High Availability with PostgreSQL Database
(Feature available in Premium and Enterprise Editions only and the procedure applicable for builds 6800 and later only)

Prerequisite

Make sure that the ports 2345 (the database port) and 7272 ( the default webserver port) are open between the primary and the secondary application servers.

How to Set up High Availability in the Server running with PostgreSQL?

The process of setting up High Availability in the Server running with PostgreSQL consists of four simple steps:

Step 1: Primary & Secondary Setup:

You can use your current Password Manager Pro installation as the Primary server and install another instance of Password Manager Pro in a separate workstation as the Secondary server. During the installation of Password Manager Pro as Secondary, you need to choose the option "Configure this server as High availability secondary server". After installation, the PMP Secondary server should not be started.

Step 2: Create a Data Replication Pack for High Availability in Primary:

    1. Stop the Primary and Secondary Servers, if running. Ensure the postgres process of Password Manager Pro is NOT running.
    2. Open the command prompt and navigate to the <PMP_Primary_Installation_Folder>/bin directory.
    3. Run the script HASetup.bat <FQDN of PMP Primary Server> <FQDN OF PMP Secondary Server > (Windows) / HASetup.sh <FQDN of PMP Primary Server> <FQDN OF PMP Secondary Server > (Linux).

      To run this script, you need to pass the fully qualified domain names of the host where the Password Manager Pro Primary and Secondary servers are installed as command-line arguments. For Example, if the Primary server is running at, say, primary-server in the domain zohocorpin.com and the Secondary server is running at, say, secondary-server in the domain zohocorpin.com, you need to execute the above script as follows:

      In Windows: HASetup.bat primary-server.zohocorpin.com secondary-server.zohocorpin.com

      In Linux: sh HASetup.sh primary-server.zohocorpin.com secondary-server.zohocorpin.com

    4. This will create a replication package named 'HAPack.zip' under the <PMP_Primary_Installation_Folder>/replication folder and contains the database package for the Secondary.
    5. Copy the 'HAPack.zip' and place it in the machine where the Password Manager Pro Secondary installation is running, as detailed in Step 3 below.
    6. Start the Password Manager Pro Primary server.

Step 3: Place the HA Data Replication Pack in the Secondary

  1. Place the 'HAPack.zip' file, copied from the Primary Installation (as detailed in the previous step), in the <PMP_Secondary_Installation_Folder> and unzip it.
  2. Take care to extract the files under <PMP_Secondary_Installation_Folder> only. It will overwrite the existing data files.

Step 4: Specify the Location of Encryption Master Key

After extracting "HAPack.zip" in the Password Manager Pro Secondary server, navigate to the " /conf" folder, edit "manage_key.conf" and specify the location of the pmp_key.key (encryption master key).

    Note: Password Manager Pro requires the pmp_key.key file to be accessible with its full path when it starts up every time. After a successful start-up, it does not need the key anymore and so the device with the key file can be taken offline.

The High Availability configuration is ready now. To get it up and running, start the Password Manager Pro Secondary server.

    Important Notes:

    By default, Password Manager Pro comes with a self-signed SSL certificate. In case, you have overwritten it with a certificate signed by an internal CA (other than the prominent CAs like Verisign, Thawte, RapidSSL, etc) at the Secondary installation, you need to carry out the following additional steps to install the root certificate in the Password Manager Pro primary server:

    • Stop Primary Server, if running.
    • Open a command prompt and navigate to the <PMP_Primary_Installation_Folder>/bin directory.
    • Copy the Secondary server certificate and paste it under the <PMP_Primary_Installation_Folder>/bin directory.
    • From the <PMP_Primary_Installation_Folder>/bin directory, execute the following command:
      importCert.bat <name of the server certificate>
    • This adds the certificate to the Password Manager Pro certificate store.

Now start the Password Manager Pro Primary server.

See Also:
Monitor High Availability Setup with PostgreSQL

 

Top