Adding a new node to an existing OpenAM cluster without user interaction

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Adding a new node to an existing OpenAM cluster without user interaction

Swanson, Ryan
Hello,

Currently we’ve gotten the vast majority of our OpenAM install and server management automated using puppet. We have the entire install working with a combination of base puppet, ssoadm, and the configurator; the only hitch is that any node after the primary must be initialized and then you have to step through the browser based UI to finish the installation and join it to the current cluster. Is there a way to script this install? I’m hoping to add to our puppet codebase so that we can take the existing cluster and add new nodes to it simply by provisioning a new VM with the right puppet role. And insight is much appreciated!

Ryan Swanson

________________________________

NOTICE: This e-mail and any attachments is intended only for use by the addressee(s) named herein and may contain legally privileged, proprietary or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this email, and any attachments thereto, is strictly prohibited. If you receive this email in error please immediately notify me via reply email or at (800) 927-9800 and permanently delete the original copy and any copy of any e-mail, and any printout.
_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam
Reply | Threaded
Open this post in threaded view
|

Re: Adding a new node to an existing OpenAM cluster without user interaction

Christian Viola
Hi Ryan,

When adding a new node to an existing cluster you can leverage a feature during the ssoconfigurator run by pointing your new instance to an existing url. The detection of that scenario is up to you but lets assume you have two nodes:
- am01.example.com
- am02.example.com

The instance am01.example.com has been setup, configured and ssoadm ran setting up your realms. In the next step you instruct the configurator by adding the field existingserverid to the file you pass to configurator run. Afterwards there is no necessity to run ssoadm again - pretty simple. Since you are using puppet just add something like this to your template:
<% if @openam['existingserverurl'] %>
  existingserverid=<%= @iam_openam['existingserverurl'] %>
<% end -%>



Hope this helps.
/Chris

IAM Engineer | Zalando SE



On 27 June 2016 at 19:29, Swanson, Ryan <[hidden email]> wrote:
Hello,

Currently we’ve gotten the vast majority of our OpenAM install and server management automated using puppet. We have the entire install working with a combination of base puppet, ssoadm, and the configurator; the only hitch is that any node after the primary must be initialized and then you have to step through the browser based UI to finish the installation and join it to the current cluster. Is there a way to script this install? I’m hoping to add to our puppet codebase so that we can take the existing cluster and add new nodes to it simply by provisioning a new VM with the right puppet role. And insight is much appreciated!

Ryan Swanson

________________________________

NOTICE: This e-mail and any attachments is intended only for use by the addressee(s) named herein and may contain legally privileged, proprietary or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this email, and any attachments thereto, is strictly prohibited. If you receive this email in error please immediately notify me via reply email or at <a href="tel:%28800%29%20927-9800" value="+18009279800">(800) 927-9800 and permanently delete the original copy and any copy of any e-mail, and any printout.
_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam


_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam