High Availability

Top  Previous  Next

CirrusPrint is designed to work with data on shared file systems, so that multiple system installations can share the same configuration and job activity, and therefore support the same set of companies, locations, and devices.  Enabling this simply involves setting up a shared file system location, and manually editing the data= settting in each system's config.ini file to point to a common location.  If you already have a configuration  and want to migrate to a shared setup, simply copy the contents of the local data directory to the newly shared data directory.

 

Once a set of systems is working with a single set of data, you can then determine how to access those systems from clients.  There are two broad techniques:

 

1. Assuming each system has a static IP address, you can set up a single A or AAAA record on your DNS server to reference all the IP addresses.  All clients should randomly choose any of those IP addresses when accessing the system by the DNS name.  If you have enabled SMTP receiving on port 25, you can also setup MX records to those IP addresses.  Be sure to use a dedicated domain or subdomain for these configurations to avoid breaking access to your public web and email services.

 

2. In a larger setup, you can set up proxy servers that provide http, https, and possibly smtp access, and through their proxy configuration, access a set of CirrusPrint servers through whatever load-balance or fail-over configuration is desired.  In this type of configuration, the CirrusPrint servers don't need to be accessed publicly, as the proxy servers provide the endpoint.  Instead, the proxy server configuration can make requests in the local network to the CirrusPrint servers.  Many cloud service providers offer network or application load balancers that can perform the function of a proxy server for both HTTP and SMTP traffic.

 

Notes

It is important that the shared file system you use has high performance.  File systems with high latency or low bandwidth will likely cause poor performance.  Note that this caveat applies only to data shared by multiple CirrusPrint servers.  Client connections are designed to work well with limited network capabilities.

 

There can be artificial latency built into network operating systems due to file system caching.  For example, when using NFS, review the mount settings on the client system.  An option setting of actimeo=1 will reduce file stamp timing updates from the default of 30 or 60 seconds to 1.  To turn off file attribute caching entirely, use noac instead.  This may be necessary for consistent programmatic API access due to the frequency at which API calls can be made.

 

When using the browser admin interface through a high-availability configuration, you won't know which machine you are actually communicating with at any time.  For this reason, you might need to instead browse to a specific machine by ip address or subdomain in order to ensure which machine you are configuring or restarting.  If you want to restart a single server, it may be more reliable to use the operating system to do so.

 

The CirrusPrint service user requires full rights to the shared path.  After copying a local data directory to a shared location, verify ownership and permission settings.

 

On Linux, you can change ownership like this:

 

 sudo chown -R cp30s:cp30s /shared/path

 

On Windows, you must change the CirrusPrint 3.0 Server service to login as a real user rather than the local system account, as the system account has no rights to network shares.  Also, use a UNC path rather than a mapped drive, as services do not mount mapped drives.  Then ensure the new service user has full rights to the data path.

 

Load balancer health checks can use the /api/version path.  This path does not require authentication and will not return a redirection status code.

 

Load balancer timeouts should be well over 60 seconds, as client connections need to maintain their connections for that amount of time.  If timeout settings on the load balancer are too low, the load balancer can drop the connection.