IBM Security Privileged Identity Manager, Version 2.0

Setting up a load balancer for a virtual appliance cluster

Deploying a cluster of Privileged Identity Manager virtual appliances with a load balancer provides the required high availability for business continuity.

Before you begin

The load balancer must meet the following requirements:
  • Must be a Layer-7 load balancer.
  • Valid SSL certificate installed. You can install a certificate that is signed by a commercial Certificate Authority or a self-signed certificate. For a self-signed certificate, the Root CA certificate that is used to sign the load balancer certificate, must be imported into the Windows truststore to work with AccessAgent.
  • AccessAgent must be configured to use the load balancer as the IMS Server. The communication between the AccessAgent and the IMS Server is over a separate SSL connection.
  • underscores_in_headers directive is enabled.
  • Session affinity is enabled.

About this task

A load balancer is a hardware or software device capable of spreading user requests between cluster member nodes. To avoid being a single point of failure, keep a backup load balancer that is ready to be swapped in. The backup load balancer is useful when the primary load balancer fails.

Procedure

  1. Set up and configure the front-end load balancer. See the configuration requirements Planning for high availability.
  2. If necessary, package the load balancer SSL certificate with the AccessAgent installation packages.
  3. Configure AccessAgent to use the load balancer as the IMS Server.
  4. Configure the load balancer settings on the virtual appliance. See Configuring the Load Balancer settings.
Parent topic: Installation
Related information:
Planning for high availability
developerWorks: Configuring the appliance with a load balancer

Feedback