This section contains the following topics:
Configure a Policy Server as a Centralized Monitor for a Cluster
Point Clustered Policy Servers to the Centralized Monitor
Load balancing and failover in a CA SiteMinder® deployment provide a high level of system availability and improve response time by distributing requests from CA SiteMinder® Agents to Policy Servers. Defining clusters in combination with load balancing and failover further enhance the level of system availability and system response time.
Traditional round robin load balancing without clusters distributes requests evenly over a set of servers. However, this method is not the most efficient in heterogeneous environments, where computing powers differ, because each server receives the same number of requests regardless of its computing power.
Another problem with efficiency can occur when data centers are located in different geographical regions. Sending requests to servers outside a certain locale can lead to the increased network communication overhead, and in some cases to the network congestion.
To address these issues and to improve system availability and response time, you can define a cluster of Policy Servers and associated CA SiteMinder® Agents configured to perform (software-based) load balancing and failover.
Policy Server clusters provide the following benefits over a traditional load balancing/failover scheme:
Note: Policy Servers clusters are not suitable or necessary for environments in which Policy Servers communicate with Agents through hardware load balancers.
The following figure illustrates a simple CA SiteMinder® deployment using two clusters:
Consider Cluster A and Cluster B as distributed in two different geographical locations, separated by several time zones. By dividing the Web Agents and Policy Servers into distinct clusters, the network overhead involved with load balancing across geographically separate regions is only incurred if the Policy Servers in one of the clusters fail, requiring a failover to the other cluster.
In any clustered CA SiteMinder® environment, you must configure a failover threshold. When the number of available Policy Servers falls below the specified threshold, all requests that would otherwise be serviced by the failed Policy Server cluster are forwarded to another cluster.
The failover threshold is represented by a percentage of the Policy Servers in a cluster. For example, if a cluster consists of four Policy Servers, and the failover threshold for the cluster is set at 50%, when three of the four Policy Servers in the cluster fail, the cluster fails, and all requests fail-over to the next cluster.
The default failover threshold is zero, which means that all servers in a cluster must fail before failover occurs.
If you are deploying a hardware load balancer between the CA SiteMinder® Policy Server and Web Agents, consider the following:
Note: For more information about deploying a hardware load balancer between Web Agents and Policy Servers, see the related Knowledge Base article (TEC511443) on the Support site.
Policy Server clusters are defined as part of a Host Configuration Object. When a CA SiteMinder® agent initializes, the settings from the Host Configuration Object are used to setup communication with Policy Servers.
Note: For more information about Host Configuration Objects, see the Web Agent Configuration Guide and the Policy Server Configuration Guide.
Follow these steps:
The Cluster Setup section opens.
Note: You can click Help for a description of fields, controls, and their respective requirements.
The Policy Server appears in the servers list in the Current Setup section.
Your return to the Host Configuration dialog The Policy Server cluster is listed in a table.
If the percentage of active servers in the cluster falls below the percentage you specify, the cluster fails over to the next available cluster in the list of clusters. This setting applies to all clusters that use the Host Configuration Object.
Important! The Policy Server specified in the Configuration Values section is overwritten by the Policy Servers specified in a cluster. This Policy Server is no longer used because a cluster is configured. For the value of the Policy Server parameter in the Configuration Values section to apply, do not specify any Policy Servers in a cluster. If clusters are configured, and you decide to remove the clusters in favor of a simple failover configuration delete all Policy Server information from the cluster.
The OneView Monitor can be configured to monitor a Policy Server cluster. To enable this configuration, one Policy Server must be set up as a centralized monitor with the other clustered Policy Servers pointing to it.
To configure a Policy Server as a centralized monitor
Important! If you are accessing this graphical user interface on Windows Server 2008, open the shortcut with Administrator permissions. Use Administrator permissions even if you are logged in to the system as an Administrator. For more information, see the release notes for your CA SiteMinder® component.
Note: For more information about the settings and controls on this tab, click Help, Management Console Help.
This setting allows the centralized Policy Server monitor to accept remote connections from the other clustered Policy Servers.
Note: The network channel between a Policy Server and a Monitor process is non-secure.
After you configure a Policy Server as a centralized monitor, configure the Policy Server Management Console to point the other clustered Policy Servers to it.
To point Policy Servers to a centralized monitor
Important! If you are accessing this graphical user interface on Windows Server 2008, open the shortcut with Administrator permissions. Use Administrator permissions even if you are logged in to the system as an Administrator. For more information, see the release notes for your CA SiteMinder® component.
Note: For more information about the settings and controls on this tab, click Help, Management Console Help.
server.company.com:44449.
|
Copyright © 2013 CA.
All rights reserved.
|
|