Skip to main content
Version: 3.1

Install a backup license server

After you've created your license server, but before you add licenses, you can create a backup license server. A backup license server synchronizes with your main license server to provide high availability (HA), which protects your Portworx clusters from interruption in the event that your primary server experiences a problem.

Prerequisites

  • The Docker service installed and running
  • The docker-compose command available
  • Your existing license server's credentials; you must use the same credentials for both the main and backup license servers.

Determine the latest image

To determine the latest image for the license-server, run the following command:

latest_stable=$(curl -fsSL https://install.portworx.com/pxcentral-air-gapped | \
awk '/px-els:/{print $2}' | tr -d \" )
echo $latest_stable
docker.io/portworx/px-els:2.3.2

Enable HA

note

If your cluster is air-gapped, you must first pull the Portworx license server Docker images to either your docker registry or directly to the nodes. For example:

curl -o px-ag-install.sh https://install.portworx.com/air-gapped
# push image to the company's registry server
sh px-ag-install.sh -E '*' -I $latest_stable pull push <company-registry-hostname>
# alternatively, push the image directly to the air-gapped nodes
sh px-ag-install.sh -E '*' -I $latest_stable pull load <air-gapped-node1> <air-gapped-node2...>
  1. Create and start the following docker-compose.yml file, specifying the following:

    • If your cluster is air-gapped, add -air-gapped and -nic with the network interface your host uses to connect with the rest of the cluster.

    • If you're using SSL, add -enable-ssl, and specify the location of your SSL certificate with optional CA and key-file with the -ssl-certs </path/to/server-bundle.crt> and -ssl-key /path/to/server.key flags.

      # update image version below with current $latest_stable
      version: '2.2'
      services:
      px-els-main:
      container_name: px-els-backup
      image: portworx/px-els:1.0.0
      # command: -air-gapped -nic eth0 -extl-port 7070
      # command: -enable-ssl -ssl-certs /ssl/server-bundle.crt -ssl-key /ssl/server.key
      privileged: true
      network_mode: host
      restart: always
      volumes:
      - /opt/pwx-ls/bin:/export_bin
      - /var/lib/pwx-ls:/data
      - /proc:/hostproc
      - /opt/pwx-ls/ssl:/ssl
      healthcheck:
      test: ["CMD", "curl", "-fI", "http://127.0.0.1:7069/api/1.0/instances/~/health"]
      interval: 2m30s
      timeout: 30s
      retries: 3
    note
    • You must use the same credentials for both the main and backup license servers.
    • You can change the admin password with the lsctl users passwd admin command.
    docker-compose up -d
    Creating px-els ... done
  2. Verify the license server's status by entering the docker-compose logs command with the -f (follow-logs) option:

    docker-compose logs -f
    Attaching to px-els-backup
    ...
    time="2022-12-14T08:23:43Z" level=info msg="License server RUNNING as PxProxyServer{id=0xc0001a4f30,ver=px-els/2.3.2-0-g64173d7,addr=:7070,SSL=false} ..."

    The message beginning with License server RUNNING indicates success.

  3. Log in to your main license server and enable high availability (HA). Enter the lsctl ha conf command and the -m (main endpoint) flag with the endpoint of your main license server and the -b (backup endpoint) flag with the endpoint of your backup license server:

    /opt/pwx-ls/bin/lsctl login -u admin -p '<password>' http://<main-host>:<main-port>
    /opt/pwx-ls/bin/lsctl ha conf -m http://<main-host>:<main-port> -b http://<backup-host>:<backup-port>
    WARN[0000] Changed main URL from http://<host>:7070 to http://X.X.X.0:7070/fne/bin/capability
    WARN[0000] Changed backup URL from <host> to http://X.X.X.1:7070/fne/bin/capability
    INFO[0000] Backup license server updated
    INFO[0000] Main license server updated (restarting in 15 seconds)
    > Restarting Main license server: .....................
    INFO[0048] Successfully set up Main/Backup license servers for HA
  4. Verify your HA configuration:

    /opt/pwx-ls/bin/lsctl ha info
    High Availability configuration (Main):
    Main URI : http://X.X.X.129:7070/fne/bin/capability
    Backup URI : http://xx.xx.97.67:7070/fne/bin/capability
    Synchronization to Main enabled : false (Mandatory on backup server)
    Synchronization pagesize : 100
    Synchronization interval : 5m
    Synchronization retry count : 1
    Synchronization retry repeat interval : 1m
    Active license server identifier : AC1F6B221662/ETHERNET
    Backup license server identifier : 000C2909B6BD/ETHERNET

Once you've created and configured your license servers, you can populate the licenses on the main license server.