I had an offline discussion with Suho on supporting TCP load balancing for Thrift.
As we see we can simply achieve it by updating the DataBridge component and initiating a new session when the load balancer switches a TCP connection from one backend Thrift node to another. We might not need to replicate the sessions. Thanks Imesh On Fri, Sep 1, 2017 at 12:25 AM, Asela Pathberiya <as...@wso2.com> wrote: > Hi APIM team, > > According to the docs; We are not recommending the thrift protocol to > communicate with GW and KM when even TCP load balancer is used. > > The problem is that; thrift connection must be authenticated & thrift > session is not replicated among key manager nodes. > > IMO; we have three solution for this. > > 1. Replicate thrift session in KM nodes > > 2. Client side load balancing > > 3. Sending authentication credentials from GW to KM in every request. > This has been implemented in WSO2IS for XACML PDP. You can find the > details [1] & sample thrift client [2] > > We can easily implement approach 3, Shall we consider this for next APIM > release ? > > [1] http://xacmlinfo.org/2014/04/11/thrift-load-balancing/ > [2] https://svn.wso2.org/repos/wso2/people/asela/xacml/pep/thrift-LB > > Thanks, > Asela. > > > -- > Thanks & Regards, > Asela > > ATL > Mobile : +94 777 625 933 <+94%2077%20762%205933> > +358 449 228 979 > > http://soasecurity.org/ > http://xacmlinfo.org/ > -- *Imesh Gunaratne* Associate Director/Architect WSO2 Inc: http://wso2.com T: +94 11 214 5345 M: +94 77 374 2057 <+94%2077%20374%202057> W: https://medium.com/@imesh TW: @imesh lean. enterprise. middleware
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture