Example: Configuring High Availability for USM Appliance Standard Servers

Applies to Product: USM Appliance™ LevelBlue OSSIM®

This topic provides an example of how to configure two USM Appliance Standard Servers in a high availability environment.

This configuration uses the following IP addresses:

  • Master: 192.168.7.235 (MasterAppliance)
  • Slave: 192.168.7.254 (SlaveAppliance)
  • Virtual IP: 192.168.7.236

The primary appliance has the name MasterAppliance, and the secondary appiiance has the name SlaveAppliance.

Important: Do not use spaces in the appliance names!

To deploy two high availability Standard Servers

  1. If not already done, deploy the USM Appliance Standard Server according to the instructions in USM Appliance Deployments.

  2. Change the root user password in both appliances, as described in Reset Password for the Root User, making sure that the password is the same in each.

  3. Configure the hostname in the master (primary) appliance:

    1. On the LevelBlue Setup Main menu, go to System Preferences > Configure Hostname.

    2. Enter the hostname for the primary component:

      MasterAppliance

    3. Press Enter (<OK>).

  4. Configure the hostname in the slave (secondary) appliance:

    1. Go to System Preferences > Configure Hostname.

    2. Enter the hostname for the secondary component:

      SlaveAppliance

    3. Press Enter (<OK>).

  5. Configure each failover pair to communicate and synchronize with its respective NTP server.

    See High Availability Prerequisites and Restrictions and Configure Synchronization with an NTP Server.

  1. Restart both appliances.
  2. On the secondary (slave) appliance, launch the LevelBlue console.
  3. On the LevelBlue Setup Main menu, choose Jailbreak System.

  4. When you see the command line prompt, edit the file /etc/ossim/ossim_setup.conf as below

    Example of AlienVault ossim_setup.conf file for secondary Standard Server HA configuration.

  1. Save the changes.

  2. Enable HA in the secondary node by entering:

    screen alienvault-ha-assistant -e

    Note: Use screen to keep the process running in the background even when the session disconnects.

  3. Check that the secondary node is up and running:

    alienvault-ha-assistant –s

  4. When prompted, enter the root user password for the primary (master) server.

    After about five minutes, you see output, showing HA status for the secondary (slave) heartbeat status should be Running.

  5. On the primary (master) appliance, log into the LevelBlue console.
  6. On the LevelBlue Setup Main menu, choose Jailbreak System.

  7. Edit the /etc/ossim/ossim_setup.conf file as below

    Example of AlienVault ossim_setup.conf file for primary Standard Server HA configuration.

  8. Save the changes.

  9. Enable HA in the primary node:

    screen alienvault-ha-assistant -e

    Note: Use screen to keep the process running in the background even when the session disconnects.

  10. Verify that the primary node is up and running:

    alienvault-ha-assistant –s

  11. When prompted, enter the root user password for the secondary server.

    After about five minutes, you see output, showing HA status for the secondary (slave) heartbeat status as Running.

  12. Launch a web browser, check that you can access the USM Appliance Standard Server through the ha_virtual_ip assigned in the ossim_setup.conf file.

    It should look like the following:

    Example of USM Appliance HA Standard Server access from AlienVault Center