Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Manufacturing Execution System 2023 R2

System prerequisites for a failover cluster environment

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
TABLE OF CONTENTS

System prerequisites for a failover cluster environment

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedDec 17, 2024
  • 2 minute read

Before you set up and configure a failover cluster environment, consider the following prerequisite requirements.

Operating System

  • All cluster nodes must run a compatible Windows Server edition.

Hardware

  • At least two servers (cluster nodes) with identical configurations are required.

  • Shared storage (e.g., SAN, iSCSI, or storage spaces) must be configured.

Network

  • Network interface cards (NICs) for public and private (heartbeat) communication must be installed.

  • DNS and hostname: Each node must be correctly named and registered in DNS.

  • Subnet and VLAN: Subnets or VLANs must separate cluster traffic from general network traffic.

  • Active Directory Integration:

    • All nodes should be part of the same domain.

    • A cluster service account with appropriate permissions is required.

Software

  • The same updates, drivers, and features must be installed on all nodes.

Security

  • Firewall rules: Required ports for clustering and application traffic must be open. Common Ports are:

    • TCP/UDP 3343: Used for cluster communication.

    • TCP/UDP 1433: Use for SQL Server clusters.

    • Other application-specific ports.

  • Time synchronization: NTP or similar services to synchronize time across nodes must be enabled.

  • User permissions: Secure user accounts with limited permissions must be set up as required for cluster management and application access.

  • Wildcard certificates: A wildcard certificate is a type of SSL/TLS certificate that allows you to secure multiple sub-domains of a single domain with one certificate. All nodes should be configured with a wildcard certificate to secure communication on nodes without System Platform. All nodes using wildcard certificates should be configured to one SMS and AIM server.

    • A wildcard SSL certificate must be obtained from the IT team or third-party vendors.

    • The wild card certificate must be configured on all nodes (cluster nodes, MES database server node, MES Client node)

Encryption

  • Data in transit: TLS for communication between nodes if supported should be used.

  • Data at rest: Data at rest must be encrypted on shared or local storage.

Permissions

  • The user account creating the cluster must have administrator privileges on all nodes.

  • Permissions to create computer objects in Active Directory for the cluster name must exist.

Installation and setup

  • MES licenses must be installed on the license server. See Set up MES product licenses.

  • Only the MES server components must be installed on both cluster nodes.

  • The MES middleware service must be started on each host node.

Backups

  • Regular backups of the cluster configuration and critical data are required to recover quickly in case of failures. Windows Server Backup or other backup tools that support cluster configuration backups should be used.

High availability systems

  • Redundant power and network connections must be available for each node, especially in production clusters.

  • For database clusters, database replication must be configured for high availability systems.

In This Topic
TitleResults for “How to create a CRG?”Also Available in