-
Notifications
You must be signed in to change notification settings - Fork 342
concept: high availability
OK, there is this old concept of high availability that relies on the database doing all the job. http://privacyidea.readthedocs.org/en/latest/faq/ha-setups.html
This is some low hanging fruit and works for MySQL master-master replication. But if you are running PostgreSQL or maybe sqlite, you have a kind of problem.
In addition, this concept only allows 2 machines in active HA mode.
It might be more interesting, to be able to add machines to such a cluster, independent on the database. In this case the application/privacyIDEA has to care about the synchonization.
This wiki page is about ideas and concepts, how this can be implemented.
- Each system knows its sync partners.
- Keep setting up sync easy:
- Ideally we do not need to distribute encryption keys. (Each sync parnter could have different encryption keys).
- Sync partners can be added and removed.
- A system that was down, can resync automatically.
When is a synchronization necessary?
- Authentication!
- Configuration of admin (System, Resolvers, Realms)
- Rollout of token
- managing of tokens
- Audit
- get a list of tokens to validate
- lock tokens on other partners
- validate
- distribute result
- unlock tokens
We might use the existing REST API via HTTP/S and add an additional Endpoint /ha where the machines authenticate with public key crypto and also sign the messages.