How Can We Help?

< All Topics
You are here:
Print

zGateway Cluster Installation

A full zGateway cluster installation requires a 2 node deployment. The installation process steps are as follows:
1. Install primary zGateway Cluster Manager
2. Perform standard pre-boot and bootstrap process of zGateway
3. Start NTP services from zGateway management page
4. Add the same node as zGateway node to the cluster
5. Install zGateway on second host and add it to the Cluster as secondary Cluster Manager
6. Add standby node machine also as zGateway node

 

CONFIGURING PRIMARY ZGATEWAY CLUSTER MANAGER
After the first security officer user is registered and certificate is installed on administers machine, login as security officer using the zGateway client and open the management console.

Follow these steps on zGateway management console to configure the Primary zGateway Node

1. Create a new HTTP type application with name “ClusterManagement” with Application Server as the virtual IP address and port as 3636. Provide the URL as
http://zgateway_virtual_IP_address:3636

Note: replace zgateway_virtual_IP_address with the virtual IP address of the cluster
provided during installation

Note: This application can be marked hidden in case admin do not want to publish this on
their Launchpad.

2. Create an application group with name “ClusterAdminApps” with high security user and add
the application to this application group

3. Create an Access control using Native as the authentication server for High Security Users for the SYSTEM group and assign the newly created high security application group

4. Logout from zGateway client and login again and open zGateway management console

5. Go to Host Configuration -> Global Settings page and start NTP server.

6. Go to High Availability -> Configuration page and start configuring HA.

SettingDescriptionDefault ValueValue Specification
Virtual IP AddressThe cluster specified during the installation of the first nodeProvided by the adminValid IP Address
Network MaskNetwork Mast of the Virtual IPSelected from the drop down menuValid Netmask
Primary Load Balancer Server IPThe physical IP address of the primary Cluster managerThe IP address of this hostValid IP
Backup Load Balancer Server IPThe physical IP address of the secondary Cluster ManagerThe value is bland. It must be entered once the secondary cluster manager is added to the clusterValid IP or blank entry
Load Balanced Port NumberList of ports which will be load balanced by the service80 and 443Comma separated list of ports
Device NameThe network interface name of the interface on which virtual IP addresses will be assignedFirst interface of the hostSelect from drop down menu

7. Add the same host as the VPN Servers by clicking on Add button under VPN Servers section Specify the Server Name for display, IP Address of this host as Server IP Address. Server Weight is used for weight based load balancing when two or more VPN servers (zGateways) will have different hardware sizing. The node with higher weight will receive more connections.

8. If a secondary zGateway Cluster Manager is to be added to the cluster, the physical IP address of the secondary Cluster Manager host must be updated.

9. The secondary zGateway host (if going to be added immediately) must be added as VPN Server list also.

10. The final configuration shall look like this:

11. Click on “ADVANCED HA CONFIGURATION” and make sure following options are checked

a. Enable check box for “Monitor NIC links for failures”
b. Change the Persistence (Seconds) to 5 seconds/User preference
c. Click on save button to close advanced configuration screen.

12. Click on “Save” to save the configuration

13. Click on “Reload Service” to apply the Cluster modified configuration to cluster

14. Clicking on “Advanced HA Configuration” will show advanced cluster configurations. Follow the section at the end of this document for details on the advanced configuration.

15. The Cluster configuration is completed.

16. Perform other tasks like installing license and or publishing applications, ACLs, etc

17. Move the gateway to “run state” if the secondary zGateway node is not to be configured as the immediate next step.

INSTALLING DEDICATED ZGATEWAY NODE
In case a 3rd or more node need to be added to the cluster, these nodes can only run zGateway node.
Prerequisites: zGateway latest ISO, Virtual or physical hosts with minimum 4 GB of RAM and dual core of CPU
Installation steps:

1. Install zGateway using the zGateway ISO on a virtual machine or a physical host. Refer to the zGateway install guide on preparing the virtual machine or physical host and zGateway installation steps

2. After the “System Configuration” step in preboot stage, select the installation type as “Join as zGateway server” under “Clustered zGateway Installation” section

3. Selecting the option “Join as a zGateway Server” will install just the zGateway components on the host and will initiate a configuration synchronization with the active load balancer using the IP address specified as Virtual IP address of the load balancer. After the initial configuration sync is finished, the zGateway will start functioning without requiring any additional configuration. Similarly more no. of zGateway Nodes can be added to an existing cluster.

4. Synchronization of this node will start which may take few minutes and will finish with a success message.

5. Go to Host Configuration -> Global Settings page and start NTP server

LICENSING
zGateway cluster uses a single license applied on the Primary zGateway Cluster Manager node. The Primary Cluster Manager node, shares the same license copy with all other nodes in the cluster. When Primary Cluster Manager node is not available, the Secondary Cluster Manager provides the license information to the other nodes in the cluster.

Was this article helpful?
4.5 out Of 5 Stars
5 Stars 0%
4 Stars 100%
3 Stars 0%
2 Stars 0%
1 Stars 0%
How can we improve this article?
Previous zGateway Cluster Overview
Next Monitoring Cluster Status
Table of Contents
Top