Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,462,810
Community Members
 
Community Events
176
Community Groups

Load balancing Crowd

Ivar Rising Star Aug 02, 2011

We are currently using Crowd to authenticate Jira and Confluence.

Recent development on our core applications includes the use of Crowd for authentication. This put me in a situation where I would like Crowd to be (more) redundant.

Current set up is on 1 virtual server. The hardware this server is on is currently unknown and I have a request put in to our ASP in regards to information on the hardware (e.g. at least have the most error-prone components redundant).

Having suitable hardware is just step 1. I would really like to have the Crowd installation redundant. I've done some research and found the following links:

It seems to me that there are some issues in regards to the setup - one example is that other Crowd installations using the same db must be turned off when adding a new application to Crowd. This is not the biggest of issues as we do not add that many applications during a year - but still...

Solution is either to use hardware or software in front of the two (LB) and have the related applications use the cluster ip-address instead of the specific server ip address we use today. My question is how to avoid the hardware/software solution in front (the actual LB) becoming the single point of failure? Yes, we can have two of this as well, but there is something called costs :)

Can anyone tell me:

  • is it possible to have a single LB instance and have traffic routed directly to the ip address of one of the servers behind the LB if it goes down?
  • Will Jira/Confluence/other applications manage this switch?

Or is my only solution to duplicate the LB instances?

2 answers

1 accepted

0 votes
Answer accepted
Ivar Rising Star Nov 15, 2011

To us this is no longer needed. As we where unable to get Crowd working behind a ISA server, we discontinued the use of the application.

I know this question was back in 2011 but I just wanted to give everyone else who is looking for the solution just like me. Here's how I solved it.

The way I solved it is to add the load balancer IP address(es) that it trying to connect. If you look at the crowd log, you'll see the IP from the load balancer to the application, see below. Once I added the IP it's coming from in the crowd application/confluence/remote addresses and then restart confluence. I was able to login.   

example log from Crowd: Client with address '10.0.15.210' is forbidden from making requests to application 'confluence'

I'm using AWS Load Balancer and EC2. It's connecting to my Confluence via internal IP instead of the DNS name. You don't need to change the crowd.properties and I have it set to the DNS name. You just need to add the internal IP that load balancer is requesting. 

Do the same thing for JIRA. Find out what IP it's connecting for JIRA and then add it the crowd application JIRA.

Hao

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events