Gateway Cluster

Limited Availability Notice

Gateway clustering is not generally available. This feature is visible in your account only if you are participating in the limited availability program. It is generally available in future releases. Contact Support for additional information.

Note

The limited availability program has ended and we are not supporting this currently.

A gateway cluster is a set of virtual machines (VMs) running gateway software, which function as a single, logical machine. The gateway cluster provides:

High availability against the failure of a node in the cluster.
High availability against the failure of a physical server on which the nodes run.
Flexible horizontal scaling of nodes to manage more IT assets.

How a gateway cluster works

A gateway cluster is a set of virtual machines, which run applications that discover and monitor your environment, as shown in the following figure:

Gateway nodes run on physical servers typically running a hypervisor with other VMs unrelated to the gateway. Nodes use a shared NFS storage volume to persist state shared among gateway nodes.

Each node also runs a lightweight Kubernetes - MicroK8s distribution. Kubernetes enables gateway nodes to work as a single, logical machine, which automatically schedules gateway applications between nodes.

If a node fails or the host on which the node runs fails, or both a node and host fail to restart applications on a different node, the logical node restarts the applications. The following figure shows how a gateway cluster works in the presence of faults:

Deployment options

Gateway clusters can be deployed in several configurations, depending on availability and horizontal scaling goals. The following figures illustrate three design points:

Prerequisites

To deploy a gateway cluster, make sure your environment meets these requirements:


Component	Attribute	Requirements
Nodes	Size	4 CPU cores, 8 GB RAM, 60 GB Disk
Nodes	IP addresses	Static IP address allocation requirement: One static IP address assigned to the primary network interface of each node. One additional floating IP (static IP) address for the gateway Manager application. None of these IP addresses should be allocated to a DHCP pool. All IP addresses must be in the same subnet.
Nodes	Hostname	Each node should have a unique hostname. IP address and hostname should be added in the `/etc/hosts` file and you should be able to ping all nodes using the IP address and hostname.
Nodes	Network access	All VMs should have outbound internet access to `*.opsramp.com` for connectivity, `k8s.gcr.io` and the `us-docker.pkg.dev` Google Artifact registry, or custom registry proxy URLs to download gateway applications.
Nodes	Number of nodes	Minimum of three nodes for high availability.
Hosts	OS	VMWare vSphere ESXi v6.0 or later versions.
Hosts	Number of hosts	Minimum of three hosts, running one gateway node on each host for high availability.
Storage	Type	NFS storage volume, with read/write access from all nodes.
Nodes	Ports	All VMs should have inbound access on ports 80, 5480, 30100, and outbound access on port 443.

Install a cluster gateway syslog adapter

To install a cluster gateway syslog adapter, see Install Syslog Adapter on Cluster Gateway

FAQs

Can I roll back to the classic gateway from a gateway cluster?

Yes, you can roll back from a gateway cluster to the classic gateway without re-onboarding your managed resources and without monitoring data loss.

De-register the gateway cluster from its management profile and register a classic gateway in its place.

SDK-based apps do not work moving back to Classic Gateway. For all SDK-based apps, cluster gateway is required.

How do I validate the multi-node cluster gateway setup?

Validate that your cluster is set up correctly by:

Running network discovery on a few managed resources.
Applying ping monitors on the resources.

How do I validate that the cluster can successfully recover from a node failure?

Select one of the nodes.
Power the node off to simulate node failure. The cluster recovers from the failure by restarting failed node monitoring applications on the remaining nodes.
Verify that monitors resume monitoring by observing the metric graphs in the UI.

How to restrict Gateway Manager access?

Gateway Manager can be accessed on Cluster IP or Load Balancer IP from browser location https://<IPAddress>:5480.
Run the following commands on the gateway node to switch between the IPs. This action can be performed after the installation of the gateway Manager.

To enable Gateway Manager to run on Cluster IP and help restrict Gateway WebUI access on external IP:

microk8s kubectl edit services Gateway Manager

Change type: LoadBalancer to type: ClusterIP

Delete the line that starts with nodePort

To enable Gateway Manager to run on Load Balancer IP, which reverts the above change and permits Gateway WebUI access on the external IP:

microk8s kubectl edit services Gateway Manager

Change type: ClusterIP to type: LoadBalancer

How to change the DNS entries on the cluster?

If you want to use your own DNS entries instead of the default entries, run:

microk8s kubectl edit configmap/coredns -n kube-system

Change the default DNS entries 8.8.8.8 and 8.8.4.4 to the DNS entries you want.

How to connect the gateway using an external proxy server?

To connect the gateway to the cloud, which permits the gateway to register and communicate using a proxy server, log in to the gateway manager WebUI, https://<IPAddress>:5480, enter the proxy server details, and save.

How to pull helm charts and images using a proxy external server?

To pull helm charts and images using an external proxy server, configure the IP and port number of the proxy server details and restart the service:

nano /var/snap/microk8s/current/args/containerd-env

Enter the external proxy IP and port number:

  HTTPS_PROXY=https://<proxy>:<port>
  NO_PROXY=10.1.0.0/16,10.152.183.0/24,<NodeIP>

Restart microk8s to complete the changes:

sudo microk8s stop
sudo microk8s start

How to check the logs?

Check the Pods and Containers logs files in the following locations:

  /var/log/pods 
  /var/log/containers

How to remove a node from the cluster?

On a node crash or failure, you can remove the node from the cluster and join a new, identical node to the cluster:

sudo microk8s remove-node <NodeName> --force

How to add the new node to the existing cluster?

Refer to the join nodes section of Set Up a Multi-node Cluster to join a new node to the cluster.