Create an Active Failover deployment using the ArangoDB Starter
This section describes how to start an Active Failover setup the tool Starter (the arangodb binary program).
As a precondition you should create a secret to activate authentication. The Starter provides a handy functionality to generate such a file:
arangodb create jwt-secret --secret=arangodb.secret
Set appropriate privilege on the generated secret file, e.g. on Linux:
chmod 400 arangodb.secret
Local Active Failover test deployment
If you want to start a local Active Failover setup quickly, use the --starter.local
option of the Starter. This will start all servers within the context of a single
starter process:
arangodb --starter.local --starter.mode=activefailover --starter.data-dir=./localdata --auth.jwt-secret=/etc/arangodb.secret --agents.agency.supervision-grace-period=30
Please adapt the path to your secret file accordingly.
Note that to avoid unnecessary failovers, it may make sense to increase the value
for the startup option --agents.agency.supervision-grace-period
to a value
beyond 30 seconds.
Note: When you restart the Starter, it remembers the original --starter.local
flag.
Multiple Machines
If you want to start an Active Failover setup using the Starter, you need to copy the
secret file to every machine and use the --starter.mode=activefailover
option of the
Starter. A 3 “machine” Agency is started as well as 3 single servers,
that perform asynchronous replication and failover:
arangodb --starter.mode=activefailover --starter.data-dir=./data --auth.jwt-secret=/etc/arangodb.secret --agents.agency.supervision-grace-period=30 --starter.join A,B,C
Please adapt the path to your secret file accordingly.
Note that to avoid unnecessary failovers, it may make sense to increase the value
for the startup option --agents.agency.supervision-grace-period
to a value
beyond 30 seconds.
Run the above command on machine A, B & C.
Once all the processes started by the Starter are up and running, and joined the Active Failover setup (this may take a while depending on your system), the Starter will inform you where to connect the Active Failover from a Browser, shell or your program.
For a full list of options of the Starter please refer to this section.
Using the ArangoDB Starter in Docker
The Starter can also be used to launch an Active Failover setup based on Docker
containers. To do this, you can use the normal Docker arguments, combined with
--starter.mode=activefailover
:
export IP=<IP of docker host>
docker volume create arangodb
docker run -it --name=adb --rm -p 8528:8528 \
-v arangodb:/data \
-v /var/run/docker.sock:/var/run/docker.sock \
arangodb/arangodb-starter \
--agents.agency.supervision-grace-period=30 \
--starter.address=$IP \
--starter.mode=activefailover \
--starter.join=A,B,C \
--docker.net-mode=default
Run the above command on machine A, B & C.
Note that to avoid unnecessary failovers, it may make sense to increase the value
for the startup option --agents.agency.supervision-grace-period
to a value
beyond 30 seconds.
The Starter will decide on which 2 machines to run a single server instance.
To override this decision (only valid while bootstrapping), add a
--cluster.start-single=false
to the machine where the single server
instance should not be started.
If you use the Enterprise Edition Docker image, you have to set the license key
in an environment variable by adding this option to the above docker
command:
-e ARANGO_LICENSE_KEY=<the-key>
You can get a free evaluation license key by visiting:
www.arangodb.com/download-arangodb-enterprise/
Then replace <the-key>
above with the actual license key. The start
will then hand on the license key to the Docker containers it launches
for ArangoDB.
TLS verified Docker services
Oftentimes, one needs to harden Docker services using client certificate and TLS verification. The Docker API allows subsequently only certified access. As the ArangoDB starter starts the ArangoDB cluster instances using this Docker API, it is mandatory that the ArangoDB starter is deployed with the proper certificates handed to it, so that the above command is modified as follows:
export IP=<IP of docker host>
export DOCKER_TLS_VERIFY=1
export DOCKER_CERT_PATH=/path/to/certificate
docker volume create arangodb
docker run -it --name=adb --rm -p 8528:8528 \
-v arangodb:/data \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /path/to/certificate:/path/to/certificate
arangodb/arangodb-starter \
--agents.agency.supervision-grace-period=30 \
--starter.address=$IP \
--starter.mode=activefailover \
--starter.join=A,B,C \
--docker.net-mode=default
Note that the environment variables DOCKER_TLS_VERIFY
and DOCKER_CERT_PATH
as well as the additional mountpoint containing the certificate have been added above.
directory. The assignment of DOCKER_CERT_PATH
is optional, in which case it
is mandatory that the certificates are stored in $HOME/.docker
. So
the command would then be as follows
export IP=<IP of docker host>
docker volume create arangodb
docker run -it --name=adb --rm -p 8528:8528 \
-v arangodb:/data \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /path/to/cert:/root/.docker \
-e DOCKER_TLS_VERIFY=1 \
arangodb/arangodb-starter \
--agents.agency.supervision-grace-period=30 \
--starter.address=$IP \
--starter.mode=activefailover \
--starter.join=A,B,C \
--docker.net-mode=default