Cluster Commands
The Policy Manager command line interface includes the following cluster commands:
cluster set-communication-mode
cluster diagnostics
Use the cluster diagnostics command to run diagnostics on a Policy Manager cluster. This command supports both IPv4 and IPv6 management port addresses and uses port number 7432 to collect diagnostics data. Cluster diagnostics for both IPv4 and Ipv6 environments also include metrics for how much time was taken to establish a database connection to the publisher, and how much time was taken for HTTPSHypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection. APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. calls to the publisher. These Publisher database connection check and HTTPSHypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection. connection check to host duration metrics are in hour:min:sec.microsec format.
Syntax
The command syntax for an IPv4 management address is:
On subscriber:
On publisher:
The command syntax for an IPv6 management address is:
[appadmin]# cluster diagnostics
Parameter |
Action/Description |
-s |
Starts server using management IPv4 address for cluster diagnostics. |
-s -6 |
Starts server using management IPv6 address for cluster diagnostics. |
-c |
Starts client for cluster diagnostics with an IPv4 address.. |
-c -6 |
Starts client for cluster diagnostics with an IPv6 address. |
-p |
Runs pgmetrics. |
-d |
Specifies the database on which to run pgmetrics or reset statistics. |
-r |
Resets database statistics. |
-q |
Find and terminate queries. |
-i |
Use with the -q flag to view or terminate a query by its process ID (PID). |
-t |
Use with the -q flag and a time interval ( for example, 10 minutes) to display queries running longer than the specified time frame. The user then can terminate these queries by specifying their PIDs, or can enter the all option at the CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. prompt to terminate all of the queries. |
Examples
[appadmin]# cluster diagnostics -c 192.0.2.21
Enter Cluster Password for 192.0.2.21
Throughput 130914.19 kbps/sec
Configured MTU: 1500
Ping Lagency : 0.323333333333 ms
Publisher database connection check: [OK]
Publisher database connection time (HH:MM:SS.μs): 0:00:00.018555
Verify HTTPS connection to host - 192.0.2.21
HTTPS connection check to host : [OK]
Publisher API connection time (HH:MM:SS.μs): 0:00:00.274626
MTU check for 1400 payload size : [OK]
[appadmin]# cluster diagnostics -q -t 1 minutes The following 1 queries were found within the time interval provided
PID Query
1950565 SELECT * from ( SELECT timestamp,ct,(SELECT text '192.0.2.1') as server ip FROM dblink ('host=192.0.2.1 port=5432 dbname=tip sLogDb user=appuser password=123456789', 'SELECT date trunc(''DAY''Tl.timestamp AT TIME ZONE INTERVAL''+05:30'')as date, count(T1.id) as count FROM tips dashboard summary Tl WHERE ((((T1.id != ''0''))) AND (Tl.timestamp >=''2021-12-22 00:00:00.000+530'') AND (Tl.timestamp <= '2021-12-29 23:09 :24:944+530''))GROUP BY date ORDER BY date DESC' ) as tmpt ( timestamp timestamp with time zone, ct int) as t ORDER BY timestamp DESC
Type "all" to terminate all found queries, or the query Type "exit" to end query termination.
all Terminated PG backend 1950565 based on user input
cluster drop-subscriber
Use the
command to remove a specific subscriber node from the cluster.
|
This command does not support Stateless Address Auto-configuration (SLAACStateless Address Autoconfiguration. SLAAC provides the ability to address a host based on a network prefix that is advertised from a local network router through router advertisements.) IPv6 addresses. |
Syntax
cluster drop-subscriber [-f] [-i <IP address>] -s
The following table describes the required and optional parameters for the
command:
Parameter/Flag |
Action/Description |
-f |
Enter the -f parameter to force Policy Manager to drop even the nodes that are down. |
-i <IP Address> |
Specify the Management IP address of the node. If this IP address is not specified and the current node is a subscriber, Policy Manager drops the current node. The IP address of the subscriber to be dropped must be passed in the correct format. The IP address format depends on the cluster communication mode: If the mode is ipv4, use the subscriber's IPv4 address, otherwise if the mode is ipv6, use the subscriber's IPv6 address. To verify which cluster communication mode is configured, use the command. |
-s |
Restricts resetting the database on the dropped node. By default, Policy Manager drops the current node—if it's a subscriber—from the cluster. |
Example
The following example removes the IP address 192.xxx.1.1 from the cluster:
[appadmin]# cluster drop-subscriber -f -i 192.xxx.1.1 -s
cluster list
Use the communication mode (IPv4 or IPv6), and indicates whether a standby publisher and failover wait time been defined.
command to list all the nodes in the cluster, and show whether cluster high availability is enabled or disabled. The command also indicates the clusterSyntax
cluster list
Example
The following example lists all the nodes in a cluster:
[appadmin]# cluster list
[appadmin@v6-7152-6192]# cluster list
Cluster Commuication Mode: ipv4
Cluster high-availability : ENABLED, Failover wait-time : 8, Standby Publisher : 198.51.100.7
Publisher : Management port IP=198.51.100.3 IPv6=2001:DB8:200:7::150 Data port IP=203.0.113.190 [local machine]
Subscriber : Management port IP=198.51.100.5 IPv6=2001:DB8:200:7::152 Data port IP=203.0.113.192
Subscriber : Management port IP=198.51.100.7 IPv6=2001:DB8:200:7::153 Data port IP=203.0.113.194
cluster make-publisher
Use the
command to promote a specific subscriber to be the publisher in the same cluster.Before you promote a subscriber to publisher, add the HTTPSHypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection. server certificate of the subscriber to the trust list and ensure sure all the servers in the cluster have this certificate in the Trust list. This step is not required if the HTTPSHypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection. server certificates for all the nodes in the cluster are signed by a certificate authority (CACertificate Authority or Certification Authority. Entity in a public key infrastructure system that issues certificates to clients. A certificate signing request received by the CA is converted into a certificate when the CA adds a signature generated with a private key. See digital certificate.)
|
When running this command, do not close the shell or interrupt the command execution. |
Example
The following example promotes a subscriber to publisher status:
[appadmin]# cluster make-publisher
********************************************************
* WARNING: Executing this command will promote the *
* current machine (which must be a subscriber in the *
* cluster) to the cluster publisher. Do not close the *
* shell or interrupt this command execution. *
********************************************************
Continue? [y|n]: y
To continue the
operation, enter .cluster make-subscriber
Run the HTTPSHypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection. server certificate of the standby publisher to the Trust list and ensure sure all the servers in the cluster have this certificate in the Trust list. This step is not required if the HTTPSHypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection. server certificates for all the nodes in the cluster are signed by a certificate authority (CACertificate Authority or Certification Authority. Entity in a public key infrastructure system that issues certificates to clients. A certificate signing request received by the CA is converted into a certificate when the CA adds a signature generated with a private key. See digital certificate.)
command on a standalone publisher to make the standalone node a subscriber node and add it to the cluster. If a cluster is configured with a standby publisher, add the
|
This command does not support Stateless Address Auto-configuration (SLAACStateless Address Autoconfiguration. SLAAC provides the ability to address a host based on a network prefix that is advertised from a local network router through router advertisements.) IPv6 addresses. |
Syntax
cluster make-subscriber -i <IP-address> [-l] [-b] [-V]
The following table describes the required and optional parameters for the
command:
Parameter/Flag |
Action/Description |
-b |
Instructs Policy Manager to skip making a backup of the publisher before you make it a subscriber. |
-i <IP-address> |
Specify the publisher's IP address. This parameter allows both IPv4 and IPv6 addresses. |
-l |
Restores the local log database after this operation. This parameter is optional. |
-V |
Instructs Policy Manager to not verify the publisher certificate. |
Example
The following example converts the node with IP address 192.xxx.1.1 to a subscriber node and restores the local log database:
[appadmin]# cluster make-subscriber –i 192.xxx.1.1 -l
cluster reset-database
Use the
command to reset the local database and erase its configuration.
|
Running this command erases the Policy Manager configuration and resets the database to its default configuration—all the configured data will be lost. |
|
When running this command, do not close the shell or interrupt the command execution. |
Syntax
cluster reset-database
Example
The following example reset the database:
[appadmin]# cluster reset-database
**********************************************************
* WARNING: Running this command will erase the Policy Manager *
* configuration and leave the database with default *
* configuration. You will lose all the configured data. *
* Do not close the shell or interrupt this command *
* execution. *
*********************************************************
Continue? [y|n]: y
To continue the
operation, enter .cluster set-communication-mode
Click the drop-down list and select either APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. calls will use IPv6 addresses for cluster communication. If the value is set to ipv4, it will use IPv4 for database and APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. calls instead. The default value of the cluster communication mode will depend on the IP address configured on the appliance during installation or upgrade. If the appliance has only an IPv6 address, the default cluster communication mode will be IPv6. If the appliance has both IPv4 and IPv6 addresses configured, or if only an IPv4 address is configured, then the default cluster communication mode will be IPv4.
or as the mode of commuication for all cluster operations. If the value of this parameter is set to , all database andWhenever the cluster communication mode is changed, it performs the following validations:
Configuration checks to verify an IP address in the correct format is configured for the interface.
Certificate checks to verify the database certificates have the correct IP address in the SAN field.
Certificate checks to verify the HTTPSHypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection. certificates have the correct IP address in the SAN field.
Syntax
cluster set-communication-mode [ipv4/ipv6]
Example
The following example lists all the nodes in a cluster:
[appadmin]# cluster set-communication-mode ipv4
********************************************************
* *
* WARNING: Executing this command will change *
* the format of the IP address used for all *
* cluster communications and can cause *
* the cluster to go out of sync. *
* *
* Please reset certificates on all nodes *
* and reboot each node to ensure cluster is in sync. *
* *
* Do not close the shell or interrupt this command *
* execution. *
* *
********************************************************
Continue? [y|n]: y
cluster set-cluster-passwd
Use the
command to change the cluster password on all nodes in the cluster. You may only issue this command from the publisher.
|
Setting the cluster password changes the password for all the nodes in the cluster |
Syntax
cluster set-cluster-passwd
Example
The following example changes the cluster password on the publisher:
[appadmin]# cluster set-cluster-passwd
cluster set-cluster-passwd
Continue? [y|n]: y
Enter Cluster Passwd: college.162
Re-enter Cluster Passwd: college.162
INFO - Password changed on local (publisher) node
Cluster password changed
cluster set-standby-publisher
Use the
command to set a standby publisher for cluster high availability. You may only issue this command from the publisher.Syntax
cluster set-standby-publisher [-i <IP Address>]|[-t <Failover wait time>]
Parameter/Flag |
Action/Description |
-i <IP Address> |
Management IP Address of the server to be configured as standby publisher. This parameter accepts both IPv4 and IPv6 addresses. |
-t <Failover wait time> |
Specify the time (in minutes) that the standby publisher must wait before it assumes the role of publisher after the primary publisher becomes unreachable. This parameter prevents the standby publisher from taking over when the publisher is temporarily unavailable during a restart. The default failover wait time is . |
Example
The following example defines a standby publisher and sets the failover wait time to five minutes:
[appadmin]# cluster set-standby-publisher -i 10.21.4.33 -t 5
failover time = 5
cluster sync-cluster-passwd
Use the
command to synchronize the cluster ( ) password currently set on the publisher with all the subscriber nodes in the cluster.
|
Synchronizing the cluster password changes the password for all the nodes in the cluster |
Syntax
cluster sync-cluster-passwd
Example
The following example synchronizes the cluster password:
[appadmin]# cluster sync-cluster-passwd
Continue? [y|n]: y
Enter Password: college.205
Re-enter Password: college.205
Was this information helpful?
Great! Thanks for the feedback
Sorry about that! How can we improve it? Send your comments and suggestions!