Hi All, In some Identity Server deployment, there are clients (web applications, Application clients and so on) that talk to admin services in Identity server such as user management, entitlement and s on... To access these admin services, client must be authenticated to Identity Server. We can configure some pre-defined user for the client application and client would always be authenticated to admin service using the defined user. It is not good to authenticate for every requests and populate the contexts, therefore normally authenticated session info (Cookie) would be used by the clients.
If we want to achieve high availability and load distribution, you need to load balance the clients requests with clustered Identity server instances. As WSO2 Identity Server (and all WSO2 products) does not support for user session replication across cluster nodes. Therefore we may need to use sticky session with the load balancer.. But If LB only considers the sticky session as the only metric for load balancing, All request would be received to an one node of the cluster.. There would not be any use from other nodes..(no Active-Active nodes) Can typical LB (WSO2 ELB, Apache HTTPD) take other metrics for load balancing when sticky session has been configured? Are they intelligent enough ? As I know, user session replications would be supported with Carbon 5.. Till what is the best solution for load balancing the Admin services? I have written some blog about this [1].. which may be helpful. what is in the blog, may not be the best approaches.. [1] http://soasecurity.org/2014/03/04/load-balancing-wso2-admin-services/ Thanks, Asela. -- Thanks & Regards, Asela ATL Mobile : +94 777 625 933 _______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
