AuthHub : High availability for AuthHub services
search cancel

AuthHub : High availability for AuthHub services

book

Article ID: 255608

calendar_today

Updated On:

Products

VIP Authentication Hub

Issue/Introduction

Question regarding Auth Hub High Availability :

- the ssp host and auth hub db are tightly coupled and we cannot use any other host url. If we try to use other LB url then AuthHub throws error “Invalid Operation”

- AuthHub backend is validating the host url, since its not matching its throwing above error

- As per our GTI team guidelines, we should have multi cluster approach (blue-green deployment) to avoid any down time.

- Can you help us to understand how we can upgrade/patch our EKS cluster without any down time?

 

 

Environment

Release : Any 

Resolution

The cluster is upgradable by running an in-place upgrade which is a ZDT process. In this process, for couple of minutes during the upgrade, the old pods continue to function until being swapped out by new pods. 

Please attached "AH Blue Green Upgrades v1.pdf" for proposed approach. The approach relies on LoadBalancer or Traffic Manager to route based on few different industry-standard options

LB/TD information such as client-specific headers can be used to route to a new environment. This is used for by test clients to test new environments.

After testing in a new environment, clients have to be switched from the previous environment into new environment, using few different approaches:

1. LB/TD information such as service weights indicating how much of traffic can be used to route to a new environments. This approach is used to manage incremental uptake of new environments.

2. It is also possible to use DNS switching to switch between environments instead of relying on traffic managers. This is used to globally switch between environments after having tested new environment.

Whatever approach is taken to switch to a new environment, it is necessary to have global setting "persistentStoreForTransactionalData" be configured to have the value of "db".  This must be in place from the very first deployment. 

Thanks


PS  LB/TD/DNS topo as covered by blue/green strategy is not required with an in-place ZDT upgrade, where the assumption is  testing has been done in a separate pre-prod environment.

Attachments

1671199508375__AH Blue Green Upgrades v1.pdf get_app
Powered by Wolken Software