Promotion for Maintenance

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

Promotion for maintenance promotes a replica instance to a primary instance while the original primary instance is online and functioning. An Operations Console administrator can initiate promotion for maintenance from the Operations Console of the replica instance that is to be promoted. After promotion, the original primary instance is demoted to a replica instance.

To perform a promotion for maintenance, the primary instance and all replica instances must be online and functioning. During this promotion process, authentication, administration, and self-service on the primary and replica instance involved in promotion will be unavailable, but authentication remains available on additional replicas in your deployment. After promotion, the original primary instance is demoted to a replica instance and is automatically synchronized with the new primary instance. All additional replica instances are automatically connected to the new primary instance.

If your deployment includes a web tier, you must restart services for each web tier after promotion. You must also initiate RADIUS data replication to synchronize the RADIUS server on each replica instance with the RADIUS server on the new primary instance.

Note:  If your primary instance is not functioning, use the disaster recovery method option.

Things to Consider

Before you promote a replica instance to a primary instance, consider the following:

  • If you have only one replica instance in your deployment, deploying another replica instance prior to promotion allows authentication to remain available during the promotion process.

  • There are two ways to transfer and copy log data. If you choose to automatically transfer and copy log data, consider archiving logs to an NFS to conserve time and disk space during promotion. If you choose to manually transfer and copy log data, SSH must be enabled. In this case, you must copy and transfer the backup file from the original primary instance to a location supported by the backup and restore feature on the new primary instance. You must also import the logs using the Operations Console of the new primary instance.

  • Back up the data in your current primary and save the backup file to a location outside of the appliance, such as a Network File System (NFS) or Windows shared folder.

  • If you have enabled critical system notifications, you may receive notifications for replication events.

  • Download completed reports using the Security Console on the primary instance. The report results will not be available on the new primary instance after promotion. For more information, see View A Completed Report.

  • If there are any completed Users/Tokens export jobs, download the export data files using the Security Console on the primary instance. The export data files will not be available on the new primary instance after promotion. For more information, see Exporting and Importing Users and Tokens Between Deployments.

  • Using the Security Console on the primary instance, disable any scheduled jobs such as reports, log archival, unresolvable users cleanup that may be scheduled to run during the period of planned promotion. If there are any scheduled jobs currently running, wait until they complete before beginning a promotion for maintenance. Any jobs that are in progress during the promotion are automatically cancelled. For more information, see Reports, Archive Logs Using Schedule Log Archival, and Schedule a Cleanup Job.

 

 


Attachments

    Outcomes