Skip to main content

Recommendations for Special Setups

The standard way to operate nevisIDM is with one single instance that handles all nevisIDM-related tasks:

  • Web-GUI for administration and self-administration
  • Web-Services for administration and self-administration
  • Web-Services for authentication purposes (authentication back end for nevisAuth)
  • Batch job processing
  • Provisioning
  • Asynchronous event processing
  • Auditing
  • Etc.

This chapter contains hints concerning setups that deviate from this standard single-instance approach.

Multi-instance setups

In setups with multiple nevisIDM instances, each nevisIDM instance is usually running independently on a different host. However, common practice is that all instances use the same database and share the same data. As such, multi-instance setups are especially useful in load balancing and failover scenarios. In addition, a multi-instance setup allows you to divide jobs over several instances ("separation of concerns") and to reduce the risk of downtime.

Requirements

The nevisIDM package needs to be installed on all affected hosts. Always use the same software version of nevisIDM for all instances. Additionally, the configuration has to be done multiple times in a consistent way. Also, all involved instances must be kept in sync.

Recommendations

We recommend that you enable provisioning and asynchronous event processing on all nevisIDM instances within the multi-instance setup. The event log data is written into the database. Every instance will process the "waiting" events.

Summary

  • Enable file auditing
  • Enable asynchronous event processing
  • Enable provisioning on all instances if needed.

The code snippet below shows how to configure a setup with two nevisIDM instances. You do this in the nevisidm-prod.properties file (one file per instance).

# all facilities are enabled:
application.modules.auditing.enabled=true
application.modules.auditing.repeat.count=-1
application.modules.auditing.autostartup.enabled=true
application.modules.event.autostartup.enabled=true
application.modules.provisioning.enabled=true