Thanks Eric, Your configuration is almost identical to ours. Except we use OpenDJ for credential store, have Duo enabled and use a JSON service registry.
What you describe is exactly what I had in mind. I think the bigger challenge for me will be getting our LDAPs set up in the DR site. -Bryan On Wed, Jan 10, 2018 at 10:07 AM, 'Mallory, Erik' via CAS Community < [email protected]> wrote: > I did this last year. We have a DR site with a VMware cluster. All told > we have three vmware clusters two are in our main data center and the > previously mentioned DR cluster. I created three RHEL 7 vms, set up maven, > java 8 and tomcat 8 (not part of the base install RHEL 7) > > I use 389 on each host and leverage replication for service definitions. > The idea is that each host can be nearly dependency free, save for our > credential store, AD. > > All three hosts are configured behind a netscaler using a least connection > strategy. SSL is terminated on the netscaler and communication is encrypted > on the back end to each cas node. We are using Hazelcast for ticket > registry, ldap for connections to our credential store and as previously > mentioned, for our service definition store. > > I hope this helps, if you have questions I can probably help. > > Best, > > Erik Mallory > > Server Analyst > > Wichita State University > > > > > > *From: *<[email protected]> on behalf of Bryan Wooten < > [email protected]> > *Reply-To: *"[email protected]" <[email protected]> > *Date: *Tuesday, January 9, 2018 at 7:04 PM > *To: *"[email protected]" <[email protected]> > *Subject: *[cas-user] Disaster Recovery Site > > > > Looking for any guidance / best practices for setting up CAS 5.x in a DR > site. > > > > I have been tasked to architect CAS for our much broader DR project. > > > > We already have a remote Data Center as a location. > > > > Now I know once you start talking CAS many other systems get involved > (Like LDAP which I am also responsible for). > > > > So I'll take any White Papers, personal experience, project plans, > diagrams, etc. > > > > Cheers, > > > > Bryan > > > > University of Utah > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/CAG9x2GW1ZAHFFgVqCojV0KbiuUq_ > 9BB_Y5%3Dv8%3DENgP1paEgwUA%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9x2GW1ZAHFFgVqCojV0KbiuUq_9BB_Y5%3Dv8%3DENgP1paEgwUA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/857DC8AA-36F8-4983-873C- > 4A26B575E7D8%40wichita.edu > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/857DC8AA-36F8-4983-873C-4A26B575E7D8%40wichita.edu?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9x2GV%3D3rzJ048Bacw%3DtnCcqD%2BJG3AC_BKwk4r%2BA1KdxHD4WQ%40mail.gmail.com.
