edit

Gluu Cluster Manager Documentation#

Overview#

Cluster Manager is a GUI tool for installing and managing a highly available, clustered Gluu Server infrastructure.

Cluster Manager is licensed under the Gluu Support License.

Beta Release#

This service is in beta. Please report bugs or feature requests via the Gluu support portal.

Features#

  • LDAP Replication
  • Cache Management
  • Monitoring
  • Central Logging
  • End-to-end secure tunneling between oxAuth and Redis

Components#

Cluster Manager utilizes the following components:

  1. Gluu Server: free open source software package for identity and access management

  2. Redis-Server: a value key-store known for it's high performance, installed outside the chroot on all servers. The configuration file is located on the servers with Gluu at /etc/redis/redis.conf or /etc/redis.conf

  3. Stunnel: used to protect communications between oxAuth and Redis and Twemproxy caching services. The configuration file is located at /etc/stunnel/stunnel.conf on all servers. It runs on port 8888 of the NGINX/Proxy server and 7777 on the Gluu servers. For security Redis runs on localhost. Stunnel faciliates SSL communication over the Internet for Redis, which doesn't come default with encrypted traffic

  4. Twemproxy: used for cache failover, round-robin proxying and caching performance with Redis. The configuration file for this program can be found on the proxy server in /etc/nutcracker/nutcracker.yml. It runs locally on port 2222 of the NGINX/Proxy server. Twemproxy enables high availability by automatically detecting Redis server failure and redirecting traffic to other working instances. Twemproxy will not reintroduce failed servers. Restarting Twemproxy can be performed manually, or a script can be written to automate the task of resetting the "down" flag of the failed server

  5. NGINX: used to proxy communication between Gluu instances. The configuration file is located on the load balancing server (if installed) at /etc/nginx/nginx.conf. It can be set to round-robin for load balancing across servers by changing nginx.conf to use backend instead of backend_id. Note: This breaks SCIM functionality if one of the servers goes down and redundancy isn't built into the logic of your SCIM client

Get Started#

License#

Licensed under the GLUU SUPPORT LICENSE. To obtain a Gluu Support contract, see support pricing.