Overview
High availability (HA) ensures that your Teramind deployment is spread out in multiple instances to eliminate any single point of failure. It enables the Teramind applications and service to continue to operate even if one of the IT components it depends on, such as a server, fails.
The native, built-in high availability can be fine tuned and adapted for different scenarios.
i
|
The deployment requires odd number of nodes (2n+1). Here, 5 nodes are used as an example. |
|
1
|
SSH access to the provisioned VMs is required for setup or troubleshooting. |
2
|
Managers/admins use port 443 (HTTPS) to open the Dashboard. After the initial setup, the interface port can be changed from the Dashboard settings. |
3
|
By default, Teramind Agents use port 443 (HTTPS) and port 10000 (proprietary protocol) to connect to the server and transfer data. You can separate the Dashboard interface listening port from and Agent listening portvfrom the Dashboard settings. |
4
|
Ports 443 and 10000 should be load-balanced between the Master node and AppServer nodes. |
5
|
Active Directory integration is possible for pulling information (users, groups, OUs) and for user authentication. |
6
|
All nodes should have read/write access to the PostgreSQL DB Cluster. |
7
|
All nodes should have read/write access to a NFS or any S3 compatible storage solution. It’s used for storing screen/audio recordings, captured user data (mail attachments, printed documents, etc.), BI reporting component backups, etc. |
Teramind Node Details
 |
Data Disk is used to store pre-aggregated data used by the reporting engine. |
The Master Node additionally runs background processing component which handles workloads such as:
- automated report exports
- video exports
- mail sending
- AD sync (pulling data from LDAP(S) endpoint)
|
Ports Usage
HA Deployment Port Usage
Public Facing Ports (Load-Balanced) |
TCP: 443 |
Teramind Dashboard / web interface (HTTPS) |
TCP: 10000 |
Agent data streaming (SSL/TLS) |
Inter-Node Communications Ports |
TCP: 22 |
SSH, used to transfer and trigger updates |
TCP: 443 |
Internal HTTPS endpoints |
TCP: 6379, 16379, 26379 |
Redis (not encrypted) |
TCP: 8123, 9000, 9009 |
BI reporting data replication (not encrypted) |
TCP: 10000-11000 |
Agent data streaming (SSL/TLS) |
TCP: 42001 |
Internal proprietary communications protocol (node health status check) |
External Services Ports |
TCP: 5432 |
PostgreSQL Database (SSL/TLS) |
TCP: 636 |
LDAPS (SSL/TLS) |
Varies |
Storage: NFS / S3 compatible |
Difference with a Regular Deployment
Regular Deployment |
HA Deployment |
Usage |
Description |
TCP: 10000-11000 on Application Servers |
10000 on all nodes |
Agent data streaming |
To handle incoming agent connection, each node with AppServer role runs multiple processes that handle connections and listen on multiple ports in 10000-11000 range. To simplify load balancer rules, a single port is used in the HA deployment. |
TCP: 6379 to Master Node |
TCP: 6379, 16379, 26379, all nodes |
Redis connection |
Redis runs on each node. Additional ports are required to support HA/failover capabilities. |
|
TCP: 8123, 9000, 9009, all nodes |
BI reporting data replication |
No replication in regular deployments, ports not used. |
5432 to Master Node |
5432 to external PostgreSQL DB Cluster |
PostgreSQL |
External PostgreSQL DB Cluster is used. |