Clustering the SP
Martin Haase
Martin.Haase at DAASI.de
Tue Jan 21 07:54:35 EST 2014
Hi list,
I'd like your thoughts regarding SP clustering. We have a Web Server
fleet with a well clustered application, we're on Ubuntu 64bit 12.04
LTS, using latest SP 2.5.x from the repositoy provided by the SWITCH
folks. I know Ubuntu is not an officially supported platform, but these
were the prerequisites. We _do_ SLO, front channel, IdP 2.3.8-initiated.
This is why we considered clustering in the first place. We considered
the following options:
* A) ODBC/MySQL clustering. Fails under high load:
https://issues.shibboleth.net/jira/browse/SSPCPP-602
* B) Memcached session sharing: good news: it's included in the SWITCH
repository, so no compilation necessary. Bad news: occasional errors
(not under load yet) from xmltooling "shib_handler:
Memcache::addMemcache Problems: A TIMEOUT OCCURRED". However, evidence
from other applications is that the relevant network part is stable.
What do people do about this? Did you set some non-default flags? Any
flags besides what is documented in the NativeSPStorageService Wiki topic?
* C) Shared shibd. Problem: single point of failure. What about
inserting a proxy before the TCPListener, did anybody implement a
failover shibd with active-passive, and how?
* D) Our SLO is front-channel. What about forgetting the SP session and
relying on session stickyness by the LB?
Happy to hear from you,
Martin
--
Dr. Martin Haase, Solutions Engineer
DAASI International GmbH
Europaplatz 3
D-72072 Tübingen
Germany
phone: +49 7071 407109-6
fax: +49 7071 407109-9
email: martin.haase at daasi.de
web: www.daasi.de
Sitz der Gesellschaft: Tübingen
Registergericht: Amtsgericht Stuttgart, HRB 382175
Geschäftsleitung: Peter Gietz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2345 bytes
Desc: S/MIME Cryptographic Signature
Url : http://shibboleth.net/pipermail/users/attachments/20140121/75a33805/attachment.bin
More information about the users
mailing list