Thanks Eric, Your configuration is almost identical to ours. Except we use OpenDJ for credential store, have Duo enabled and use a JSON service registry.
What you describe is exactly what I had in mind. I think the bigger challenge for me will be getting our LDAPs set up in the DR site. -Bryan On Wed, Jan 10, 2018 at 10:07 AM, 'Mallory, Erik' via CAS Community < cas-user@apereo.org> wrote: > I did this last year. We have a DR site with a VMware cluster. All told > we have three vmware clusters two are in our main data center and the > previously mentioned DR cluster. I created three RHEL 7 vms, set up maven, > java 8 and tomcat 8 (not part of the base install RHEL 7) > > I use 389 on each host and leverage replication for service definitions. > The idea is that each host can be nearly dependency free, save for our > credential store, AD. > > All three hosts are configured behind a netscaler using a least connection > strategy. SSL is terminated on the netscaler and communication is encrypted > on the back end to each cas node. We are using Hazelcast for ticket > registry, ldap for connections to our credential store and as previously > mentioned, for our service definition store. > > I hope this helps, if you have questions I can probably help. > > Best, > > Erik Mallory > > Server Analyst > > Wichita State University > > > > > > *From: *<cas-user@apereo.org> on behalf of Bryan Wooten < > ttbaja...@gmail.com> > *Reply-To: *"cas-user@apereo.org" <cas-user@apereo.org> > *Date: *Tuesday, January 9, 2018 at 7:04 PM > *To: *"cas-user@apereo.org" <cas-user@apereo.org> > *Subject: *[cas-user] Disaster Recovery Site > > > > Looking for any guidance / best practices for setting up CAS 5.x in a DR > site. > > > > I have been tasked to architect CAS for our much broader DR project. > > > > We already have a remote Data Center as a location. > > > > Now I know once you start talking CAS many other systems get involved > (Like LDAP which I am also responsible for). > > > > So I'll take any White Papers, personal experience, project plans, > diagrams, etc. > > > > Cheers, > > > > Bryan > > > > University of Utah > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/CAG9x2GW1ZAHFFgVqCojV0KbiuUq_ > 9BB_Y5%3Dv8%3DENgP1paEgwUA%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9x2GW1ZAHFFgVqCojV0KbiuUq_9BB_Y5%3Dv8%3DENgP1paEgwUA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/857DC8AA-36F8-4983-873C- > 4A26B575E7D8%40wichita.edu > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/857DC8AA-36F8-4983-873C-4A26B575E7D8%40wichita.edu?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9x2GV%3D3rzJ048Bacw%3DtnCcqD%2BJG3AC_BKwk4r%2BA1KdxHD4WQ%40mail.gmail.com.
