Deploying PingAccess Cluster ¶
This use case employs the pingidentity-server-profiles/pa-clustering
server profile. This server profile contains an H2 database engine located in pingidentity-server-profiles/pa-clustering/pingaccess/instance/data/PingAccess.mv.db
. H2 is configured to reference the PingAccess Admin engine at pingaccess:9090
.
Remember to include this if you create your own server profile. This setting is not contained in an exported PingAccess configuration archive.
Before you begin ¶
- You've already been through Get Started to set up your DevOps environment and run a test deployment of the products.
About this task ¶
You will:
- Deploy the PingAccess cluster.
- Replicate the cluster configuration.
- Scale the PingAccess engines.
Deploying Cluster ¶
Use the docker-compose.yaml
file in your local pingidentity-devops-getting-started/11-docker-compose/06-pingaccess-cluster
directory to deploy the cluster.
-
From the
pingidentity-devops-getting-started/11-docker-compose/06-pingaccess-cluster
directory, start the stack. Enter:docker-compose up -d
-
Check that the containers are healthy and running:
docker-compose ps
You can also display the startup logs:
docker-compose logs -f
To see the logs for a particular product container at any point, enter:
docker-compose logs <product-container-name>
-
Sign on to the PingAccess Administrator Console:
Product Connection Details PingAccess - URL: https://localhost:9000
- Username: administrator
- Password: 2FederateM0re
Verifying Cluster Status ¶
Check the status of the cluster using either the admin console or the Admin REST API:
-
To use the Administrator Console:
- Sign on to the Administrator Console:
https://localhost:9000
- To see your engines, go to Settings.
- Sign on to the Administrator Console:
-
To use the PingAccess Admin REST API, enter:
curl -k -u administrator:2FederateM0re \ -H 'X-XSRF-Header: PingAccess' https://localhost:9000/pa-admin-api/v3/engines
The resulting response resembles the following:
{ "items":[ { "id":1, "name":"1e0e17125564", "description":null, "configReplicationEnabled":true, "keys":[ { "jwk":{ "kty":"EC", "kid":"41097511-9945-49df-8a43-f463fb9fe353", "x":"-tZ6kNF1o2QCAK6bIG2DeGqpOnp6V6HJZcPhUJ3JbZ8", "y":"lO_BkXLnGLSiC4O7TPmWBDk2YOHuqno61QInkgL7-5M", "crv":"P-256" }, "created":1582783126865 } ], "httpProxyId":0, "httpsProxyId":0, "selectedCertificateId":5, "certificateHash":{ "algorithm":"SHA1", "hexValue":"e8a4cc6163fce9b7216b284ef635306f07be381b" } } ] }
Scaling Engines ¶
To scale up to two engine nodes:
docker-compose up -d --scale pingaccess-engine=2
Cleaning Up ¶
When you no longer want to run this stack, bring the stack down.
To remove all of the containers and associated Docker networks, enter:
docker-compose down
To stop the running stack without removing any of the containers or associated Docker networks, enter:
docker-compose stop
To remove attached Docker Volumes
docker volume prune