Data Center Security

 View Only
  • 1.  Setup DCS Management Server name with different FQDN

    Posted Aug 21, 2024 08:42 PM

    Dear Expert. 

    I want to check whether the objective below is possible. 

    • I have a Windows Server hostname as "ABC" | FQDN: "ABC.domain123.com".
    • Now, while setting up the DCS Management server, I checked the "use FQDN hostname for Certificate" and then provided a different FQDN hostname as "DFG.domain456.com"


    I want to confirm, is this possible/supported? As I am aware, the FQDN hostname must same as the Windows Server hostname. 

    Regards



  • 2.  RE: Setup DCS Management Server name with different FQDN

    Broadcom Employee
    Posted 13 days ago

    Installing the Management Server and Unified Management Console with Multi-Server FQDN
    With a multi-server FQDN configuration, the primary server and all tomcat component servers are installed with the exact
    same logical fully qualified domain name. Your DNS or Load Balancer will dynamically resolve the FQDN logical name to
    a physical IP address based on server availability and/or load balancing scheme. Most modern data centers achieve high
    availability in a similar way, resolving IP addresses to online servers dynamically, so as not to require clients (agents) and
    other servers to manage IP addresses. Figure Installing with multi-server FQDN depicts 1 through N agents requesting
    IP resolution given a single FQDN logical name, and then communicating with a non-specific server manager; with each
    server dependent upon a centralized database.

    Configuration of individual multi-server FQDN instances (after primary server installation) is as detailed in the section
    Installing Management Server along with Tomcat using production mode , with the additional following constraints:
    • The same logical name (FQDN) must be used to register all servers in a multi-server environment, including the
    primary server
    • When installing a new tomcat component server instance in a multi-server environment, the tomcat component
    instance being installed must not resolve the FQDN logical name to any IP address other than its own. This can easily
    be achieved by adding a temporary entry in the localhosts host file and/or unsetting the corporate DNS under network
    adaptor settings (e.g. you can use Google's DNS 8.8.8.8 until the installation is complete). Note that the database must
    still resolve so you will likely have to add an entry for that as well.
    • After installation, a different UMC username must be used if signing into multi-servers concurrently (A single user
    should be logged in only once at any give time across the entire multi-server environment). If you log into a 2nd server
    using the same username, the session on the previous server will be invalidated.
    • Administration with the UMC web portal requires a DNS or Load Balancer that supports sticky sessions; unless you
    edit your localhost's hosts file and set a fixed IP entry for the FQDN when using the UMC webportal.