Components

1. A load balancer directs traffic to a specific PrivX application server. The load balancer keeps track of PrivX application server statuses and removes non-working ones from the pool. The load balancing can be based on source address or sticky session.

2. A PrivX application server consists of an Nginx reverse proxy and a number of PrivX microservices. Nginx reverse proxy also serves the PrivX HTML5 UI static resources for the requesting clients. The PrivX microservices offer REST APIs over HTTPS. The PrivX application servers store all persistent data in a database - once a PrivX application server has been configured, it is just a matter of taking a snapshot of the server and deploying a new instance of the snapshot to add application nodes.

3. The PrivX microservices use Redis in-memory cache to sync state between themselves - Redis is used only to trigger updates which are done via REST calls. To ensure high-availability, Redis should be configured in clustered mode.

4. The PrivX microservices persist data to PostgreSQL. PostgreSQL should also be highly available, configured in master<>slave mode or as a cluster. 

5. The PostgreSQL database is automatically replicated to a database replica and if the database master dies, PrivX application servers can be configured to contact the replica via configuration change or a DNS change.

6. The trail storage (by default /var/privx/audit) should be mounted on a secure NAS device 

Installation

1. Install PostgreSQL master and slave nodes and configure a replication model which best suits your environment (vendor instructions at https://www.postgresql.org/docs/9.5/different-replication-solutions.html)
2. Install Redis and configure Redis cluster (vendor instructions at https://redis.io/topics/cluster-tutorial)
3. Install PrivX on first node:
   1. Run yum install PrivX-xyz.rpm
   2. Run /opt/privx/scripts/postinstall.sh and instruct PrivX to connect to an external database and Redis configured above
4. Verify that the installation works
5. If using physical servers:
   1. Take backup of the PrivX first node by running /opt/privx/scripts/backup.sh
   2. Transfer the backup directory from /var/backups/privx/hostname_yyyy-mm-dd-hhmm on node1 to node2 
   3. Install PrivX on second node by running yum install PrivX-xyz.rpm (do not run postinstall.sh after)
   4. On the second node, run /opt/privx/scripts/restore.sh /path/to/backup/directory/from/node/one/hostname_yyyy-mm-dd-hhmm
6. If using virtual machines, clone the PrivX first node and deploy additional instances of it
7. PrivX is installed and ready to be configured and used

Upgrade with limited downtime

1. Transfer the new PrivX rpm package to both nodes
2. Stop services on both nodes by running service privx stop on both nodes respectively
3. Update PrivX on the first node:
   1. Run yum install PrivX-xyz.rpm
   2. Run /opt/privx/scripts/postinstall.sh
4. Update PrivX on the second node:
   1. Run yum install PrivX-xyz.rpm
   2. Run /opt/privx/scripts/postinstall.sh
5. PrivX is updated (and started by postinstall.sh)

Backup & restore

PrivX automatically creates full backups (certificates and configuration files) and stores them in /var/backups/privx. Ideally, this directory should be mounted on a secure NAS solution or periodically backed up to a secure location.

Note: PrivX does not automatically backup Postgres databases on remote hosts. Backing up the external Postgres database is outside of the scope of this document. 

To restore a backed up set of data to PrivX follow these steps:

1. Transfer the backup directory from /var/backups/privx/hostname_yyyy-mm-dd-hhmm to PrivX node 1 
2. Install PrivX on the first node by running yum install PrivX-xyz.rpm (do not run postinstall.sh after)
3. On the first node, run /opt/privx/scripts/restore.sh /path/to/backup/directory/from/node/one/hostname_yyyy-mm-dd-hhmm
4. Ensure that the PrivX service is functional
5. Repeat the steps on node number two