Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,293,534
Community Members
 
Community Events
165
Community Groups

Load balancing Crowd

We are currently using Crowd to authenticate Jira and Confluence.

Recent development on our core applications includes the use of Crowd for authentication. This put me in a situation where I would like Crowd to be (more) redundant.

Current set up is on 1 virtual server. The hardware this server is on is currently unknown and I have a request put in to our ASP in regards to information on the hardware (e.g. at least have the most error-prone components redundant).

Having suitable hardware is just step 1. I would really like to have the Crowd installation redundant. I've done some research and found the following links:

It seems to me that there are some issues in regards to the setup - one example is that other Crowd installations using the same db must be turned off when adding a new application to Crowd. This is not the biggest of issues as we do not add that many applications during a year - but still...

Solution is either to use hardware or software in front of the two (LB) and have the related applications use the cluster ip-address instead of the specific server ip address we use today. My question is how to avoid the hardware/software solution in front (the actual LB) becoming the single point of failure? Yes, we can have two of this as well, but there is something called costs :)

Can anyone tell me:

  • is it possible to have a single LB instance and have traffic routed directly to the ip address of one of the servers behind the LB if it goes down?
  • Will Jira/Confluence/other applications manage this switch?

Or is my only solution to duplicate the LB instances?

2 answers

1 accepted

0 votes
Answer accepted

To us this is no longer needed. As we where unable to get Crowd working behind a ISA server, we discontinued the use of the application.

I know this question was back in 2011 but I just wanted to give everyone else who is looking for the solution just like me. Here's how I solved it.

The way I solved it is to add the load balancer IP address(es) that it trying to connect. If you look at the crowd log, you'll see the IP from the load balancer to the application, see below. Once I added the IP it's coming from in the crowd application/confluence/remote addresses and then restart confluence. I was able to login.   

example log from Crowd: Client with address '10.0.15.210' is forbidden from making requests to application 'confluence'

I'm using AWS Load Balancer and EC2. It's connecting to my Confluence via internal IP instead of the DNS name. You don't need to change the crowd.properties and I have it set to the DNS name. You just need to add the internal IP that load balancer is requesting. 

Do the same thing for JIRA. Find out what IP it's connecting for JIRA and then add it the crowd application JIRA.

Hao

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Jira Service Management

Jira Service Management Documentation Opportunities

Hello everyone, Hope everyone is safe! A few months ago we posted an article sharing all the new articles and documentation that we, the AMER Jira Service Management team created. As mentioned ...

197 views 0 5
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you