Loading TOC...
Administrator's Guide (PDF)

Administrator's Guide — Chapter 5


This chapter describes cluster configuration using the Admin Interface. A cluster is a set of hosts that work together. This chapter includes the following sections:

Overview of Cluster Configuration

In MarkLogic clusters, a common configuration is to have one group defined for the evaluator nodes (hosts that service query requests) and another group defined for the data nodes (hosts to which forests are attached).

The Cluster configuration page found in the Admin Interface enables you to configure FIPS 140-2 mode for a cluster and to couple local and foreign clusters. For a description of each configuration option, see the help tab of the group configuration page in the Admin Interface. For a discussion of how clustering works in MarkLogic Server, see Clustering in MarkLogic Server in the Scalability, Availability, and Failover Guide.

OpenSSL FIPS 140-2 Mode

MarkLogic Server uses FIPS-capable OpenSSL to implement the Secure Sockets Layer (SSL v3) and Transport Layer Security (TLS v1) protocols. When you install MarkLogic Server, FIPS mode is enabled by default and SSL RSA keys are generated using secure FIPS 140-2 cryptography. This implementation disallows weak ciphers and uses only FIPS 140-2 approved cryptographic functions. Should your applications experience any difficulty running in SSL FIPS-mode, you can disable FIPS-mode using the Admin Interface as described below.

For more information on the OpenSSL FIPS 140-2 cryptographic capabilities, refer to the documentation provided by the OpenSSL Project at: http://www.openssl.org/docs/fips/fipsvalidation.html.

Procedures for Configuring Clusters

The following procedures describe how to configure clusters in MarkLogic Server:

Configuring OpenSSL FIPS 140-2 Mode

When FIPS 140-2 mode is enabled, the OpenSSL library is initialized into FIPS 140-2 mode at system startup. Note that this is the default behavior of MarkLogic Server. If FIPS mode is enabled or disabled on a running system, the OpenSSL library is reconfigured appropriately without requiring a server restart. When the FIPS mode setting changes and secure XDQP is configured, all XDQP connections are dropped and reestablished.

To configure a cluster to run in FIPS 140-2 mode, perform the following steps:

  1. Log into the Admin Interface.
  2. Click the Clusters icon on the left tree menu.
  3. Select the local cluster. The Edit Local Cluster Configuration page appears.

  1. To configure FIPS 140-2 mode, select true or false as needed. For SSL FIPS Enabled, select true.
  2. Click OK to save the change.

Coupling Clusters

You can use the Admin Interface to couple local and foreign clusters to enable inter-cluster communication. To replicate a database from one cluster to a database in another cluster, the two clusters must be coupled. For information on how inter-cluster communication relates to database replication, see the Database Replication Guide. For details, on coupling clusters specifically, see Coupling the Local and Foreign Clusters in the Database Replication Guide.

« Previous chapter
Next chapter »