Configuring database replication - BlueCat Address Manager - 8.2.0

Address Manager Administration Guide

prodname
BlueCat Address Manager
version_custom
8.2.0

How to configure database replication.

Database Replication is supported between the following Address Manager disaster recovery systems:
  • identical Address Manager appliances models, such as two Address Manager 3000 appliances.
  • identical Address Manager virtual machines, such as two Address Manager 3000 VMs
  • matching Address Manager appliances and virtual machines, such as an Address Manager 3000 appliance and Address Manager 3000 VM
Configuring database replication requires administrator privileges. To configure database replication, you must first add the Primary server to the Standby server’s access control list so that the Primary server can access the Standby server for data replication.
  • Ports 22, 873, 1099, and 5432 must be open on the firewall between the affected Address Manager appliances and/or virtual machines.
  • ICMP (Internet Control Message Protocol) must be enabled on all Address Manager servers in replication. This allows the Primary to reach the Secondary and Tertiary servers.
  • The database version MUST match the current version of the Address Manager software
Attention: Address Manager firewall

Address Manager v8.2.0 introduces an Address Manager Firewall Service to improve Address Manager security and resolve the vulnerability described in Knowledge Base article 8127 on BlueCat Customer Care. The Address Manager Firewall impacts the creation of Address Manager database replication.

For customers upgrading to Address Manager v8.2.0 or greater who have applied Hotfix KB-8127 for Address Manager v8.1.x
  • Address Manager in replication: If you applied Hotfix KB-8127 to Address Manager servers in replication, you must first break replication, perform the upgrade to software version 8.2.0 or greater, then recreate replication after a successful upgrade. For complete details, refer to the Address Manager v8.2.0 Release Notes.
  • Standalone Address Manager server: If you applied Hotfix KB-8127 to a standalone Address Manager server and will be upgrading to software version 8.2.0 or greater, you will not be able to create replication using this standalone server after a successful upgrade. If you want to designate this standalone server for replication, you will need to stop the Address Manager firewall from the Administration Console of the Primary server as well as the designated Standby server (and Tertiary server, if applicable) then create replication from the user interface of the Primary Address Manager server. Once replication has been created, the Address Manager servers will restart and the Address Manager firewall will be enabled. For more information on configuring the Address Manager firewall, refer to Address Manager firewall.
For customers upgrading to Address Manager v8.2.0 or greater who have NOT applied Hotfix KB-8127 for Address Manager v8.1.x
  • Address Manager in replication: If you have NOT applied Hotfix KB-8127 to Address Manager servers in replication, you must first break replication then perform the upgrade to software version 8.2.0 or greater. Once the upgrade is successful, you must stop the Address Manager firewall from the Administration Console of each replication node. That is, stop the firewall on the Primary server and the Standby server (and the Tertiary server, if applicable). From the user interface of the Primary Address Manager, create replication. Once replication has been created, the Address Manager servers will restart and the Address Manager firewall will be enabled. For more information on configuring the Address Manager firewall, refer to Address Manager firewall.
  • Standalone Address Manager server: If you have NOT applied Hotfix KB-8127 to a standalone Address Manager server and will be upgrading to software version 8.2.0 or greater, you will not be able to create replication using this standalone server. If you want to designate this standalone server for replication, you will need to stop the Address Manager firewall from the Administration Console of the Primary server as well as the designated Standby server (and the Tertiary server, if applicable), then create replication from the user interface of the Primary Address Manager server. Once replication has been created, the Address Manager servers will restart and the Address Manager firewall will be enabled. For more information on configuring the Address Manager firewall, refer to Address Manager firewall.
For clean installations of Address Manager v8.2.0 or greater:
  • Customers performing a clean/new installation of Address Manager v8.2.0 or greater who want to configure database replication must stop the Address Manager firewall from the Administration Console of each replication node before creating replication. That is, stop the firewall on the designated Primary server and the Standby server (and the Tertiary server if applicable), then create replication from the user interface of the Primary Address Manager. For more information on configuring the Address Manager firewall, refer to Address Manager firewall.
Attention: BlueCat strongly advises customers using Address Manager in replication to secure the communication channel between the Primary and Secondary (or Tertiary) servers, for example by using a VPN between data centers
Note:
  • When you configure database replication, Address Manager reboots all affected servers. The Primary server reboots first, followed by each Standby server in turn. All servers are unavailable for a few minutes while they restart.
  • When Database Replication is configured, changes and updates MUST ONLY be performed on the Primary server. BlueCat strongly recommends not performing changes and updates to the Standby server.

To add primary database access to the standby database:

  1. Log in to the Standby Address Manager Administration Console. For instructions, refer to Using the Administration Console.
  2. From Main Session mode, type configure additional and press ENTER.
  3. Type configure database and press ENTER.
  4. Type add access <primary_database_IP_address> to add machines to the database access list.
    Note: The IP address for the primary database server is usually the same as the address of the Address Manager server.
  5. Type save and press ENTER. The Administration Console saves your settings and the appliance restarts.