Friday, February 4, 2022

VMware Identity Manager and Delegate IP

While working with one of my customers to deploy a new automation platform (vRealize Automation), which will provide and manage multi-cloud resources, like on AWS, Google, and vSphere for hundreds of end-users providing real self-service portal to give them freedom and agility we decided it was a good idea to consider high-availability to this solution.

You might recall when I talked about scale-out VMware Identity Manager, vIDM, to provide high availability. At that time I covered most about load balancer health checks for the services, but there's an extra requirement;  delegate IP.

First thing first, what is delegate IP ?

When you have your vIDM in cluster mode, it will also cluster their internal Postgres database, the delegate IP is the Active IP receiving the request and will fluctuate between the nodes when needed.

So far so good, but what's the problem ?

What was not clear is if this delegate IP needs an external load balancer or not, in fact, the documentation points to Identity Manager load balancing Documentation... and to your surprise, there's no mention about requirements to set up this service.

A more detailed documentation about vIDM load balancing needs shows no evidence of the need for it.

So, to solve anyone's doubt.

There's NO need for an external load balancer for the delegate IP, the nodes themselves will manage it.

You still need an extra free IP on the same segment where your vIDM nodes are provisioned.

be safe people !!!


No comments:

Post a Comment

Who am I

My photo
I’m an IT specialist with over 15 years of experience, working from IT infrastructure to management products, troubleshooting and project management skills from medium to large environments. Nowadays I'm working for VMware as a Consulting Architect, helping customers to embrace the Cloud Era and make them successfully on their journey. Despite the fact I'm a VMware employee these postings reflect my own opinion and do not represents VMware's position, strategies or opinions. Reach me at @dumeirell

Most Viewed Posts

Blog Archive