We are currently using Crowd to authenticate Jira and Confluence.
Recent development on our core applications includes the use of Crowd for authentication. This put me in a situation where I would like Crowd to be (more) redundant.
Current set up is on 1 virtual server. The hardware this server is on is currently unknown and I have a request put in to our ASP in regards to information on the hardware (e.g. at least have the most error-prone components redundant).
Having suitable hardware is just step 1. I would really like to have the Crowd installation redundant. I've done some research and found the following links:
It seems to me that there are some issues in regards to the setup - one example is that other Crowd installations using the same db must be turned off when adding a new application to Crowd. This is not the biggest of issues as we do not add that many applications during a year - but still...
Solution is either to use hardware or software in front of the two (LB) and have the related applications use the cluster ip-address instead of the specific server ip address we use today. My question is how to avoid the hardware/software solution in front (the actual LB) becoming the single point of failure? Yes, we can have two of this as well, but there is something called costs :)
Can anyone tell me:
Or is my only solution to duplicate the LB instances?
I know this question was back in 2011 but I just wanted to give everyone else who is looking for the solution just like me. Here's how I solved it.
The way I solved it is to add the load balancer IP address(es) that it trying to connect. If you look at the crowd log, you'll see the IP from the load balancer to the application, see below. Once I added the IP it's coming from in the crowd application/confluence/remote addresses and then restart confluence. I was able to login.
example log from Crowd: Client with address '10.0.15.210' is forbidden from making requests to application 'confluence'
I'm using AWS Load Balancer and EC2. It's connecting to my Confluence via internal IP instead of the DNS name. You don't need to change the crowd.properties and I have it set to the DNS name. You just need to add the internal IP that load balancer is requesting.
Do the same thing for JIRA. Find out what IP it's connecting for JIRA and then add it the crowd application JIRA.
Plan and track how teams spend their time and effort may represent a rocket science for many team leaders. Not rarely they need to deal with a considerable amount of variables to “hit the tar...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events