HOW TO: Ensure High Availability in a PGP Universal Server Cluster
|Article:TECH193552|||||Created: 2012-07-24|||||Updated: 2012-10-23|||||Article URL http://www.symantec.com/docs/TECH193552|
After preparing a cluster of 2 members of PGP Universal Servers, what needs to be put in place to make PGP Desktop clients to point to both servers?
How to ensure High Availability in a PGP Universal Server cluster?
The PGP Desktop clients will not point to both servers at the same time, you need to provide that option via network configuration.
For High Availability, the recommendation is to prefer a load balancer that detects a host is down and redirects all traffic to the host that is still up.
It is also supported to use a configuration with DNS Round Robin.
In both cases, the clients would connect to i.e. keys.domain.tld. The load balancer (or DNS Round Robin) would then redirect to i.e. keys1.domain.tld or keys2.domain.tld.
Important in cluster environment is to have another interface on a separate subnet, that handles clustering and whose certificate matches the hostname. Please follow TECH157115.
About DNS Round Robin: In theory, the load should be distributed evenly with the connections resolving to each server about 50% of the time. In practice, it’s rarely reliable to that level, and often the load is higher in one of the servers.
Article URL http://www.symantec.com/docs/TECH193552