A gateway cluster is a set of virtual machines (VMs) running gateway software, which function as a single, logical machine. The gateway cluster provides:

  • High availability against the failure of a node in the cluster.
  • High availability against the failure of a physical server on which the nodes run.
  • Flexible horizontal scaling of nodes to manage more IT assets.

How a gateway cluster works

A gateway cluster is a set of virtual machines, which run applications that discover and monitor your environment, as shown in the following figure:

Gateway Cluster

Gateway nodes run on physical servers typically running a hypervisor with other VMs unrelated to the gateway. Nodes use a shared NFS storage volume to persist state shared among gateway nodes.

Each node also runs a lightweight Kubernetes - MicroK8s distribution. Kubernetes enables gateway nodes to work as a single, logical machine, which automatically schedules gateway applications between nodes.

If a node fails or the host on which the node runs fails, or both a node and host fail to restart applications on a different node, the logical node restarts the applications. The following figure shows how a gateway cluster works in the presence of faults:

Gateway Cluster

Deployment options

Gateway clusters can be deployed in several configurations, depending on availability and horizontal scaling goals. The following figures illustrate three design points:

Gateway Cluster
Gateway Cluster


To deploy a gateway cluster, make sure your environment meets these requirements:

NodesSize4 CPU cores, 8 GB RAM, 60 GB Disk
NodesIP addressesStatic IP address allocation requirement:
  • One static IP address assigned to the primary network interface of each node.
  • One additional floating IP (static IP) address for the gateway Manager application.
  • None of these IP addresses should be allocated to a DHCP pool.
  • All IP addresses must be in the same subnet.
NodesHostnameEach node should have a unique hostname. IP address and hostname should be added in the /etc/hosts file and you should be able to ping all nodes using the IP address and hostname.
NodesNetwork accessAll VMs should have outbound internet access to *.opsramp.com for connectivity, k8s.gcr.io and the us-docker.pkg.dev Google Artifact registry, or custom registry proxy URLs to download gateway applications.
NodesNumber of nodesMinimum of three nodes for high availability.
HostsOSVMWare vSphere ESXi v6.0 or later versions.
HostsNumber of hostsMinimum of three hosts, running one gateway node on each host for high availability.
StorageTypeNFS storage volume, with read/write access from all nodes.
NodesPortsAll VMs should have inbound access on ports 80, 5480, 30100, and outbound access on port 443.

Install a cluster gateway syslog adapter

To install a cluster gateway syslog adapter, see Install Syslog Adapter on Cluster Gateway


Can I roll back to the classic gateway from a gateway cluster?

Yes, you can roll back from a gateway cluster to the classic gateway without re-onboarding your managed resources and without monitoring data loss.

De-register the gateway cluster from its management profile and register a classic gateway in its place.

SDK-based apps do not work moving back to Classic Gateway. For all SDK-based apps, cluster gateway is required.

How do I validate the multi-node cluster gateway setup?

Validate that your cluster is set up correctly by:

  • Running network discovery on a few managed resources.
  • Applying ping monitors on the resources.

How do I validate that the cluster can successfully recover from a node failure?

  1. Select one of the nodes.
  2. Power the node off to simulate node failure. The cluster recovers from the failure by restarting failed node monitoring applications on the remaining nodes.
  3. Verify that monitors resume monitoring by observing the metric graphs in the UI.

How to restrict Gateway Manager access?

  1. Gateway Manager can be accessed on Cluster IP or Load Balancer IP from browser location https://<IPAddress>:5480.

  2. Run the following commands on the gateway node to switch between the IPs. This action can be performed after the installation of the gateway Manager.

To enable Gateway Manager to run on Cluster IP and help restrict Gateway WebUI access on external IP:

microk8s kubectl edit services Gateway Manager

Change type: LoadBalancer to type: ClusterIP

Delete the line that starts with nodePort

To enable Gateway Manager to run on Load Balancer IP, which reverts the above change and permits Gateway WebUI access on the external IP:

microk8s kubectl edit services Gateway Manager

Change type: ClusterIP to type: LoadBalancer

How to change the DNS entries on the cluster?

If you want to use your own DNS entries instead of the default entries, run:

microk8s kubectl edit configmap/coredns -n kube-system

Change the default DNS entries and to the DNS entries you want.

How to connect the gateway using an external proxy server?

To connect the gateway to the cloud, which permits the gateway to register and communicate using a proxy server, log in to the gateway manager WebUI, https://<IPAddress>:5480, enter the proxy server details, and save.

How to pull helm charts and images using a proxy external server?

To pull helm charts and images using an external proxy server, configure the IP and port number of the proxy server details and restart the service:

nano /var/snap/microk8s/current/args/containerd-env

Enter the external proxy IP and port number:


Restart microk8s to complete the changes:

sudo microk8s stop
sudo microk8s start

How to check the logs?

Check the Pods and Containers logs files in the following locations:


How to remove a node from the cluster?

On a node crash or failure, you can remove the node from the cluster and join a new, identical node to the cluster:

sudo microk8s remove-node <NodeName> --force

How to add the new node to the existing cluster?

Refer to the join nodes section of Set Up a Multi-node Cluster to join a new node to the cluster.