July 20, 2018 at 12:39 am #22574bmccrawParticipant
I’ve worked with multi-server architectures in AM for a while now, but I’ve never configured them in a site. Each server is configured as “openam” so they essentially all shared the exact same configuration (stored in an external DS). Am I missing some benefit of sites?
I’m using the AWS Application Load Balancer, so I can’t configure it to honor the amlbcookie. I let it utilize its own cookie for sticky-sessions to keep requests going to the same AM server. The cookie domain is set to the loadbalancer URL, so my sessions are generating on the proper domain.
I want to make sure I’m configured correctly. We haven’t had an issue running like this for months, so I’m trying to decide if there’s business value in re-architecting our devops infrastructure to give each container a serverUrl vs just letting the serverUrl and the lbPrimaryUrl be the same.
Thanks for any help you can give!
– Brandon McCrawJuly 20, 2018 at 2:19 am #22575Warren StrangeParticipant
In the “DevOps” examples using Kubernetes, all AM servers are indeed clones of each other. You could create another site, but you would need to modify the installation to create a second set of AM servers (openam2, etc). It probably makes more sense just to create another deployment rather than use the sites features.
You are correct on amlbcookie – you need to use an application L7 LB cookie for stickiness. We use the nginx ingress, and let it create and manage the LB cookie.July 20, 2018 at 5:22 am #22576bmccrawParticipant
Ah! Thanks Warren. I’d seen clones mentioned but I never realized that’s what it meant. Good to know sites aren’t necessary for multi-server deployments and that we didn’t implement a poor solution.
You must be logged in to reply to this topic.