Since DNS changes can take a while to propagate, we do not remove down
hosts from the round-robin. Instead, we bring up a new network
interface on one of the other hosts, with the IP address the down host
was using. cosign's replication is not explicitly designed to deal with
this type of scenario, so we try to fix the problem within minutes, if
possible, and move the IP address back to its own machine. A better
solution would be to have a hot-spare machine sitting idle that can be
quickly configured as a central weblogin server to replace the downed host.
The cosign filters are good at dealing with cosignd hosts that are down,
so the main reason we move the IP address to another machine is so that
some percentage of users don't get a "Server not responding" error in
their web browsers when they are redirected to authenticate.
Mark Montague
ITCS Web/Database Team
The University of Michigan
[EMAIL PROTECTED]
On Thu, Oct 23, 2008 1:46 PM, Jorj Bauer <[EMAIL PROTECTED]> wrote:
A question for anyone running production cosignd/authN servers with
multiple replicating hosts using a round-robin: how do you handle
failures?
For example: do you have documented procedures for your staff to
immediately remove down hosts from the round-robin, or do you weather
the potential outage?
Other advice for redundant configuration and best uptime?
Thanks,
-- Jorj
------------------------------------------------------------------------
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
------------------------------------------------------------------------
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
