Hi All,
While working with the previous deployment (See the attached image in
previous replies) I came across a blocker as follows:
-
Since we have isolated SM from Docker containers by having separate
user-stores and governance registries, the tenant created in AF side will
be seen by SM but won’t be seen by Docker containers. This will break the
Stratos functionality in multi-tenancy mode.
Therefore we did a change to the deployment as specified below:
-
SM and Docker containers will share the same user store and a governance
registry with 3 collections (/_system/Development/governance,
/_system/Testing/governance, /_System/Production/governance).
-
If we use one userstore, users will have same authorization to all
stages. In the pre 4.1.0 setup we had 3 user stores. So we will try to have
governance registry and 3 userstores, failing that we will have single
userstore. But having a single userstore means we need to speed up the
upcoming feature of deploying all resources as CAR files because this will
remove all service calls and thereby we can remove authorizations
-
AppFactory and other servers (i.e BAM, MB etc) will share a separate
user store and a governance registry.
-
All the servers will point to one LDAP.
Please see the refined deployment diagram depicted below:
https://docs.google.com/drawings/d/189oUQMuWv0NvWvwyFuly-hf8R0AJ0A41O2eOyUk6WMo/edit
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
