so it is best to set up all the network clients first.
Now install the slave server and run setup. When prompted about replication, select Y and set it as the slave. Enter the IP address of the master. Do not start the slave server yet.
Return to the Master and re-run the setup command ('wikidctl setup' on the 3.x servers). Select No when asked if you want to change the networking and you will get to the replication prompt. Select Yes to configure replication. Choose Master and enter the IP address of the slave server. Enter the passphrase for root on the slave when prompted. With the wikid server stopped, sync the master to the slave by running this command on the Master:
wikidctl syncOn 2.x servers, the command is:
synch
This command will copy all the files and the database to the slave. It will over-write those files.
Start the servers, starting with the slave. Be sure to always start the slave server first! You should see a confirmation that replication started on both servers.
Testing replication and recovery
Create a new user in the Master and check the logs. Now, stop the Master and stop the slave and then on the slave server, type:
wikidctl promoteChoose Y to indicate that you want this server to be the master. It is ok to enter the IP address of the old Master as the new slave - it will not take affect if the master is not running. You will be prompted for the master's passphrase. Enter it and you will see the message "Replication role changed and configuration saved. You can now start this server". Start the server and browse to it's IP address. Check that the user added is in the database correctly. If so, replication is working.
To demote the slave server, simply run:
wikidctl demoteBefore starting the servers, it is good practice to rerun sync from the slave to the Master if you have made any changes.
N.B.:As of 3.0, the server can be started without a passphrase by creating /etc/WiKID/security and entering "WAUTH_PASSPHRASE=passphrase" on the first line. This allows a restart without manual intervention, required for automated failover.
