07-18-2013 11:33 PM
We are selling wireless as a service to our customers using aruba equipment. Up untill now this has mostly meant each customer gets a right sized master-local setup and we use Airwave just for monitoring/troubleshooting this and bring out reports of uptime.
We also put the switches we deploy together with our services in Airwave and we're at about 21% switches of total devices.
Now we are going to be using alot mor instant than before. With Activate and Airwave as our deployment, configuration, firmware management, troubleshooting and reporting tool. In short, Airwave will become very important for us.
So my question to you guys is, what is the best practise for a highly redundant and scalable Airwave design? I've read about the Master console but I can't really see how the different Airwave servers sync data between eachother etc. I hope you can explain to me what I need and how it works. :)
07-19-2013 12:25 AM
Master console talk to managed AMPs using HTTPS to verify the managed AMPs status based on the polling interval configured (default 5 minutes). MC retrieves the managed AMP status by requesting an XML file from the managed AMP.
<amp:amp_stats xmlns:amp="http://www.airwave.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" console_refresh_rate="300" failover_status="" ve
<name>AirWave Management Platform</name>
When running network wide reports from Master console, it requests the reports individual server and prepares the final report by combining the report from all watched AMP servers.
You can find the server sizing guide from our support site(https://support.arubanetworks.com), which will guide you through the process of selecting the right server based on the number of devices planning to be monitored by the server.
For Master Console specification:
When we have 2 to 3 managed AMP, which need to be monitored by Master Console, A server with 6 CPU Cores with 32 GB Memory and 410 GB disk space (RAID 10) can be used.
When we more than 3 managed AMP, which need to be monitored by Master Console, A server with 12 CPU Cores with 64 GB Memory and 548 GB disk space (RAID 10) can be used.
For failover server, I would suggest select a server which as powerful as the most powerful AMP server that MC is going to monitor, this will ensure smooth operation in a failover situation.
07-19-2013 12:37 AM
How it works ?
Once an AMP installation has been added to the Watched AMP list, the Failover AMP will download the most recent backup and
begin polling. The Failover AMP and the Watched AMP must be on the same version or else the watched AMP will
be unable to restore properly. If any of the watched AMPs are not on the same version of AMP, you will need to
upgrade. The Failover AMP will need HTTPS access (port 443) to the watched AMP to verify that the web page is
active and to fetch downloads.
Once the Failover AMP determines that the Watched AMP is not up (based on the user-defined missed poll threshold)
it will restore the data backup of the Watched AMP and begin monitoring the watched AMP APs and devices. There
are many variables that affect how long this will take including how long client historical data is being retained, but
for an AMP with 1,000 APs it might take up to 10 minutes. For an AMP with 2,500 APs, it might take as long as 20
minutes. The Failover AMP will retain its original IP address.
In summary, the Failover AMP could take over for the Watched AMP in as little as five minutes; it might take up to an
additional 10-20 minutes to unpack the watched AMP data and begin monitoring APs. The most important factors are
the missed poll threshold, which is defined by the user, and the size of the watched AMP backup, which is affected by
the total number of APs and by the amount of data being saved, especially client historical data.
What you need ?
Above post from Nimal has excellent information on the MC requirement based on the number of AMPs being watched
07-19-2013 02:28 AM
Hi again, and thank you for your responses!
So lets see if I got this straight, as you can maybe tell I've never setup redundancy for an Airwave environment. We have on big server doing its thing so you'll have to excuse me if I use the wrong terminology.
I'm attaching a drawing I did to illustrate how our enviromnemt could look in the future. Refering to the drawing, this would be the scenario:
AMP-1: AMP server with hardware and licenses for 5000 devices. (Let's say it's full)
AMP-2: AMP server with hardware and licenses for 4000 devices.
AMP Failover: AMP failover server with hardware and failover licenses for 5000 devices.
AMP Master console: server with hardware for managing 2 AMP servers.
When we fill up our first Airwave server, we put up an equally potent server and use it as a failover for redundancy. This server will download backups from its watched AMP servers and when one of them goes down it will restore the backup and take over the polling. To get this to work with instant I guess we'll have to configure this failover AMP as "Airwave backup ip"?
To continue deploying our services, we'll then have to install another Airwave server (AMP-2) and start deploying new sites in this one. We'll add this one to the watched AMP list of the failover for redundancy.
If we have customers spanning over AMP1 and AMP2, we'll need a master console to be able to get a good overview and to consolidate reports. What other value does the master console add? I guess if we want to configure instant APs on a specific AMP server we'll still have to log in to that specific server to do that? Can the failover AMP become the master console if that one was to go down?
07-19-2013 03:03 AM
The backup IP on Instant is to fall back to different AMP server. If we setup a failover server as backup, and if Failover did not takeover any AMP server, Instant cannot fall back to failover AMP. As in the Failover mode, it will monitor other servers but can't monitor devices. However, in the new Instant 3.x code, Instant supports SNMP communication. so, we can add Instant as SNMP device like controlers/switches and AMP can monitor them and incase of Failover, the failover AMP (now acting as AMP) continues to monitor the Instants.
From Master Coonsole (MC) we can also manage global groups which can be pushed to all AMP servers. In the Global group, we can define custom over ride config which will will be show as configurable option in Local AMP's. For Example, In MC > Global group, we can import/set the complete config and say for WLAN, we can select the check box to make it as overridable option. Once the global group is pushed to allAMP's. We can create groups in the AMP server and define it to be under global group from MC. Then we can see all the settings from Global group to Local group as default settings and the WLAN (which was set as configurable option) can be changed on the local groups on AMP and push to the devices.
07-19-2013 04:34 AM
So to be able to configure alot of instant clusters with AMP and have the redundancy I'll need to use SNMP to manage/monitor my clusters?
Would you see any issues having controller-based monitor-only devices in the same AMP as fully managed instant devices?
Would this be possible to put in your cloud based AMP service? (Aruba Central?) With monitoring, configuration and firmware upgrades etc. Are there anything that can be done in AMP and not in Central?
07-19-2013 04:42 AM
Yes, Using SNMP monitoring on Instant gives failover AMP to monitor them easily.
I do not see any issues here. We can also manage Controller based devices similar to Instant AP's. From AMP persepective the monitoring/managing will be same for controller or Instant AP's.
AMP can do Reporting, Alerting where the cloud based is stil lbehind on this part. Alos, we can store user or any other data as far as 1 year to get the reports and other details. AMP also has RAPIDS and VisualRF for Rogue AP detection and Location tracking to better monitor/manage the network.