Hanwha Wisenet SSM : the simplest high availability cluster between two redundant servers
With the synchronous replication and automatic failover provided by Evidian SafeKit
The solution for Hanwha Wisenet SSM
Evidian SafeKit brings high availability to Hanwha Wisenet SSM, the CCTV video surveillance system, between two redundant servers.
This article explains how to implement quickly a Hanwha cluster with real-time replication and automatic failover of Wisenet SSM services and data.
An alternative solution
There is another SafeKit solution very easy to deploy and based on Hyper-V if you need to replicate other applications in addition to Hanwha Wisenet SSM.
The SafeKit/Hyper-V solution replicates full Hyper-V virtual machines which can contain Hanwha Wisenet SSM and other applications. And SafeKit restarts automatically the VMs in case of failure.
Several virtual machines can be replicated and can run on both Windows hypervisors with crossed replication and mutual takeover.
With this solution, there is no need to configure restart scripts and define virtual IP addresses for each application.
A generic product
Note that SafeKit is a generic product on Windows and Linux.
You can implement with the SafeKit product real-time replication and failover of any file directory and service, database, complete Hyper-V or KVM virtual machines, Docker, Podman, K3S, Cloud applications (see the module list).
Partners, the success with SafeKit
This platform agnostic solution is ideal for a partner reselling a critical application and who wants to provide a redundancy and high availability option easy to deploy to many customers.
With many references in many countries won by partners, SafeKit has proven to be the easiest solution to implement for redundancy and high availability of building management, video management, access control, SCADA software...
Building Management Software (BMS)
Video Management Software (VMS)
Electronic Access Control Software (EACS)
SCADA Software (Industry)
Step 1. Real-time replication
Server 1 (PRIM) runs the Hanwha Wisenet SSM application. Clients are connected to a virtual IP address. SafeKit replicates in real time modifications made inside files through the network.
The replication is synchronous with no data loss on failure contrary to asynchronous replication.
You just have to configure the names of directories to replicate in SafeKit. There are no pre-requisites on disk organization. Directories may be located in the system disk.
Step 2. Automatic failover
When Server 1 fails, Server 2 takes over. SafeKit switches the virtual IP address and restarts the Hanwha Wisenet SSM application automatically on Server 2.
The application finds the files replicated by SafeKit uptodate on Server 2. The application continues to run on Server 2 by locally modifying its files that are no longer replicated to Server 1.
The failover time is equal to the fault-detection time (30 seconds by default) plus the application start-up time.
Step 3. Automatic failback
Failback involves restarting Server 1 after fixing the problem that caused it to fail.
SafeKit automatically resynchronizes the files, updating only the files modified on Server 2 while Server 1 was halted.
Failback takes place without disturbing the Hanwha Wisenet SSM application, which can continue running on Server 2.
Step 4. Back to normal
After reintegration, the files are once again in mirror mode, as in step 1. The system is back in high-availability mode, with the Hanwha Wisenet SSM application running on Server 2 and SafeKit replicating file updates to Server 1.
If the administrator wishes the application to run on Server 1, he/she can execute a "swap" command either manually at an appropriate time, or automatically through configuration.
More information on power outage and network isolation in a cluster.
Redundancy at the application level
In this type of solution, only application data are replicated. And only the application is restared in case of failure.
With this solution, restart scripts must be written to restart the application.
We deliver application modules to implement redundancy at the application level (like the Hanwha Wisenet SSM module provided in the free trial below). They are preconfigured for well known applications and databases. You can customize them with your own services, data to replicate, application checkers. And you can combine application modules to build advanced multi-level architectures.
This solution is platform agnostic and works with applications inside physical machines, virtual machines, in the Cloud. Any hypervisor is supported (VMware, Hyper-V...).
Redundancy at the virtual machine level
In this type of solution, the full Virtual Machine (VM) is replicated (Application + OS). And the full VM is restarted in case of failure.
The advantage is that there is no restart scripts to write per application and no virtual IP address to define. If you do not know how the application works, this is the best solution.
This solution works with Windows/Hyper-V and Linux/KVM but not with VMware. This is an active/active solution with several virtual machines replicated and restarted between two nodes.
- Solution for a new application (no restart script to write): Windows/Hyper-V, Linux/KVM
Why a replication of a few Tera-bytes?
Resynchronization time after a failure (step 3)
- 1 Gb/s network ≈ 3 Hours for 1 Tera-bytes.
- 10 Gb/s network ≈ 1 Hour for 1 Tera-bytes or less depending on disk write performances.
Alternative
- For a large volume of data, use external shared storage.
- More expensive, more complex.
Why a replication < 1,000,000 files?
- Resynchronization time performance after a failure (step 3).
- Time to check each file between both nodes.
Alternative
- Put the many files to replicate in a virtual hard disk / virtual machine.
- Only the files representing the virtual hard disk / virtual machine will be replicated and resynchronized in this case.
Why a failover < 25 replicated VMs?
- Each VM runs in an independent mirror module.
- Maximum of 25 mirror modules running on the same cluster.
Alternative
- Use an external shared storage and another VM clustering solution.
- More expensive, more complex.
Why a LAN/VLAN network between remote sites?
- Automatic failover of the virtual IP address with 2 nodes in the same subnet.
- Good bandwidth for resynchronization (step 3) and good latency for synchronous replication (a few ms).
Alternative
- Use a load balancer for the virtual IP address if the 2 nodes are in 2 subnets (supported by SafeKit, especially in the cloud).
- Use backup solutions with asynchronous replication for high latency network.
Prerequisites
- You need Wisenet SSM installed on 2 nodes (virtual machines or physical servers).
- On Windows, with Windows services manager, put Wisenet SSM services with Boot Startup Type = Manual on both nodes.
SafeKit controls start of Wisenet SSM services in the restart scripts. Edit the restart scripts during the configuration to check if you have put all services in Manual boot including the new ones that you can add.
Package installation on Windows
-
Download the free version of SafeKit on 2 Windows nodes.
Note: the free version includes all SafeKit features. At the end of the trial, you can activate permanent license keys without uninstalling the package.
-
To open the Windows firewall, on both nodes start a powershell as administrator, and type
c:/safekit/private/bin/firewallcfg add -
To initialize the password for the default admin user of the web console, on both nodes start a powershell as administrator, and type
c:/safekit/private/bin/webservercfg.ps1 -passwd pwd
- Use aphanumeric characters for the password (no special characters).
- pwd must be the same on both nodes.
-
For synchronizing SafeKit at boot and at shutdown, on both nodes start a powershell as administrator, and type only once
c:/safekit/private/bin/addStartupShutdown
Module installation on Windows
-
Download the hanwha_ssm.safe module.
The module is free. It contains the files userconfig.xml and the restart scripts.
- Put hanwha_ssm.safe under C:\safekit\Application_Modules\demo (create the demo directory if it does not exist).
1. Launch the SafeKit console
- Launch the web console in a browser on one cluster node by connecting to
http://localhost:9010. - Enter
adminas user name and the password defined during installation.
You can also run the console in a browser on a workstation external to the cluster.
The configuration of SafeKit is done on both nodes from a single browser.
To secure the web console, see 11. Securing the SafeKit web console in the User's Guide.
2. Configure node addresses
- Enter the node IP addresses.
- Then, click on
Applyto save the configuration.
If node1 or node2 background color is red, check connectivity of the browser to both nodes and check firewall on both nodes for troubleshooting.
This operation will place the IP addresses in the cluster.xml file on both nodes (more information in the training with the command line).
3. Choose the module
- In the Configuration tab, click on the hanwha_ssm.safe module.
The console finds xxx.safe in the 'Application_Modules/demo/' directory on the server side if you dropped a module there during installation.
4. Configure the module
- Choose an automatic start of the module at boot without delay.
- Normally, you have a single heartbeat network on which the replication is made. But, you can define a private network if necessary.
- Check that the replicated directories are installed on both nodes and contain the application data.
Replication of data and also logs is required for a database.
You can add new replicated directories as needed. - Enter a virtual IP address. A virtual IP address is a standard IP address in the same IP network (same subnet) as the IP addresses of both nodes.
Application clients must be configured with the virtual IP address (or the DNS name associated with the virtual IP address).
The virtual IP address is automatically switched in the event of a failure. start_primandstop_primmust contain starting and stopping of the Wisenet SSM application.
You can add new services in these scripts.
Check that the names of the services in these scripts are those installed on both nodes, otherwise modify them in the scripts.- Stop the services configured in
start_primon both nodes. - On Windows and on both nodes, with the Windows services manager, set
Boot Startup Type = Manualfor all the services registered instart_prim(SafeKit controls the start of services instart_prim).
Note that if a process name is displayed in Process Checker, it will be monitored with a restart action in case of failure. Configuring a wrong process name will cause the module to stop right after its start.
This operation will report the configuration in the userconfig.xml, start_prim, stop_prim files on both nodes (more information in the training with the command line).
5. Verify successful configuration
- Check the success message (green) on both nodes and click Next.
On Linux, you may get an error at this step if the replicated directories are mount points. See this article to solve the problem.
6. Start the node with up-to-date data
- If node 1 has the up-to-date replicated directories, select it and start it.
When node 2 will be started, all data will be copied from node 1 to node 2.
If you make the wrong choice, you run the risk of synchronizing outdated data on both nodes.
It is also assumed that the Wisenet SSM application is stopped on node 1 so that SafeKit installs the replication mechanisms and then starts the application in the start_prim script.
7. Wait for the transition to ALONE (green)
- Node 1 should reach the ALONE (green) state, which means that the
start_primscript has been executed on node 1.
If the status is ALONE (green) and the application is not started, check output messages of start_prim in the Application Log of node 1.
If node 1 does not reach ALONE (green) state, analyze why with the Module Log of node 1.
If the cluster is in WAIT (red) not uptodate, STOP (red) not uptodate state, stop the WAIT node and force its start as primary.
8. Start node 2
- Start node 2 with its contextual menu.
- Wait for the SECOND (green) state.
Node 2 stays in the SECOND (magenta) state while resynchronizing the replicated directories (copy from node 1 to node 2).
This may take a while depending on the size of files to resynchronize in replicated directories and the network bandwidth.
To see the progress of the copy, see the Module Log of node 2 with the verbose option without forgetting to refresh the window.
9. Verify that the cluster is operational
- Check that the cluster is green/green with Wisenet SSM services running on the PRIM node and not running on the SECOND node.
Only changes inside files are replicated in real time in this state.
Components that are clients of Wisenet SSM services must be configured with the virtual IP address. The configuration can be done with a DNS name (if a DNS name has been created and associated with the virtual IP address).
10. Testing
- Stop the PRIM node by scrolling down its contextual menu and clicking Stop.
- Verify that there is a failover on the SECOND node which should become ALONE (green).
- And with Microsoft Management Console (MMC) on Windows or with command lines on Linux, check the failover of Wisenet SSM services (stopped on node 1 in the
stop_primscript and started on node 2 in thestart_primscript).
If the Wisenet SSM application is not started on node 2 while the state is ALONE (green), check output messages of the start_prim script in the Application Log of node 2.
If ALONE (green) is not reached, analyze why with the Module Log of node 2.
Module log
- Read the module log to understand the reasons of a failover, of a waiting state etc...
To see the module log of node 1 (image):
- click on the Control tab
- click on node 1/PRIM on the left side to select the server (it becomes blue)
- click on Module Log
- click on the Refresh icon (green arrows) to update the console
- click on the floppy disk to save the module log in a .txt file and to analyze in a text editor
Click on node2 to see the module log of the secondary server.
Application log
- Read the application log to see the output messages of the start_prim and stop_prim restart scripts.
To see the application log of node1 (image):
- click on the Control tab
- click on node 1/PRIM on the left side to select the server (it becomes blue)
- click on Application Log to see messages when starting and stopping Wisenet SSM services
- click on the Refresh icon (green arrows) to update the console
- click on the floppy disk to save the application log in a .txt file and to analyze in a text editor
Click on node 2 to see the application log of the secondary server.
Advanced configuration
- In Advanced Configuration tab, you can edit internal files of the module: bin/start_prim and bin/stop_prim and conf/userconfig.xml .
If you make change in the internal files here, you must apply the new configuration by a right click on the icon/xxx on the left side (see image): the interface will allow you to redeploy the modified files on both servers.
Support
- For getting support, take 2 SafeKit Snapshots (2 .zip files), one for each server.
If you have an account on https://support.evidian.com, upload them in the call desk tool.
Internals of a SafeKit / Hanwha SSM high availability cluster with synchronous replication and failover
Go to the Advanced Configuration tab in the console, for editing these filesInternal files of the Windows hanwha_ssm.safe module
userconfig.xml (description in the User's Guide)
<!DOCTYPE safe>
<safe>
<service mode="mirror" defaultprim="alone" maxloop="3" loop_interval="24" failover="on">
<!-- Heartbeat Configuration -->
<!-- Names or IP addresses on the default network are set during initialization in the console -->
<heart pulse="700" timeout="30000">
<heartbeat name="default" ident="flow">
</heartbeat>
</heart>
<!-- Virtual IP Configuration -->
<!-- Replace
* VIRTUAL_TO_BE_DEFINED by the name of your virtual server
-->
<vip>
<interface_list>
<interface check="on" arpreroute="on">
<real_interface>
<virtual_addr addr="VIRTUAL_TO_BE_DEFINED" where="one_side_alias" />
</real_interface>
</interface>
</interface_list>
</vip>
<!-- Software Error Detection Configuration -->
<errd polltimer="10">
<!-- Samsung SSM process -->
<proc name="pg_ctl.exe" atleast="1" action="restart" class="prim" />
<proc name="ServiceManager.exe" atleast="1" action="restart" class="prim" />
<!--
<proc name="HAServerService.exe" atleast="1" action="restart" class="prim"/>
-->
</errd>
<!-- File Replication Configuration -->
<!-- Adapt with the directory of your PostgreSQL database and logs
-->
<rfs async="second" acl="off" nbrei="3">
<replicated dir="C:\PostgreSQL\9.1\data" mode="read_only">
<notreplicated path="pg_log"/>
<notreplicated path="postmaster.pid"/>
</replicated>
<replicated dir="C:\Program Files (x86)\Samsung\SSM\SystemManager\MapFile" mode="read_only"/>
</rfs>
<!-- User scripts activation -->
<user nicestoptimeout="300" forcestoptimeout="300" logging="userlog" />
</service>
</safe>
start_prim.cmd
@echo off
rem Script called on the primary server for starting application services
rem For logging into SafeKit log use:
rem "%SAFE%\safekit" printi | printe "message"
rem stdout goes into Application log
echo "Running start_prim %*"
set res=0
rem TODO: set to manual the start of services when the system boots
net start "postgresql-9.1 - PostgreSQL Server 9.1"
if not %errorlevel% == 0 (
%SAFE%\safekit printi "PostgreSQL (postgresql-9.1 - PostgreSQL Server 9.1) start failed"
goto stop
) else (
%SAFE%\safekit printi "PostgreSQL (postgresql-9.1 - PostgreSQL Server 9.1) started"
)
net start "SSM System Manager"
if not %errorlevel% == 0 (
%SAFE%\safekit printi "SSM System Manager start failed")
goto stop
) else (
%SAFE%\safekit printi "SSM System Manager started"
)
net start "SSM Watch Services Manager"
if not %errorlevel% == 0 (
%SAFE%\safekit printi "SSM Watch Services Manager start failed"
goto stop
) else (
%SAFE%\safekit printi "SSM Watch Services Manager started"
)
rem net start "HA Server Service"
rem if not %errorlevel% == 0 (
rem %SAFE%\safekit printi "HA Server Service start failed"
rem goto stop
rem ) else (
rem %SAFE%\safekit printi "HA Server Service started"
rem )
if %res% == 0 goto end
:stop
set res=%errorlevel%
"%SAFE%\safekit" printe "start_prim failed"
rem uncomment to stop SafeKit when critical
rem "%SAFE%\safekit" stop -i "start_prim"
:end
stop_prim.cmd
@echo off
rem Script called on the primary server for stopping application services
rem For logging into SafeKit log use:
rem "%SAFE%\safekit" printi | printe "message"
rem ----------------------------------------------------------
rem
rem 2 stop modes:
rem
rem - graceful stop
rem call standard application stop with net stop
rem
rem - force stop (%1=force)
rem kill application's processes
rem
rem ----------------------------------------------------------
rem stdout goes into Application log
echo "Running stop_prim %*"
set res=0
rem action on force stop
if "%1" == "force" (
%SAFE%\safekit printi "Force stop: kill processes of Samsung SSM application"
%SAFE%\safekit kill -name="watchservices.exe" -level="terminate"
%SAFE%\safekit kill -name="java.exe" -argregex=".*systemmanager.*" -level="terminate"
%SAFE%\safekit kill -name="pg_ctl.exe" -level="terminate"
%SAFE%\safekit kill -name="postgres.exe" -level="terminate"
%SAFE%\safekit kill -name="HAServerService.exe" -level="terminate"
%SAFE%\safekit kill -name="systemanager.exe" -level="terminate"
goto end
)
rem %SAFE%\safekit printi "Stopping HA Server Service"
rem net stop "HA Server Service"
%SAFE%\safekit printi "Stopping SSM Watch Services Manager"
net stop "SSM Watch Services Manager"
%SAFE%\safekit printi "Stopping SSM System Manager"
net stop "SSM System Manager"
%SAFE%\safekit printi "Stopping PostgreSQL (postgresql-9.1 - PostgreSQL Server 9.1)"
net stop "postgresql-9.1 - PostgreSQL Server 9.1"
del C:\PostgreSQL\9.1\data\postmaster.pid
rem Wait a little for the real stop of services
"%SAFEBIN%\sleep" 10
if %res% == 0 goto end
"%SAFE%\safekit" printe "stop_prim failed"
:end
Network load balancing and failover |
|
| Windows farm | Linux farm |
| Generic Windows farm > | Generic Linux farm > |
| Microsoft IIS > | - |
| NGINX > | |
| Apache > | |
| Amazon AWS farm > | |
| Microsoft Azure farm > | |
| Google GCP farm > | |
| Other cloud > | |
Advanced clustering architectures
Several modules can be deployed on the same cluster. Thus, advanced clustering architectures can be implemented:
- the farm+mirror cluster built by deploying a farm module and a mirror module on the same cluster,
- the active/active cluster with replication built by deploying several mirror modules on 2 servers,
- the Hyper-V cluster or KVM cluster with real-time replication and failover of full virtual machines between 2 active hypervisors,
- the N-1 cluster built by deploying N mirror modules on N+1 servers.
Evidian SafeKit mirror cluster with real-time file replication and failover |
|
|
3 products in 1 More info >  |
|
|
Very simple configuration More info >  |
|
|
Synchronous replication More info >  |
|
|
Fully automated failback More info >  |
|
|
Replication of any type of data More info >  |
|
|
File replication vs disk replication More info >  |
|
|
File replication vs shared disk More info >  |
|
|
Remote sites and virtual IP address More info >  |
|
|
Quorum and split brain More info >  |
|
|
Active/active cluster More info >  |
|
|
Uniform high availability solution More info >  |
|
|
RTO / RPO More info >  |
|
Evidian SafeKit farm cluster with load balancing and failover |
|
|
No load balancer or dedicated proxy servers or special multicast Ethernet address 
|
|
|
All clustering features
|
|
|
Remote sites and virtual IP address
|
|
|
Uniform high availability solution
|
|
Software clustering vs hardware clustering
|
|
|
|
Shared nothing vs a shared disk cluster |
|
|
|
Application High Availability vs Full Virtual Machine High Availability
|
|
|
|
High availability vs fault tolerance
|
|
|
|
Synchronous replication vs asynchronous replication
|
|
|
|
Byte-level file replication vs block-level disk replication
|
|
|
|
Heartbeat, failover and quorum to avoid 2 master nodes
|
|
|
|
Virtual IP address primary/secondary, network load balancing, failover
|
|
|
|
User's Guide
Application Modules
Release Notes
Presales documentation
Introduction
-
- Features
- Architectures
- Distinctive advantages
-
- Hardware vs software cluster
- Synchronous vs asynchronous replication
- File vs disk replication
- High availability vs fault tolerance
- Hardware vs software load balancing
- Virtual machine vs application HA
Installation, Console, CLI
- Install and setup / pptx
- Package installation
- Nodes setup
- Cluster configuration
- Upgrade
- Web console / pptx
- Cluster configuration
- Configuration tab
- Control tab
- Monitor tab
- Advanced Configuration tab
- Command line / pptx
- Silent installation
- Cluster administration
- Module administration
- Command line interface
Advanced configuration
- Mirror module / pptx
- userconfig.xml + restart scripts
- Heartbeat (<hearbeat>)
- Virtual IP address (<vip>)
- Real-time file replication (<rfs>)
- Farm module / pptx
- userconfig.xml + restart scripts
- Farm configuration (<farm>)
- Virtual IP address (<vip>)
- Checkers / pptx
- Failover machine (<failover>)
- Process monitoring (<errd>)
- Network and duplicate IP checkers
- Custom checker (<custom>)
- Split brain checker (<splitbrain>)
- TCP, ping, module checkers
Support
- Support tools / pptx
- Analyze snapshots
- Evidian support / pptx
- Get permanent license key
- Register on support.evidian.com
- Call desk