Jump to:navigation, search
Wiki

CLI command: cluster

From Securepoint Wiki









































De.png
En.png
Fr.png






Syntax of the CLI command cluster
Last adaption: 08.2023
New:
notempty
This article refers to a Resellerpreview
Access: UTM-IP:Port or UTM-URL:Port
Port as configured at Network / Appliance Settings / Webserver
Default-Port: 11115
i.e.: https://utm.ttt-point.de:11115
Default: https://192.168.175.1:11115 → Extras →CLI


CLI commands

The following describes commands for the Securepoint CLI.

CLI command Output Description
cli> cluster info
cluster_state
∣master
backup
 none
 The cluster state indicates who in the cluster is currently master or backup or whether the cluster is active at all. The output always refers to the machine on which this command is executed.
sync_state
∣synchronized
pending
 error
 Indicates the status of the configuration. Synchronized means that it is the same on both UTMs of the cluster. The state "pending" means that the UTMs have a different state. In both cases the members can communicate with each other. The state "error" shows that they cannot exchange data. This could be the case if no hotwire interface is configured, the wiring is not correct, the SSH keys have not been exchanged, or the wrong SSH keys are used.
hotwire_dev
∣ethx
 Specifies the interface on which the Hotwire interface is configured.
cli> system config save name <Name der Konfiguration> If a configuration change has been made in the CLI, it must be saved locally first. Only then is a synchronization of the cluster transferred.
cli> system config synchronize With this command the respective start configuration can be transferred to the Cluster Partner via the Hotwire interface.
 The configuration from the UTM on which the command is executed is used.
 An article of system commands can be found here.
cli> extc value get application "securepoint_firewall" variable "UPDATE_TRIGGER_DELAY" Value ∣2 Displays the delay in seconds before switching from master to backup in case of an error. The default value is 2 seconds.
cli> extc value set application "securepoint_firewall" variable "UPDATE_TRIGGER_DELAY" value 2 OK Changes the delay, for the case of an error, which is switched from master to backup. The default value is 2 seconds and should not be set lower. If the appliances in the cluster have a high base load, the value can be set higher.
The setting is immediately active and can be transferred to the partner via system config synchronize.

Maintenance Mode

cli> cluster maintainance set value "1"
cli> system update interface		 OK Activates the maintenance mode
  • The maintenance mode is used to switch to the spare in a controlled manner and prevents multiple switching in the case of several individual steps (update, change IP addresses etc.)
  • The services available in maintenance mode are configured in the wizard in step 4 or under → Network →Cluster configurationTab Applications.
  • The UTM is not accessible via the virtual IP in maintenance mode, but only via a fixed IP address.
cli> cluster maintainance set value "0"
cli> system update interface 		OK Disables the maintenance mode
Master
cli> cluster info		 
attribute    |value
-------------+-----
cluster_state|backup
sync_state   |synchronized
hotwire_dev  |eth2 
maintainance |true
State during the set "Maintainance Mode" on the Master
Spare
cli> cluster info 
attribute    |value
-------------+-----
cluster_state|master
sync_state   |synchronized
hotwire_dev  |eth2 
maintainance |false
 State during the set "Maintenance Mode" on the Spare
Retrieved from "https://wiki.securepoint.de/index.php?title=UTM/CLI/Cluster&oldid=87332"