CloudControl HA CLI Commands

All CloudControl HA operations are performed using the CloudControl CLI asc ha command. Using the vSphere Client, you can open the CloudControl console window and execute CloudControl CLI commands to perform CloudControl HA operations.

Use the asc ha --help command to obtain syntax help for all CloudControl HA CLI commands.

The following table provides a description of the most common CloudControl HA command options. For more information on CLI commands, see the Administration Guide for HyTrust CloudControl.

Option	Description
-d, --disband	Disconnect the CloudControl from the HA cluster. This can be run from the primary or secondary CloudControl nodes.
--disable-password-sync	Disables the synchronization of the 'ascadminuser' password.
--dualSiteHaConf	Used to add and modify VIP and PIP configuration for the secondary host to allow your primary and secondary PIP to be located in separate subnets. See Dual-Site HA Setup for full usage instructions.
--dualSiteHaConf --list	Lists the contents of the VIP and PIP configuration file for the dual site HA configuration.
--dualSiteHaConf --delete	Deletes the existing VIP and PIP configuration file for the dual site HA configuration.
-e, --peertest	Test the health of the remote system and automatically failover if needed.
--enable-password-sync	Enables the synchronization of the 'ascadminuser' password.
-f, --failover {auto\|manual}	Set the failover mode. Valid values are: auto—Enable automatic failover. The secondary CloudControl can assume primary functions if the primary CloudControl has been offline for the timeout interval. manual—Disable automatic failover.
-h, --help	Display usage text.
--haclean	Clean old HA sync data keeping only the three most recent data sets. Use `--haclean --all` to clear all HA sync data sets.
-i, --interval <minutes>	Sets the data synchronization period, in minutes, between CloudControl nodes. The default is 10 minutes, and the valid range is 2-1440 minutes.
-j, --join	Join two CloudControl nodes to create an HA cluster. This can be run from either the primary or secondary node. This requires the IP address and password for the node that you want to join, and the status (mode) of the node you are joining from.
-o, --mode {primary\|secondary}	Sets the HA mode. Valid values are: primary—The main CloudControl node where all traffic is routed. secondary—The backup or standby CloudControl node. Changing the HA mode triggers a failover event.
-n, --nosync	Do not perform an initial synchronization of data between HA nodes during a join, or prior to initiating a failover.
-p, --password <password>	The password of the remote CloudControl. Required when joining an HA cluster. Optionally, the password can be supplied via the `HTHAPW` environment variable.
-s, --sync	Forces an immediate synchronization of data between HA CloudControl nodes.
--sshkeyrotate	Rotates the SSH keys on the primary and secondary nodes of an existing cluster. After rotating, use the `asc ha --status` command to verify. Note: If there is a failure during key rotation, disband the cluster on both nodes and reform using the `asc ha --setup` command.
--sshkeytest	Tests the network connection between the two HA CloudControl nodes and verifies the SSH keys.
-t, --status	View the current configuration and operational state of the HA cluster.
-u, --timeout <minutes>	Sets the primary CloudControl monitoring minimum time threshold, in minutes, before an automatic failover event occurs. The minimum value is 10.
-v, --pollinterval <minutes>	Sets the health monitoring period, in minutes, before automatic failover mode is enabled.
--virtual-ip	Set the CloudControl Service IP address.

Note: You can also use the asc restore --systemrestore command to remove temporary and working files and restore the system configuration files. Use this command after an HA failover event, before joining a failed CloudControl as a secondary, or during testing to restore CloudControl to a clean state.