Friday, March 26, 2021

Scale-out VMware Identity Manager

 

Recently I’ve worked with one of my customers to scale-out their vRealize Automation (vRA) environment enabling High Availability for their VMware Identity Manager (vIDM) appliances

Initially they deployed the environment with a single node and as the solution became successfully and the key point of their automation strategy, increasing the availability of it looked like a good idea.


 It’s a smart customer, they deployed the solution through the use of vRealize Suite LifeCycle Manager (vRSLCM) which comes as no extra cost for all vRealize Suite users. 

Besides deploying the solutions, it also takes cares of all day 2 activities, like patching, upgrading and scale-out as well.

 

Although the platform will take care automatically of the scale-out activity, provisioning new nodes, configure them as a cluster, replacing certificates for VIPs, etc...there’s still just a few tasks you need to take care first.

-       Replacing the certificate to include SAN for VIP and extra vIDM nodes;

-       Register the vIDM VIP FQDN on DNS system;

-       Configure the external Load Balancer to handle the requests.

That’s when we realized vRSLCM’s documentation does not include much information about it, like health checks, ports, HTTP method, etc.

So I had to dig this information from several other documentation and it’s here for easier consumption.

Be aware of an issue scaling vIDM 3.3.1 with vRSLCM 8.x 
If your environment match this specific matrix, check KB79040 for the fix

 

I'm adding here the source information if you need to check for yourselves ; )

- Configure Load Balancer on vRealize Automation's documentation

 

- Create Service Monitors for the Cross-Region on VMware Validated Design's documentation


- Using a Load Balancer or Reverse Proxy to Enable External Access to VMware Identity Manager on Workspace One’s documentation

 

- VMware Identity Manager URL Endpoints for Monitoringon Workspace OneDocumentation


No comments:

Post a Comment

Who am I

My photo
I’m an IT specialist with over 15 years of experience, working from IT infrastructure to management products, troubleshooting and project management skills from medium to large environments. Nowadays I'm working for VMware as a Consulting Architect, helping customers to embrace the Cloud Era and make them successfully on their journey. Despite the fact I'm a VMware employee these postings reflect my own opinion and do not represents VMware's position, strategies or opinions. Reach me at @dumeirell

Most Viewed Posts

Blog Archive