action.skip

Standard Deployment

We recommend the following default deployment as a starting point:

  • An external load balancer
  • Three cluster nodes

Reference Architecture

This deployment provides

  • Load Balancing - User requests are distributed across nodes for performance and availability.

  • High availability - Ability for one node to go offline without significantly impacting users.

  • Scalability - Additional capacity may be added as needed.

Requirements - What you provide


Load balancer

An external load balancer is provided by you. The specifics on which load balancer to use and the exact configuration are beyond the scope of this documentation.

The load balancer should be configured:

  • to direct traffic to all available nodes
  • with the cluster certificate
  • to use /ping as the health endpoint for each node in your cluster

The load balancer does not need to be configured for session affinity/stickiness. Session affinity is automatically handled inside the cluster.

Requests to any node in the cluster will be automatically load-balanced by the system to nodes across the cluster. This action provides a basic level of load balancing regardless of the presence of an external load balancer. An alternative is to use DNS round-robin load balancing, in which the cluster DNS hostname resolves to each node in the cluster.

Cluster DNS name

A DNS hostname is provided by you and will be used when accessing the cluster. This DNS hostname is configured on the cluster as part of the setup process.

  • The cluster DNS name should resolve to the address of your external load balancer.
  • If not using an external load balancer, the cluster DNS name should resolve to the IP addresses of each node in the cluster.

Cluster certificate

A certificate key pair is provided by you and is used to secure all communication to the cluster. A self-signed certificate is generated and can be used for accessing the cluster initially, but for a production deployment, we recommend that you provide your own cluster certificate.

  • The cluster certificate key pair you provide must be in the PEM format.
  • The certificate should contain the hostname of your load balancer, both as the common name and as a DNS Subject Alternative Name (SAN) entry.
  • If not using an external load balancer, the certificate should contain a DNS SAN entry for each node in the cluster.
  • The certificate will additionally be served up by each node in the cluster if accessed directly. If not already present, an additional SAN entry for each node node should be added if direct node access is desired.

Information to gather

While provisioning servers, gather the following information for use in the installation process:

  • Static IP address
  • Fully qualified domain name (FQDN) of each node

If using the Appliance, you also need the following network related information:

  • Network mask — if you used a static IP address during installation
  • Default gateway
  • DNS Server(s)