[midPoint] Advice on Database High Availability

Kamil Jires kamil.jires at evolveum.com
Mon May 6 11:50:15 CEST 2024 

Hello,

  the midPoint development and all the tests are done on single DB node 
for the repository. Even in the big deployment the "bottle neck" is 
usually the amount of the resources and / or the effective speed of the 
communication with the resources. There is usually no need to clustering 
of the repository for normal operation. We have no explicit support for 
the scenario of the repository on clustered DB.

There is good support for the clustering on DB side. There is also 
support on jdbc driver level for the DB cluster - as you have mentioned. 
In case you have good knowledge of postgreSQL DB it should not be 
problem to set it up. I think as far as it will be "transparent" and in 
case of "delayed" replication (not all nodes has to confirm the 
operation to finish it) I don't expect any issue.

In case of containers the HA can be handled by restarting pod in case of 
application issue. In case of data problem on "regular SQL transaction" 
("wrong" update query) the HA cluster would replicate the operation anyway.

The question of HA has not general answer. It may differs from 
environment to environment. I would think about backup(s) and Time To 
Recovery. Usually a small outage of the midPoint is not critical as real 
time services (e.g. SSO) are handled by other application(s).

In case you will work with HA in any form we strongly recommend to have 
test environment where you can test your scenario before applying to the 
production ! The load balancers are very sensitive for the 
misconfiguration. In case you have any in the environment and facing the 
issue in communication try to bypass it and access the resource directly 
at least for the testing purpose to identify the root cause of the issue.

Even the answer is generic I hope it will help you with the decision.

Best Regards,

*Kamil Jires* | Identity Engineer

<https://evolveum.com/>
kamil.jires at evolveum.com | www.evolveum.com <http://www.evolveum.com/>

Evolveum LinkedIn <https://www.linkedin.com/company/evolveum> Evolveum 
Twitter <https://twitter.com/evolveum> Evolveum Facebook 
<https://www.facebook.com/evolveum>

Disclaimer: The contents of this e-mail and attachment(s) thereto are 
confidential and intended for the named recipient(s) only. It shall not 
attach any liability on the originator or Evolveum s.r.o. or its 
affiliates. Any views or opinions presented in this email are solely 
those of the author and may not necessarily reflect the opinions of 
Evolveum s.r.o. or its affiliates. Any form of reproduction, 
dissemination, copying, disclosure, modification, distribution and / or 
publication of this message without the prior written consent of the 
author of this e-mail is strictly prohibited. If you have received this 
email in error please delete it and notify the sender immediately.


On 5/3/24 23:14, Crowe, Jared via midPoint wrote:
>
> Hello.
>
> Is there are recommended approach for implementing database high 
> availability? We are considering the dual-host jdbc connection string 
> as is supported (e.g. 
> jdbcUrl:postgresql://host1:port1,host2:port2/database) by PostgreSQL. 
> Is there any support for multiple connection strings in the midpoint 
> application’s native database config? What is Evolveum’s 
> recommendation on this concern, in general.
>
> Thank you.
>
> *JARED CROWE*
> /ASSISTANT DIRECTOR INTEGRATIONS/
>
> Administrative Information Technology Services (AITS)
> University of Illinois System
> 50 Gerty Dr. #133d | M/C 673 | Champaign, IL 61820
> 217.333.2098 | jmcrowe at illinois.edu <mailto:jmcrowe at illinois.edu>
> www.aits.uillinois.edu <http://www.aits.uillinois.edu/>
>
> <https://www.uillinois.edu/>
>
> /Under the Illinois Freedom of Information Act any written 
> communication to or from university employees regarding university 
> business is a public record and may be subject to public disclosure. /
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20240506/7e829520/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 10795 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20240506/7e829520/attachment-0001.png>

More information about the midPoint mailing list