NB: Please be sure both servers are running the same version of the WiKID and that their dates are the same! Upgrading to the latest version is recommended.
First,
validate that both machines have the same time otherwise you will have
some issues. If they are too far apart, you can reset the time using
the date command:
# date
will show the current date and time. It can be set by using ntpdate
# ntpdate
If you are running a non-appliance version of WiKID, be sure that you have installed the compatibility library:
yum install compat-libstdc++-296
Now set up the Primary server as you normally would, without
replication (that is, when prompted during the setup command, select No
for replication). Once the Primary is configured with a certificate,
any network clients, etc., stop the server. Currently, each time you
add a new network client you will have to rerun the sync command, so it
is best to set up all the network clients first.
Now install the Secondary server and run setup. When prompted about
replication, select Y and set it as the Secondary. Enter the IP address
of the Primary. Do not start the Secondary server yet.
Return to the Primary and re-run the setup command ('wikidctl
setup' on the 3.x servers). Select No when asked if you want to change
the networking and you will get to the replication prompt. Select Yes
to configure replication. Choose Primary and enter the IP address of
the Secondary server. Enter the passphrase for root on the Secondary
when prompted. With the wikid server stopped, sync the Primary to the
Secondary by running this command on the Primary:
wikidctl sync
On 2.x servers, the command is:
synch
This command will copy all the files and the database to the Secondary. It will over-write those files.
Start the servers, starting with the Secondary. Be sure to always start the Secondary server first! You should see a confirmation that replication started on both servers.
Testing replication and recovery
Create a new user in the Primary and check the logs. Now, stop the Primary and stop the Secondary and then on the Secondary server, type:
wikidctl setup
Choose N when asked configure the network:
You should see the new user you created above. Changing the IP address to that of the old primary is required to have the domains function.
To re-configure as the secondary, simply re-run 'wikidctl setup'.
N.B.:As of 3.0, the server can be started without a
passphrase by creating /etc/WiKID/security and entering
"WAUTH_PASSPHRASE=passphrase" on the first line. This allows a restart
without manual intervention, required for automated failover.
NB:There is a known issue with replication. Syncing changes
the owner of the postgresql config files to root. Correct this by
running this command on the secondary server after running sync:
# chown -R postgres:postgres /var/lib/pgsql/
Also, if you have trouble connecting the two servers via ssh, edit /etc/ssh/sshd_config and make the following changes:
#UseDNS yes
UseDNS no
And
# GSSAPI options
GSSAPIAuthentication no
#GSSAPIAuthentication yes
How to configure the WiKID Strong Authentication System for replication.
Learn More About WiKID
