Ping Identity supports redundant failover servers that automatically become active when the primary server is not available. Multiple servers can be present in the topology in a configurable prioritized order.
Before installing a failover server, have a primary server already installed and configured. When installing the redundant server, the installer will copy the first server’s configuration.
The primary and secondary server configuration remain
identical. Both servers should be registered to the
group and all
dsconfig changes need to be applied to the server
If the primary server has extensions defined, they should also be installed on any cloned or redundant servers. If extensions are missing from a secondary server, the following message is displayed during the installation:
Extension class <com.server.directory.sync.MissingSyncExtension> was not found. Run manage-extension --install to install your extensions. Re-run setup to continue.
remove a failover server, use the
Unpack the Ping Identity server zip build. Name the unpacked directory
something other than the first server instance directory.
$ unzip PingData<server>-<version>.zip -d <server2>
- Navigate to the server root directory.
setuptool in interactive mode in Install the Server, or in non-interactive mode as follows:
$ ./setup --localHostName <server2>.example.com --ldapPort 7389 \ --masterHostName <server1>.example.com --masterPort 8389 \ --masterUseNoSecurity \ --acceptLicense \ --rootUserPassword password \ --no-prompt
The secondary server is now ready to take over as a primary server in the event of a failover. No
realtime-syncinvocations are needed for this server.
Verify the configuration by using the
bin/statustool. Each server instance is given a priority index. The server with the lowest priority index number has the highest priority.
$ bin/status --bindPassword secret ...(status output)... --- Sync Topology --- Host:Port :Status :Priority ---------------------------------------:-------------:--------------- <server>.example.com:389 (this server) : Active : 1 <server>.example.com:389 : Unavailable : 2
Obtain the name of a particular server, run the
dsconfigtool with the
$ bin/dsconfig list-external-servers
To change the priority index of the server, use the
$ bin/dsconfig set-external-server-prop \ --server-name <server2>.example.com:389 \ --set <server>-priority-index:1