It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Load balancing Crowd

We are currently using Crowd to authenticate Jira and Confluence.

Recent development on our core applications includes the use of Crowd for authentication. This put me in a situation where I would like Crowd to be (more) redundant.

Current set up is on 1 virtual server. The hardware this server is on is currently unknown and I have a request put in to our ASP in regards to information on the hardware (e.g. at least have the most error-prone components redundant).

Having suitable hardware is just step 1. I would really like to have the Crowd installation redundant. I've done some research and found the following links:

It seems to me that there are some issues in regards to the setup - one example is that other Crowd installations using the same db must be turned off when adding a new application to Crowd. This is not the biggest of issues as we do not add that many applications during a year - but still...

Solution is either to use hardware or software in front of the two (LB) and have the related applications use the cluster ip-address instead of the specific server ip address we use today. My question is how to avoid the hardware/software solution in front (the actual LB) becoming the single point of failure? Yes, we can have two of this as well, but there is something called costs :)

Can anyone tell me:

  • is it possible to have a single LB instance and have traffic routed directly to the ip address of one of the servers behind the LB if it goes down?
  • Will Jira/Confluence/other applications manage this switch?

Or is my only solution to duplicate the LB instances?

2 answers

1 accepted

0 votes
Answer accepted

To us this is no longer needed. As we where unable to get Crowd working behind a ISA server, we discontinued the use of the application.

I know this question was back in 2011 but I just wanted to give everyone else who is looking for the solution just like me. Here's how I solved it.

The way I solved it is to add the load balancer IP address(es) that it trying to connect. If you look at the crowd log, you'll see the IP from the load balancer to the application, see below. Once I added the IP it's coming from in the crowd application/confluence/remote addresses and then restart confluence. I was able to login.   

example log from Crowd: Client with address '10.0.15.210' is forbidden from making requests to application 'confluence'

I'm using AWS Load Balancer and EC2. It's connecting to my Confluence via internal IP instead of the DNS name. You don't need to change the crowd.properties and I have it set to the DNS name. You just need to add the internal IP that load balancer is requesting. 

Do the same thing for JIRA. Find out what IP it's connecting for JIRA and then add it the crowd application JIRA.

Hao

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Marketplace Apps & Integrations

Distribute and track teams' work in a smart way and gain visibility

  Plan and track how teams spend their time and effort may represent a rocket science for many team leaders. Not rarely they need to deal with a considerable amount of variables to “hit the tar...

53 views 0 2
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you