• Home
• On-premise Identity Server
• Setup Clustering Using On-Premise Identity Server

Setup Clustering Using On-Premise Identity Server

---

This guide includes steps to configure a Clustering environment with a load balancer. You can set up miniOrange On-Premise identity servers on multiple servers behind a load balancer with a common database and Memcache environment. You can refer to the architecture diagram below on how miniOrange clustered environment looks like. The following figure summarizes the steps for a two-server configuration.

Why do we need Clustering

When you have large number of concurrent users visiting the site and single server is not able to handle all requests. You can setup a clustered environment to handle traffic and distribute the load properly among multiple servers.

Benefits of Clustering

• High Availability: This helps you achieve high availability through active clustering within your data center. Cluster multiple active servers to ensure uninterrupted access to critical applications in case of a hardware failure. If a node fails, the load balancer will automatically redirect users to another active node in the pool, or cluster.
• Performance: Each node in a aws cluster increases capacity for concurrent users so you can scale identity provider without sacrificing performance.
• Instant Scalability: Easily add new nodes to your cluster without any downtime or interruption to services.

Setup clustering on AWS hosting

You can setup clustering using On-Premise identity server in following ways:

1. Setup two EC2 machines on AWS for installing the on-premise identity server to add behind a load balancer.

• Login to your AWS admin account. Once logged in, Go to EC2 services.
• From Create Instance section, click on Launch Instance button.
• Now select any Amazon 2 Linux AMI and click on next.



• You can choose the size of the instance based on the concurrent users expected on your site. For Example- Minimum recommended size is T2.medium and you can go for any higher size machine based on the traffic you are expecting on your site.



• Then, you can click on review and launch to create the machine.
• Once created, assign a security group to this EC2 machine. Access to the following ports should be given to this security group.



• Now, try to connect to the machine via SSH using aws linux machine username and a certificate file created in ppk format. You have to convert the private key in pem format to ppk format using any utility to connect via SSH.
• Once connected, install Java 8 on the server and set Java environment variables – JAVA_HOME and JRE_HOME.

2. Setup External Database on AWS RDS (Relational Database Service) to be shared between EC2 machines.

• Go to RDS services from AWS admin console.
• Click on create a database button.



• Now select database type to be created from the list given below. The recommended database is PostgreSQL.



• Then select the usecase - if you are setting up database for production instance or dev/test.



• Now configure the database with following values - DB Engine Version, Database Instance name, Master Username, Master Password.



• Once configured, note down the database connect URLs, port, username, and password to setup while configuring on-premise IDP.

3. Setup Memcache on AWS Elastic Cache (In-memory data store) to be shared between EC2 machines.

• Go to ElasticCache service from AWS admin console.
• Click on create button under create cluster section and then select cluster engine as Memcached.





• Once created, you need to update memcache server url in miniorange identity server. Navigate to mo-identity-server/moas/WEB-INF/classes/ folder and open application.properties file. Search for memcached keyword in the above file and update following values below-

memcached.server.address	Select the cluster name from aws admin console and copy configuration endpoint here.
server.id	beta

4. Setup AWS DynamoDB which is a NoSQL database service that supports key-value.

• Go to DynamoDB service from AWS admin console.
• Click on create table button and then create DynamoDB Table.



• Enter a table name and primary key for the table. Since it is a schema-less database, you only need to set a primary key for the table.

5. Setup and configure Load Balancer in front of EC2 machines to distribute the traffic among multiple servers.

• Go to the EC2 services section from AWS admin console. Scroll down and navigate to Load Balancing section from the left menu and click on Load Balancers.
• Click on create Load Balancer button and then select the load balancer type.



• Select an application load balancer and configure it.
• Select a name for the load balancer, select scheme as internet-facing and IP address type as IPV4.



• Now do the listener configuration. By default 80-80 port forwarding request is already set up. If you are also planning to run your site on SSL. Add one more listener configuration for 443 SSL port.



• Now click on next to assign security group for the load balancer. Create a security group for load balancer with inbound access to only 2 ports- HTTP (Port 80) and HTTPS (Port 443). You can see the below screenshot for reference.





• Once, Load balancer is configured. Add your EC2 machines in the load balancer.
• Then you need to add a CNAME record in your domain provider account under DNS Settings to point your domain to load-balancer URL. Once done, you can ping the domain from command prompt to confirm if it is pointing to load balancer URL.