FastX Clustering

Note: For FastX Version 2 clustering, click here

Multiple FastX servers can be connected together to create a cluster. Clustering allows users to connect to any system and view/interact with/launch sessions in the cluster.

Clustering offers better security and load distribution over a single machine.  Gateway servers can be used as the client access point while session servers can be hidden behind a firewall to do the heavy computing.  Combined with load balancing, the power of FastX can be seen.  New sessions can be routed to servers giving the implementers complete control of where sessions are started.  Power users can integrate their own job scheduling software into the FastX cluster launching sessions when the server resources become available.

Setting up a cluster

Overview

FastX uses a distributed database with encrypted messaging to provide secure communication between servers. Each FastX server doubles as a database node and maintains its own public/private key pair.  The public key must be known to the other cluster members in order to decrypt the messages.

Connecting to a cluster is a 3 part process

  1. Installing the cluster package
  2. Importing the public keys of other servers
  3. Connecting a server to a database cluster

Installing the cluster package

  1. Download the FastX plugins package
  2. Extract the files tar xzf FastX3-plugins-{{version}}.tgz
  3. copy the extracted plugins directory to var mv plugins /usr/lib/fastx/var
  4. Restart the web server service fastx3 restart

Importing the public keys of other servers

Get the public key of a server

  1. Log in as an administrator
  2. Go to System > Clustering > Authorized Keys
  3. Click Actions > Export this server’s public key
  4. The key will be downloaded

Import the public key of a server

  1. Log in as an administrator
  2. Go to System > Clustering > Authorized Keys
  3. Click Actions > Import Public Key
  4. Find the key you downloaded and import it

Notes

  • The public key filename must be in the format:   serverid.pub

    • serverid is the server id
    • The server id is located in the file: /usr/lib/fastx/var/local/serverid
    • The public key is located in the file: /usr/lib/fastx/var/local/public
  • The authorized keys dir is located by default at: /usr/lib/fastx/var/authorized_keys
    • This can be configured
    • The FastX server will attempt to write its key to this directory on startup
    • Admins will typically want to create a mounted authorized keys directory

Connecting a server to a database cluster

  1. Log in as an administrator
  2. Go to the System > Clustering > Database Servers
  3. Click on Clustering > Servers
  4. Click New Server
  5. Enter the URL of another cluster member
    • Cluster members are also database nodes
  6. Save
  7. Repeat Steps 4 – 6 to add multiple FastX distributed database urls for fault tolerance
  8. Click Actions > Reconnect to servers

Notes

  • FastX uses expiring JSON Web Tokens (jwt) to authenticate remote database connections.  The database server needs the database client’s public key to verify the token.
  • Communication is bi-directional.  The database server and the database client sync all information between each other.
  • In production, all servers should use Valid SSL Certificates from a trusted certificate authority.
    • To enforce certificate validation add the option “rejectUnauthorized”: false  to the agent object. ie.
    • {
      “rejectUnauthorized”: false
      }

Cluster Configurations