Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Deploying Policy Manager Insight in a Cluster
This section contains the following information:
Policy Manager Insight Placement Considerations
When a Policy Manager Insight-Enabled Server Is Down
Enabling Policy Manager Insight
Introduction
Multiple functions are dependent on Policy Manager Insight. For example, to use MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. caching, Policy Manager Insight must be enabled on at least one server within a cluster.
|
|
Enabling Policy Manager Insight on at least two servers in the cluster is recommended. |
As you enable Policy Manager Insight on additional servers in the cluster, Policy Manager automatically adds these servers to the Policy Manager Insight database authentication source definition. Policy Manager Insight does not replicate data to any other servers within the cluster—it is an entirely stand-alone database.
Policy Manager Insight Placement Considerations
Having Policy Manager Insight enabled on multiple servers within the cluster provides for a level of resilience, but you need to carefully consider where you enable Policy Manager Insight. For every server where Policy Manager Insight is enabled, all the other servers within the cluster subscribe through NetEvents to send data to the Policy Manager Insight database.
The amount of data sent to the Policy Manager Insight database can be extremely high, and if you use Insight for processing authentication requests within your cluster, where you enable Policy Manager Insight is an important design consideration:
If you are running a large Policy Managernetwork in which the subscriber traffic is not consuming all the publisher's resources, enable Policy Manager Insight on the dedicated publisher and the standby publisher.
If you are running a very large CPPM network in which the subscriber traffic will consume the publisher's resources, you could enable Policy Manager Insight on the dedicated publisher and the standby publisher, but only if both of these servers are dedicated to cluster operations—the publisher and standby publisher should not be processing authentication requests.
In a very large-scale deployment, Policy Manager Insight should be placed on its own dedicated server. This removes a lot of processing and I/O from the publisher, allowing it to handle the maximum amount of worker traffic.
Policy Manager Insight data is valuable and could be used as part of policy evaluation. If this is the case, Aruba recommends that you enable redundant Policy Manager Insight servers for fault tolerance.
If the worker traffic sent from the subscriber servers is expected to fully saturate the capacity of the publisher server, Policy Manager Insight should not be enabled on the publisher server. However, if the publisher server has spare capacity, it can be used to support the Policy Manager Insight database. However, take care to carefully monitor the publisher server's capacity and performance.
When a Policy Manager Insight-Enabled Server Is Down
When a Policy Manager Insight-enabled server in a cluster is down or out-of-sync for more than 30 minutes, the Policy Manager Insight server is moved to be the last Policy Manager Insight server in the fall-back list. This allows for fail-though to other Policy Manager Insight servers.
When a Policy Manager Insight-enabled server is dropped from the cluster, the corresponding server entry in the Policy Manager Insight repository is removed.
Enabling Policy Manager Insight
Policy Manager Insight is not enabled by default, so you must manually enable it.
To enable Policy Manager Insight:
1. Navigate to > > .
2. From the page, select the Policy Manager server you want to configure. The dialog opens.
3. To enable the Policy Manager Insight reporting tool on this server, select the check box.
When you enable this check box on a cluster server, the Policy Manager Insight Repository configuration is automatically updated to point to the server's management IP address.
When you enable this check box for other servers in the cluster, those servers are added as backups for the same authentication source.
The order of the primary and backup servers in the Policy Manager Insight Repository is the same order in which Policy Manager Insight was enabled on those servers.
4. To specify the current cluster server as an Insight Master, click the check box. Enabling a cluster server as an Insight Master allows other servers where Insight has been enabled to subscribe to this server ’s Insight Report configuration. In the event that this server fails, the reports will still be produced because all the servers in the cluster send a copy of their NetEvents data to all the servers that have Policy Manager Insight enabled.
5. When finished with enabling Policy Manager Insight and configuring any other elements in the dialog, click .
