Configure High Availability for Configuration Hub

This topic describes how to set up a highly available server for Configuration Hub using Windows failover cluster.

Before you begin

You need:
  • Two Windows Server 2022 virtual machines to serve as nodes in a cluster:
    • Primary node (Node1)
    • Secondary node (Node2)

    Ensure that both the nodes (primary and secondary) have the same domain name, and are installed with the same version of Windows Server.

  • One Windows Server 2022 virtual machine (Node3) in the same domain.

    Create a shared drive on this node, which both the nodes in the cluster can access.

  • During installation, provide the same Configuration Hub credentials in both the nodes. Use the same cluster name created in the Windows failover cluster manager.

About this task

Perform the following tasks to set up high availability for Configuration Hub using a two-node failover cluster.

Procedure

  1. Install Failover Clustering Feature
  2. Create Failover Cluster
  3. Create Role
  4. Create Client Access Point (Virtual IP)
  5. Add Dependencies to Role
  6. Create Network Attached Storage
  7. Install Configuration Hub on Cluster Nodes
  8. Handling Silent Installation

Results

When Configuration Hub is installed on a node server (for example, Node1):
  • ConfigHubRootCA.crt and ConfigHubRootCA.key files are created in the ConfigHubPki folder using Node1 DNS name Configuration Hub ports.
  • Using the above root certificates, server_cert.crt and server_cert.key files are created to access the application.
  • The Configuration Hub cluster name parameter is sent to the RegisterConfighub_httpd.bat for creating certificate 'subject alternative names' using the cluster name.
  • Two extra parameters are introduced to capture 'cluster name' and 'domain name' if high availability is set up for Configuration Hub. The root certificates and server certificates are created using the extra parameter like 'cluster name'. All cluster nodes certificates have the same 'cluster name' so users can access all the nodes without any certificate issues.
  • Configuration Hub installer copies ConfigHubRootCA.crt and ConfigHubRootCA.key files into shared configuration. These are used in the other nodes for creating server_cert.key and server_cert.key files and maintains a trust between both nodes.
  • While installing Configuration Hub on other cluster nodes, the system checks if any root certificates exist in the given shared configuration path or not. If certificates exist, then copies both ConfigHubRootCA.crt and ConfigHubRootCA.key into the local machine ConfigHubPki folder of Configuration Hub, and then creates server certificates using the root certificates.