Not exactly an answer to your question but we have shib setup with the
shib-HA setup [1]. This gives us shib setup on 2 geographically separate
servers served on a DNS round robin to to separate service ip
addresses.
We did think about using Linux-HA/heartbeat software to failover
between the two machines but was not sure we could script failure
detection reliably (there are too many failure modes). Instead we rely
on manual failover by an admin transferring the service ip address
between the machines.
[1] https://www.middleware.georgetown.edu/confluence/display/MW/hashib
>-----Original Message-----
>From: Discussion list for Shibboleth developments [mailto:JISC-
>[log in to unmask]] On Behalf Of Colin Farrow
>Sent: 16 January 2008 15:47
>To: [log in to unmask]
>Subject: Linux-HA and Shibboleth IdP
>
>Hello,
>
>Does anyone have any experience, comments or otherwise on using
>Linux-HA/heartbeat software in an active/passive configuration to
>provide some measure of resilience to server failure of an IdP service?
>
>Thanks,
>Colin.
>
>--
>Colin Farrow
>Computing Service, University of Glasgow, Glasgow G12 8QQ
>Tel: 0141 330 4862, Email: [log in to unmask]
>---
|