How to configure WSO2 identity server to avoid single point of failure?

0
votes

My Company wants to setup wso2 identity server cluster on 3 machines such that if one machine fails, the cluster still works.

All the wso2 documentation shows clustering with shared user store and database but does not mention how to avoid single point of failure.

As per my understanding, the only way to do the same is to form an external ldap cluster as user store and an external database cluster. But that would be much complex and hard to manage.

Can we configure the wso2's embedded ldap to replicate and sync with other node's embedded ldap?

Is there any other way to avoid single point of failure in wso2?

1
wso2wso2is

1 Answers

1
votes

No, you can't use embedded LDAP.

  1. You should avoid using embedded LDAP in production at all costs. It will sure get corrupted with concurrent requests and growth the of data. And you will not be able to recover at all. It's just there for testing purposes.
  2. If you want to avoid any single point of failures due to DB or LDAPs, you should be using DB and LDAP clustered as instructed by the respective provider. And point the common LB URL to the WSO2 server.