I love reloadable services

Joseph Fischetti Joseph.Fischetti at marist.edu
Wed Mar 18 08:16:04 EDT 2020 

Same.   Depending on the magnitude of the changes we’ll switch over to another server (with the obvious side effect of failed SSO)… but that’s rare.



I’m curious what the context of the comment was.



From: users <users-bounces at shibboleth.net> On Behalf Of Lee Foltz
Sent: Wednesday, March 18, 2020 7:40 AM
To: Shib Users <users at shibboleth.net>
Subject: Re: I love reloadable services



[EXTERNAL EMAIL]

+1 as well.



We use these all the time and nice not taking the service down or restarting shib.



MetadataResolverService
ReloadableCASServiceRegistry
RelyingPartyResolverService
AttributeFilterService



On Tue, Mar 17, 2020 at 7:05 PM Jesse Martinich <martinicj at sou.edu<mailto:martinicj at sou.edu>> wrote:

   +1




   Jesse Martinich

   Information Security Officer

   Infrastructure Services Manager

   Southern Oregon University | 1250 Siskiyou Blvd | Ashland OR  97520
   541-552-8424







   On Tue, Mar 17, 2020 at 4:02 PM IAM David Bantz <dabantz at alaska.edu<mailto:dabantz at alaska.edu>> wrote:

      I've meant to reply to an off-hand comment Scott made several weeks ago
      now regarding reloadable services being perhaps of diminished importance as
      folks go all in on DevOps: PLEASE, NO!

      While DevOps has incredible mind share as current best practice, when I
      sketch the additional infrastructure I would need to go all in for running our IdP
      in that mode, it's 4 -10 times the number of "moving parts" of infrastructure and tools
      needing deployment and maintenance.

      My tiny environment of 1 active and 1 hot standby IdP nodes, using reloadable
      services, has not had an unplanned outage in nearly a decade, and I can
      deploy new integrations for services configured even roughly correctly on same day.
      There is no way on earth I could do this in full DevOps mode when I reflect that
      deploying a suitable new VM for v3 IdP took over 1 year.

      I appreciate people's interest in scalable DevOps, but it may not be the only
      reasonable model for small scale deployments with very modest resources.
      The use of reloadable resources has incredible utility and value for smaller
      scale operations - and they are crucial for wider adoption and reliance on Shibboleth IdP.

      Thank you!

      David Bantz
      UA OIT IAM

      --
      For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
      To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net<mailto:users-unsubscribe at shibboleth.net>

   --
   For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
   To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net<mailto:users-unsubscribe at shibboleth.net>






   --

   Lee Foltz

   Oakland University - UTS

   Senior Identity and Access Management Engineer



   248-370-2675

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200318/c142b114/attachment.html>

More information about the users mailing list