Find the below update on cluster deployment. 1. There will be two store nodes in *wso2.pub.store.domain* domain with worker manager separation. 2. Those store nodes also exposed through nginx.
*Sajith Abeywardhana* | Software Engineer WSO2, Inc | lean. enterprise. middleware. #20, Palm Grove, Colombo 03, Sri Lanka. Mobile: +94772260485 Email: [email protected] <[email protected]> | Web: www.wso2.com On Fri, Jun 5, 2015 at 7:40 AM, Rushmin Fernando <[email protected]> wrote: > Sajith we can get a confirmation on how session persistence work in a > distributed IDP setup and then decide. > > If sticky session is needed then we can enable IP hashing in ngnix AFAIK. > > On Thu, Jun 4, 2015 at 8:14 PM, Sajith Abeywardhana <[email protected]> > wrote: > >> Hi Dunusha, >> >> With these exceptions in nginx, should I remove nginx installation & >> configuration from puppet, as for the result of that configs can be done >> manually. >> >> *Sajith Abeywardhana* | Software Enginee >> WSO2, Inc | lean. enterprise. middleware. >> #20, Palm Grove, Colombo 03, Sri Lanka. >> Mobile: +94772260485 >> Email: [email protected] <[email protected]> | Web: www.wso2.com >> >> On Thu, Jun 4, 2015 at 5:21 PM, Dinusha Senanayaka <[email protected]> >> wrote: >> >>> >>> >>> On Thu, Jun 4, 2015 at 5:12 PM, Rushmin Fernando <[email protected]> >>> wrote: >>> >>>> And Dinusha we will have to enable sticky sessions for the IDP cluster >>>> since the calls to the IDP is not stateless unlike APIM ? >>>> >>> Since IdP persist the session and IdP having distributed caching, I >>> guess it should be able to work without having sticky sessions. Can someone >>> from IS team confirm whether, in a normal SSO cluster setup, do you >>> recommended to have sticky sessions ? >>> >>> Regards, >>> Dinusha. >>> >>>> >>>> On Thu, Jun 4, 2015 at 5:10 PM, Sajith Abeywardhana <[email protected]> >>>> wrote: >>>> >>>>> Hi Yasassri/Nuwan, >>>>> >>>>> Thank you for your valuable suggestion. Will write the puppet script >>>>> including your suggestion. >>>>> >>>>> *Sajith Abeywardhana* | Software Engineer >>>>> WSO2, Inc | lean. enterprise. middleware. >>>>> #20, Palm Grove, Colombo 03, Sri Lanka. >>>>> Mobile: +94772260485 >>>>> Email: [email protected] <[email protected]> | Web: www.wso2.com >>>>> >>>>> On Thu, Jun 4, 2015 at 4:52 PM, Yasassri Ratnayake <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi Sajith, >>>>>> >>>>>> This is just a suggestion. And you don't need a IS cluster to do >>>>>> this, you can expose a single mode via the LB. And users can scale up >>>>>> easily if it is required. >>>>>> >>>>>> For e.g as I mentioned earlier If the user decides to change the IDP >>>>>> to IS this can be easily done if you are accessing the node via the LB, >>>>>> in >>>>>> the same way if you need to scale-up the IDP node into a IS cluster, >>>>>> it's a >>>>>> matter of exposing new node via the LB. In this case you don't have to >>>>>> meddle around with the configs of already deployed nodes. >>>>>> >>>>>> With Regards, >>>>>> >>>>>> On Thu, Jun 4, 2015 at 4:45 PM, Sajith Abeywardhana <[email protected] >>>>>> > wrote: >>>>>> >>>>>>> Hi Nuwan/Yasassi, >>>>>>> >>>>>>> Since IDP is only a single node (not a cluster) what is the purpose >>>>>>> of having load balancer in front of it? Are you suggesting, do we need >>>>>>> to >>>>>>> have a IDP cluster as well? >>>>>>> >>>>>>> Hi Sumedha/Dinusha, >>>>>>> >>>>>>> If so (IDP cluster) shall I write those puppet script as well or >>>>>>> shall I proceed with a single IDP node for this task? >>>>>>> >>>>>>> *Sajith Abeywardhana* | Software Engineer >>>>>>> WSO2, Inc | lean. enterprise. middleware. >>>>>>> #20, Palm Grove, Colombo 03, Sri Lanka. >>>>>>> Mobile: +94772260485 >>>>>>> Email: [email protected] <[email protected]> | Web: www.wso2.com >>>>>>> >>>>>>> On Thu, Jun 4, 2015 at 3:05 PM, Yasassri Ratnayake < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> Hi Sajith, >>>>>>>> >>>>>>>> As Nuwan mentioned its better to front IDP by the LB, If the nodes >>>>>>>> are fronted by the LB the users can easily scale their systems as >>>>>>>> required >>>>>>>> without changing configurations in already deployed nodes. >>>>>>>> >>>>>>>> >>>>>>>> With Regards, >>>>>>>> >>>>>>>> On Thu, Jun 4, 2015 at 2:24 PM, Nuwan Silva <[email protected]> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> I hope the Key-manager (or IDP) is also exposed through nginx. >>>>>>>>> AIU when a request comes to the GWs it will be directed to the IDP >>>>>>>>> for authorization so dont we have to expose this also? >>>>>>>>> >>>>>>>>> Regards, >>>>>>>>> NuwanS. >>>>>>>>> >>>>>>>>> On Thu, Jun 4, 2015 at 2:14 PM, Sajith Abeywardhana < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Hi All, >>>>>>>>>> >>>>>>>>>> I'm in process of writing puppet modules for APPM cluster setup. >>>>>>>>>> I have configured cluster environment manually and now moving to >>>>>>>>>> puppet >>>>>>>>>> scripts. Below deployment diagram shows manually configured >>>>>>>>>> clustering >>>>>>>>>> environment which I will be using as a cluster model to implement >>>>>>>>>> puppet >>>>>>>>>> modules. Please kind enough to provide feed backs on anything >>>>>>>>>> need to be done than addition to this. >>>>>>>>>> >>>>>>>>>> 1. AppM publisher node communicate to gateway manager node >>>>>>>>>> directly and then publish the apps. >>>>>>>>>> 2. Store node use for the app subscription. >>>>>>>>>> 3. Key manager node will provide authentication functions for >>>>>>>>>> all AppM nodes. >>>>>>>>>> 4. Gateway nodes fronted by nginx and all app request will >>>>>>>>>> load balanced according to load balancer algorithm. >>>>>>>>>> 5. svn used for deployment synchronization in gateway cluster. >>>>>>>>>> 6. All the nodes use MySQL as a database. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> *Sajith Abeywardhana* | Software Engineer >>>>>>>>>> WSO2, Inc | lean. enterprise. middleware. >>>>>>>>>> #20, Palm Grove, Colombo 03, Sri Lanka. >>>>>>>>>> Mobile: +94772260485 >>>>>>>>>> Email: [email protected] <[email protected]> | Web: www.wso2.com >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> >>>>>>>>> >>>>>>>>> *Nuwan Silva* >>>>>>>>> *Senior Software Engineer - QA* >>>>>>>>> Mobile: +9477 980 4543 >>>>>>>>> >>>>>>>>> WSO2 Inc. >>>>>>>>> lean . enterprise . middlewear. >>>>>>>>> http://www.wso2.com >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Yasassri Ratnayake >>>>>>>> Software Engineer - QA >>>>>>>> WSO2 Inc ; http://wso2.com >>>>>>>> lean.enterprise.middleware >>>>>>>> *Mobile : +94715933168 <%2B94715933168>* >>>>>>>> *Blogs : http://yasassriratnayake.blogspot.com >>>>>>>> <http://yasassriratnayake.blogspot.com/>* >>>>>>>> * http://wso2logs.blogspot.com >>>>>>>> <http://wso2logs.blogspot.com>* >>>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Yasassri Ratnayake >>>>>> Software Engineer - QA >>>>>> WSO2 Inc ; http://wso2.com >>>>>> lean.enterprise.middleware >>>>>> *Mobile : +94715933168 <%2B94715933168>* >>>>>> *Blogs : http://yasassriratnayake.blogspot.com >>>>>> <http://yasassriratnayake.blogspot.com/>* >>>>>> * http://wso2logs.blogspot.com >>>>>> <http://wso2logs.blogspot.com>* >>>>>> >>>>> >>>>> >>>> >>>> >>>> -- >>>> *Rushmin Fernando* >>>> *Technical Lead* >>>> >>>> WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware >>>> >>>> email : [email protected] >>>> mobile : +94772310855 >>>> >>>> >>>> >>> >>> >>> -- >>> Dinusha Dilrukshi >>> Associate Technical Lead >>> WSO2 Inc.: http://wso2.com/ >>> Mobile: +94725255071 >>> Blog: http://dinushasblog.blogspot.com/ >>> >> >> > > > -- > *Rushmin Fernando* > *Technical Lead* > > WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware > > email : [email protected] > mobile : +94772310855 > > >
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
