Fortinet black logo

Administration Guide

Control sequence

Copy Link
Copy Doc ID 2cb222d1-3405-11ea-9384-00505692583a:252971
Download PDF

Control sequence

Required processes

In a high availability environment the primary fails over to the secondary when certain processes don't start or fail while running. If any process listed in the table below fails on the primary, then the secondary attempts to take control. Depending on the appliance and platform being used, different processes are required. See the table below for additional information.

Required Process

FortiNAC Control Manager

FortiNAC Control Server

FortiNAC Application Server

FortiNAC Server

mysql

X

X

X

sshd

X

X

X

X

dhcpd

X

X

httpd

X

X

named

X

X

tomcat-admin

X

X

X

tomcat-portal

X

X

Determining whether the secondary needs to take control

The secondary server pings the primary server every 30 to 60 seconds depending on the time spent "validating" the connection to determine whether the primary is still in control.

If the secondary receives no response from the primary after five attempts, the secondary pings the gateway configured in the high availability tab and the default gateway for the appliance. See Primary and secondary configuration.

  • If the gateway is reachable, after 30 seconds the secondary takes control, since the primary is assumed to be isolated from the network.
  • If the gateway is not reachable, the secondary will not take control since the secondary is assumed to be isolated from the network and the primary could be functioning properly.

If the secondary is Idle, it does not take control. For example, the secondary can be set to Idle when Reboot and Shutdown commands are run on the primary.

CLI control scripts

The following scripts are used by FortiNAC to control the server and are located in /bsc/campusMgr/bin

Script

Description

hsIsSlaveActive

Determines if the secondary SQL server is performing replication.

hsRestartCMMaster

Executed on the primary FortiNAC Server, FortiNAC Control Server, or FortiNAC Control Manager appliance to recover after a failover. It copies the database and other files from the secondary appliance. Also resets the process states back to the master and restarts both servers.

hsRestartCMRCMaster

Executed on the primary FortiNAC Application Server to recover after a failover. It copies all the required files from the secondary FortiNAC Application Server. Also resets the process states back to the master and restarts both servers.

Control sequence

Required processes

In a high availability environment the primary fails over to the secondary when certain processes don't start or fail while running. If any process listed in the table below fails on the primary, then the secondary attempts to take control. Depending on the appliance and platform being used, different processes are required. See the table below for additional information.

Required Process

FortiNAC Control Manager

FortiNAC Control Server

FortiNAC Application Server

FortiNAC Server

mysql

X

X

X

sshd

X

X

X

X

dhcpd

X

X

httpd

X

X

named

X

X

tomcat-admin

X

X

X

tomcat-portal

X

X

Determining whether the secondary needs to take control

The secondary server pings the primary server every 30 to 60 seconds depending on the time spent "validating" the connection to determine whether the primary is still in control.

If the secondary receives no response from the primary after five attempts, the secondary pings the gateway configured in the high availability tab and the default gateway for the appliance. See Primary and secondary configuration.

  • If the gateway is reachable, after 30 seconds the secondary takes control, since the primary is assumed to be isolated from the network.
  • If the gateway is not reachable, the secondary will not take control since the secondary is assumed to be isolated from the network and the primary could be functioning properly.

If the secondary is Idle, it does not take control. For example, the secondary can be set to Idle when Reboot and Shutdown commands are run on the primary.

CLI control scripts

The following scripts are used by FortiNAC to control the server and are located in /bsc/campusMgr/bin

Script

Description

hsIsSlaveActive

Determines if the secondary SQL server is performing replication.

hsRestartCMMaster

Executed on the primary FortiNAC Server, FortiNAC Control Server, or FortiNAC Control Manager appliance to recover after a failover. It copies the database and other files from the secondary appliance. Also resets the process states back to the master and restarts both servers.

hsRestartCMRCMaster

Executed on the primary FortiNAC Application Server to recover after a failover. It copies all the required files from the secondary FortiNAC Application Server. Also resets the process states back to the master and restarts both servers.