Skip to content

Deploying PingAccess Cluster

This use case employs the pingidentity-server-profiles/pa-clustering server profile. This server profile contains an H2 database engine located in pingidentity-server-profiles/pa-clustering/pingaccess/instance/data/PingAccess.mv.db. H2 is configured to reference the PingAccess Admin engine at pingaccess:9090.

Remember to include this if you create your own server profile. This setting is not contained in an exported PingAccess configuration archive.

Before you begin

  • You've already been through Get Started to set up your DevOps environment and run a test deployment of the products.

About this task

You will:

  • Deploy the PingAccess cluster.
  • Replicate the cluster configuration.
  • Scale the PingAccess engines.

Deploying Cluster

Use the docker-compose.yaml file in your local pingidentity-devops-getting-started/11-docker-compose/06-pingaccess-cluster directory to deploy the cluster.

  1. From the pingidentity-devops-getting-started/11-docker-compose/06-pingaccess-cluster directory, start the stack. Enter:

    docker-compose up -d

  2. Check that the containers are healthy and running:

    docker-compose ps

    You can also display the startup logs:

    docker-compose logs -f

    To see the logs for a particular product container at any point, enter:

    docker-compose logs <product-container-name>

  3. Sign on to the PingAccess Administrator Console:

    Product Connection Details
    PingAccess

Verifying Cluster Status

Check the status of the cluster using either the admin console or the Admin REST API:

  • To use the Administrator Console:

    1. Sign on to the Administrator Console: https://localhost:9000
    2. To see your engines, go to Settings.

  • To use the PingAccess Admin REST API, enter:

    curl -k -u administrator:2FederateM0re \
   -H 'X-XSRF-Header: PingAccess' https://localhost:9000/pa-admin-api/v3/engines

    The resulting response resembles the following:

    {
   "items":[
      {
         "id":1,
         "name":"1e0e17125564",
         "description":null,
         "configReplicationEnabled":true,
         "keys":[
            {
               "jwk":{
                  "kty":"EC",
                  "kid":"41097511-9945-49df-8a43-f463fb9fe353",
                  "x":"-tZ6kNF1o2QCAK6bIG2DeGqpOnp6V6HJZcPhUJ3JbZ8",
                  "y":"lO_BkXLnGLSiC4O7TPmWBDk2YOHuqno61QInkgL7-5M",
                  "crv":"P-256"
               },
               "created":1582783126865
            }
         ],
         "httpProxyId":0,
         "httpsProxyId":0,
         "selectedCertificateId":5,
         "certificateHash":{
            "algorithm":"SHA1",
            "hexValue":"e8a4cc6163fce9b7216b284ef635306f07be381b"
         }
      }
   ]
}

Scaling Engines

To scale up to two engine nodes:

docker-compose up -d --scale pingaccess-engine=2

Cleaning Up

When you no longer want to run this stack, bring the stack down.

To remove all of the containers and associated Docker networks, enter:

docker-compose down

To stop the running stack without removing any of the containers or associated Docker networks, enter:

docker-compose stop

To remove attached Docker Volumes

docker volume prune