> So, I'd be interested to hear from anyone who is doing hot standby with
> their Shibboleth IdP (i.e. if IdP1 is responding always use it, if it fails
> the test switch to IdP2) and what type of hardware loadbalancer you're
> using at the front to do this.
We are doing hot-standby with two IdPs behind an F5 loadbalancer.
We decided (way back when) that using Terracotta was too problematic
and we could accept that users had to re-authenticate if a failover occurred.
The F5 loadbalancer monitors the state of the live IdP and fails over
to the standby when appropriate.
The failover causes all traffic, both browser traffic on port 443 and
trust-fabric
traffic on port 8443 to go to the standby server. These have to fail
over together.
We actually use two F5s for resilience, and load-balanced ldap servers. The IdPs
are VMs that can float around our infrastructure. The idea is to not have any
single point of failure if possible.
F5 loadbalancers are expensive, but there are other cheaper options available.
The hot-standby solution also makes it easy to patch/upgrade the
servers with no downtime.
John I
IT Services,
University of York
|