IM - How Should IM Prov Dir XML Look Like For Provisioning Server Loadbalancing and Failover and How To Remove Failover Servers
search cancel

IM - How Should IM Prov Dir XML Look Like For Provisioning Server Loadbalancing and Failover and How To Remove Failover Servers

book

Article ID: 254902

calendar_today

Updated On:

Products

CA Identity Suite CA Identity Manager

Issue/Introduction

When reviewing the product documentation regarding the Provisioning Server load balancing it shows the Directory XML would look like the following:

<Connection host=“imps_srv01.gpc.net" port="20389" loadbalance=“imps_srv02.gpc.net:20389,imps_srv03.gpc.net:20389” failover=“imps_srv04.gpc.net:20389,imps_srv05.gpc.net:20389” />

But when I then export the IM Prov Dir XML it will show the following instead

<Connection host=“imps_srv01.gpc.net" port="20389" loadbalance=“imps_srv02.gpc.net:20389,imps_srv03.gpc.net:20389” failover=“imps_srv02.gpc.net:20389,imps_srv03.gpc.net:20389,imps_srv04.gpc.net:20389,imps_srv05.gpc.net:20389” />

Environment

Identity Manager 14.3 CP2 and later

Identity Manager 14.4 and later

Cause

When importing the following Connection string in the XML

<Connection host="imps_srv01.gpc.net" port="20389" failover="imps_srv04.gpc.net:20389,imps_srv05.gpc.net:20389" loadbalance="imps_srv02.gpc.net:20389,imps_srv03.gpc.net:20389"/>

the result would be three pools of virtual servers with the primary servers in each bank consisting of imps_srv01, imps_srv02, and imps_srv03 where the remaining server pool for each would be the the other two non-primary server for that bank (i.e. between imps_srv01, imps_srv02, and imps_srv03) as well as additional servers for that server pool that are listed as failover (i.e. imps_srv04.gpc.net and imps_srv05.gpc.net) 

The the IM objectstore database is updated with the HOSTNAME column of the IM_DIR_CONNECTION table getting the primary server (imps_srv01) followed by all the loadbalance servers (imps_srv02 and imps_srv03) and failover servers (imps_srv04 and imps_srv05) while the IM_DIR_CONNECTION_LD table contains the LOAD_SERVER_LIST value which would contain just the loadbalance servers (imps_srv02 and imps_srv03).

So now when you export out the XML the result will be that the failover property will contain not just imps_srv04 and imps_srv05 but will also contain imps_srv02 and imps_srv03 as all servers do act as failovers for any connection bank it is not the primary server of.

<Connection host="imps_srv01.gpc.net" port="20389" failover="imps_srv02.gpc.net:20389,imps_srv03.gpc.net:20389,imps_srv04.gpc.net:20389,imps_srv05.gpc.net:20389" loadbalance="imps_srv02.gpc.net:20389,imps_srv03.gpc.net:20389"/>

Resolution

In order to remove imps_srv04 and imps_srv05 from the failover list you would need to import an XML which would like like the following:

<Connection host="imps_srv01.gpc.net" port="20389" failover="imps_srv02.gpc.net:20389,imps_srv03.gpc.net:20389" loadbalance="imps_srv02.gpc.net:20389,imps_srv03.gpc.net:20389"/>

which really means the same as 

<Connection host="imps_srv01.gpc.net" port="20389" loadbalance="imps_srv02.gpc.net:20389,imps_srv03.gpc.net:20389"/>

but having the explicit failover value with the list of servers will force the database to be updated to remove imps_srv04 and imps_srv05

Powered by Wolken Software