According to documentation, for a failover pair you will need to setup two DMZ servers, each pointing to one of the two agents in the pair. This means for example a system with 3 FO pairs will potentially need 6 DMZ servers. This seems quite a lot.
Is it possible / supported to point the DMZ to the virtual IP of each pair thereby halving the number of DMZ servers needed ?
Wale Oguntoyinbo [SLC] [DevOps Enabler] Selected answer as best 20th February 2023
Hi Wale
we have not tested this but this should work in theory. There are some side notes to be made:
- we would advise you to assign a domain to the virtual IP of each pair and use that to generate secure https certificates to have a secure connection towards the webapis
- when switching the failover pair all current connections will disconnect and reconnect with the new failover agent, which will be noticeable by end users eg when they are looking at a shared dashboard
Please let us know if we can assist in any setup or testing.
Wale Oguntoyinbo [SLC] [DevOps Enabler] Selected answer as best 20th February 2023
Thanks Baptiste, I will reach out if further assistance is required.