How to Set Up a High Availability Environment with Two
SafeLine WAF introduced multi-node configuration synchronization in version 7.0.0.
Set-up Steps
1. Obtain Connection Command
After clicking Become a Master Node
, a IP address will appear. This address is used for slave nodes to connect to the master node and obtain its configuration. Therefore, you need to ensure that slave nodes can connect to the master node's management console. If you use a proxy to connect to the master node, modify this address to the proxy address.
2. Connect Slave Node to Master Node
Copy the generated connection command and execute it on the slave node's host machine. If a prompt appears (as shown in the image), it indicates that the slave node has successfully connected to the master node. After becoming a salve node, it switches to read-only mode, and the configurations cannot be modified.
3. Results
After waiting for a few minutes, you'll see the sites and rules on the master node appear on the slave node.
4. Unbind Nodes
To unbind nodes, you can click "Unbind" on either the master or slave node. Or when downgrading from the Professional version to the free version, this will dissolve the master-slave synchronization. After unbinding, you can modify the slave node's configuration.
Advantages and Disadvantages
Advantages
- Effectively solves the problem of single-node Safeline failure
- Expands the detection capability of your SafeLine WAF
Disadvantages
- Requires the same version of the Professional Edition to use; upgrades must be done simultaneously, as version inconsistencies will cause configuration synchronization to stop
- Log data can only be viewed in the management interface of different nodes; it's not possible to view all data in a single management interface
- May require forwarding to a specific SafeLine instance based on IP; otherwise, high-frequency access effects may be inconsistent with the configuration