IM - How Should IM Prov Dir XML Look Like For Provisioning Server Loadbalancing and Failover and How To Remove Failover Servers
search cancel

IM - How Should IM Prov Dir XML Look Like For Provisioning Server Loadbalancing and Failover and How To Remove Failover Servers

book

Article ID: 254902

calendar_today

Updated On:

Products

CA Identity Suite CA Identity Manager

Issue/Introduction

When reviewing the product documentation regarding the Provisioning Server load balancing it shows the Directory XML would look like the following:

<Connection host=“IMPS_HOST_1" port="20389" loadbalance=“IMPS_HOST_2:20389,IMPS_HOST_3:20389” failover=“IMPS_HOST_4:20389,IMPS_HOST_5:20389” />

But when I then export the IM Prov Dir XML it will show the following instead

<Connection host=“IMPS_HOST_1" port="20389" loadbalance=“IMPS_HOST_2:20389,IMPS_HOST_3:20389” failover=“IMPS_HOST_2:20389,IMPS_HOST_3:20389,IMPS_HOST_4:20389,IMPS_HOST_5:20389” />

Environment

Identity Manager 14.3 CP2 and later

Identity Manager 14.4 and later

Cause

When importing the following Connection string in the XML

<Connection host="IMPS_HOST_1" port="20389" failover="IMPS_HOST_4:20389,IMPS_HOST_5:20389" loadbalance="IMPS_HOST_2:20389,IMPS_HOST_3:20389"/>

the result would be three pools of virtual servers with the primary servers in each bank consisting of IMPS_HOST_1, IMPS_HOST_2, and IMPS_HOST_3 where the remaining server pool for each would be the other two non-primary server for that bank (i.e. between IMPS_HOST_1, IMPS_HOST_2, and IMPS_HOST_3) as well as additional servers for that server pool that are listed as failover (i.e. IMPS_HOST_4 and IMPS_HOST_5) 

The the IM objectstore database is updated with the HOSTNAME column of the IM_DIR_CONNECTION table getting the primary server (IMPS_HOST_1) followed by all the loadbalance servers (IMPS_HOST_2 and IMPS_HOST_3) and failover servers (IMPS_HOST_4 and IMPS_HOST_5) while the IM_DIR_CONNECTION_LD table contains the LOAD_SERVER_LIST value which would contain just the loadbalance servers (IMPS_HOST_2 and IMPS_HOST_3).

So now when you export out the XML the result will be that the failover property will contain not just IMPS_HOST_4 and IMPS_HOST_5 but will also contain IMPS_HOST_2 and IMPS_HOST_3 as all servers do act as failovers for any connection bank it is not the primary server of.

<Connection host="IMPS_HOST_1" port="20389" failover="IMPS_HOST_2:20389,IMPS_HOST_3:20389,IMPS_HOST_4:20389,IMPS_HOST_5:20389" loadbalance="IMPS_HOST_2:20389,IMPS_HOST_3:20389"/>

Resolution

In order to remove IMPS_HOST_4 and IMPS_HOST_5 from the failover list you would need to import an XML which would like like the following:

<Connection host="IMPS_HOST_1" port="20389" failover="IMPS_HOST_2:20389,IMPS_HOST_3:20389" loadbalance="IMPS_HOST_2:20389,IMPS_HOST_3:20389"/>

which really means the same as 

<Connection host="IMPS_HOST_1" port="20389" loadbalance="IMPS_HOST_2:20389,IMPS_HOST_3:20389"/>

but having the explicit failover value with the list of servers will force the database to be updated to remove IMPS_HOST_4 and IMPS_HOST_5

Powered by Wolken Software