Lamar University CAS HA

•

0 likes•418 views

The document discusses the architecture of a high availability Sakai installation across multiple sites to serve users during hurricanes. It describes the strategic goal of single sign-on across sites, technical requirements like high availability and scalability, and constraints of limited budget and resources. It outlines the components used, including VMs, SAN storage, and F5 load balancers. Key decisions around ticket replication, routing logic, and experiences operating in production environments are also summarized.

Technology Education

High Availability in Hurricane
Alley
Multi-site multi-node CAS
Deep in the Heart of Texas
Srinivas Varadaraj & Bill Thompson

Jasig Sakai Conference 1

Agenda
1. Strategy
2. Technical requirements
3. Constraints
4. Stuff at hand
5. Architectural decisions
6. Cluster & production architecture
7. Challenges and solutions
8. Multi-site routing
9. Production experiences
10. Questions & Comments

Jasig Sakai Conference 2

Strategic requirements
Single Identity

Single Sign On/ Single Sign Off

Maximize self service tools

Improved user experience

Jasig Sakai Conference 3

Technical requirements
• Application Compatibility
• High Availability
• Rolling maintenance
• Transparency
• Scalability
• AD integration
• Customization(branding)

Jasig Sakai Conference 4

Constraints
• Limited budget , use existing resources.
– Power in the datacenters
– Single internet
– High latency connectivity

• Limited in-house development & experience
– Stay close to release code
• Aggressive timeframe

Jasig Sakai Conference 5

Stuff we had at hand
• SAN infrastructure with replication to DR
• VM clusters
• Site-to-site VPN based connectivity to DR
• F5 loadbalancers
• Dedicated firewalls
• Opportunity

Jasig Sakai Conference 6

Decisions ! Decisions ! Decisions !

• Virtual Machines
• SAN based storage
• The great ticket registry debate
• To replicate tickets or NOT !
• Building by cloning
• “Appliance” like
• SSL Local vs Offloading
• Cluster VS Standalone application servers
• Timeout !

Jasig Sakai Conference 7

Cluster components

Jasig Sakai Conference 8

Final Architecture

Jasig Sakai Conference 9

“Holy troubles, Batman!”
• SSL offloading
– Tomcat offloading workaround
• Authentication and Validation persistence
– User and application can go to either site.
– Enter site identifiers
• Multi-site ticket replication.
– Latency in WAN
• Algorithm usage in phpCAS clients and Java CAS
clients
• Slow performance of mod_auth_cas on VMs

Jasig Sakai Conference 10

Routing logic
• HTTP_REQUEST
• HTTP_REQUST_DATA
• HTTP_RESPONSE

Jasig Sakai Conference 11

$HTTP_REQUEST(Request from the client) HTTP_REQUEST{ 1) Grab header length to determine payload size 2) If both sites are down, redirect to a branded service unavailable page 3) If URI has siteID of other site and other site is up, route to other site 4) Otherwise default route to local site } Jasig Sakai Conference 12$

$HTTP_REQUEST_DATA(Payload manipulation) HTTP_REQUEST_DATA{ 1) Grab <samlp:AssertionAtrifact> from payload , this may contain siteID 2) if we have a siteID of the other side { If the siteID is Loadbalancer introduced { blank the loadbalancer extension } Route to other side else { if we have a siteID of the local side { If the siteID is Loadbalancer introduced { blank the loadbalancer extension } Route to local side } } Jasig Sakai Conference 13$

$HTTP_RESPONSE(Response from the server) HTTP_RESPONSE{ 1) Grab server’s response headers 2) If SiteID is not in the response header { Introduce a loadbalancer siteID to compensate for java CAS client } Release HTTP to client } Jasig Sakai Conference 14$

Experiences in Production

• Approx. 8 months in production
• 7 Applications in production 10 in development
• Survived two power outages at DR
• Survived multiple internet outages
• Successful rolling upgrades to MySQL & CAS
• Flow based redesign.
• LPPE
• Re-visit ticket registry
Jasig Sakai Conference 16

Questions/Comments
• Credits:
– CAS developers and community
– F5 & F5 devcentral
– Unicon
– LU & Txstate
• Thank you for your time !!
• Contacts:
– Sri: Sri@lamar.edu
– Bill: wgthom@unicon.net

Jasig Sakai Conference 17

This document discusses Amadeus' use of Redis clusters with Kubernetes and their plans to offer Redis as a managed service. It introduces the Redis cluster operator which manages Kubernetes resources for Redis clusters. It then explains how the operator can be combined with an Open Service Broker to provision Redis clusters through the Kubernetes Service Catalog, allowing Redis to be offered as a managed service to applications in a simple way. A demo of this Redis as a service setup is planned.

Azure reference architectures

Masashi Narumoto

This document provides guidance on choosing the right architectures and technologies for Azure solutions. It discusses architecture styles like n-tier, microservices, CQRS, and event-driven architectures. For each style, it covers the business and technical factors to consider, common patterns, and example component mappings to Azure services. It also summarizes reference architectures for big data and IoT solutions and compares approaches like lambda and kappa architectures. The overall document aims to help readers select the optimal architecture and technologies for their specific domain and workload.

WSO2 Advantage Webinar WSO2 BAM2 Integration with mule esb

WSO2

This document discusses monitoring Mule ESB using WSO2 BAM. It describes how to aggregate log data, server metrics, and transaction data from Mule using custom agents. This data is then analyzed using BAM's analytics capabilities and presented on dashboards. Specific techniques covered include using a Log4j appender to capture logs, an interceptor to capture transaction payloads, and JMX to monitor server resources. Real-time monitoring using BAM's CEP is also demonstrated.

CCV: migrating our payment processing system to MariaDB

MariaDB plc

CCV is a Dutch payment processor and loyalty provider. CCV's current payment processing platform is built on top of Microsoft SQL Server, but they are currently in the process of migrating it to MariaDB. This migration project is in progress and first production transactions are expected to run in 2020. In this session, Ernst Wernicke and Harry Dijkstra of CCV share how they are using MariaDB to meet critical high availability requirements, including geographic replication, zero data-loss, zero downtime (both planned and unplanned) and no single point of failure anywhere.

Oracle dba rac 11g training

FuturePoint Technologies

Oracle RAC (Real Application Clusters) allows clustering of Oracle databases across multiple nodes for high availability, scalability, and performance. It provides cache fusion for shared data access and multi-instance transaction behavior with extra background processes. The document outlines the installation and configuration of Oracle Clusterware and ASM, software installation and database creation, clusterware and RAC administration including services, performance monitoring, and backup/recovery in an Oracle RAC environment. It also describes workshops for single instance to RAC conversion and other administrative tasks.

Intro to MySQL Part I

Alkin Tezuysal

This document provides an overview of MySQL, including its architecture, features, best features, replication types, and use cases. MySQL is an open-source relational database that is popular, easy to use, supports multiple platforms, and is well-suited for web and e-commerce applications. The document discusses MySQL's architecture, features like transactions and indexing, and replication capabilities. It also provides references for further reading on MySQL optimization, backups, replication, and load balancing.

RedisConf18 - Video Experience Operational Insights in Real Time.

Redis Labs

This document summarizes a video operational insights platform that provides real-time analytics on key metrics like quality of experience (QoE) and audience engagement for live video streams. The platform uses Redis to store streaming event data with HyperLogLog for unique counting. It partitions data across local and global Redis clusters and aggregates metrics near real-time to provide insights on millions of events with latency under 20 seconds.

Serverless

Alkin Tezuysal

Serverless computing is becoming more popular with developers, as it enables them to build and run applications without needing to operate and manage servers. This talk will provide a high-level overview of serverless applications in the database world, including the use cases, possible solutions, services and benefits provided through the cloud ecosystem, with a focus on the capabilities of the AWS serverless platform.

This document discusses how caching can help address performance, scalability, and autonomy challenges for microservices architectures. It introduces Pivotal Cloud Cache (PCC) as a caching solution for microservices on Pivotal Cloud Foundry. PCC provides an in-memory cache that can scale horizontally and increase performance. It also allows for data autonomy between microservices and teams while providing high availability. PCC offers an easy and cost-effective way to cache data and adopt microservices on Pivotal Cloud Foundry.

Accelerate Business Agility with PaaS

WSO2

This document discusses how platform as a service (PaaS) can help organizations accelerate business agility. It notes that traditional application development struggles to deliver business solutions in a timely manner. PaaS is driven by the need for business agility and allows organizations to more quickly create, deploy, and manage applications. The document recommends that organizations adopt DevOps practices and PaaS technologies like WSO2 App Factory to reduce development times and improve collaboration.

How Pixid dropped Oracle and went hybrid with MariaDB

MariaDB plc

Pixid replaced Oracle Database with MySQL in 2011, then soon migrated to MariaDB to get better performance, more features and synchronous clustering for high availability. In addition to high-performance transactions, their customers needed access to fast analytics for self-service reporting and data exploration. Pixid started with a separate columnar database for analytics, but with the release of MariaDB ColumnStore, they found a more elegant solution – deploying a single database platform to handle both transactions and analytics. In this session, Antoine Gosset and Jérôme Mouret share how Pixid went from Oracle Database to handling both transactional and analytical workloads with MariaDB.

Recipes for a successful production cloudfoundry deployment - CF Summit 2014

Vinícius Carvalho

Proxysql use case scenarios hl++ 2017

Alkin Tezuysal

This document provides an overview of use case scenarios for ProxySQL, a database proxy that can improve scalability, high availability, and manageability of MySQL database operations. It describes how ProxySQL can be used for connection pooling and sharding to improve scalability, seamless failover and load balancing for high availability, and advanced query capabilities like caching, rewriting, and throttling queries. The document also provides examples of how companies have implemented ProxySQL to reduce load on databases and handle heavy workloads.

Automating Postgres Deployments on AWS and VMware, with Terraform and Ansible

EDB

The document discusses PostgreSQL deployments using tools like Terraform and Ansible. It covers: - Deploying PostgreSQL on various targets like bare metal, Kubernetes, private cloud - Options for PostgreSQL like EDB Postgres Advanced Server for performance and compatibility - A use case showing highly available PostgreSQL clusters with automatic failover and monitoring - Demonstrates deploying PostgreSQL using Terraform and Ansible scripts - Discusses monitoring and managing PostgreSQL at scale with tools from EDB Postgres Platform

Getting started in the cloud for developers

MariaDB plc

RedisConf18 - Designing a Redis Client for Humans

Redis Labs

This document discusses designing Redis clients that are easy for humans to use. It celebrates the success of Redis and its client ecosystem but notes some common problems clients face. It acknowledges the complexity added by Redis server features and network topologies. The document encourages both existing and new client authors to help address these problems and make clients even more full-featured and user-friendly.

Scylla Summit 2018: Scylla Feature Talks - Gains by Using Scylla-Specific Dri...

ScyllaDB

Scylla offers full compatibility with Cassandra, meaning any Cassandra application works unmodified with Scylla using the standard drivers available to the community. While this will still be the case, there are many gains to be had by using Scylla-specific drivers. Those drivers will work with both Cassandra and Scylla but upon detecting scylla-specific features they will able to unleash many performance optimizations. In this talk we will ll cover which scenarios will benefit from the Scylla drivers and what’s coming next.

Change Data Capture using Kafka

Akash Vacher

How to power microservices with MariaDB

MariaDB plc

Adoption of microservices is continuing at a rapid pace, but many deployments struggle when it comes to the database topology and data modeling. This session covers the pros and cons of different approaches (e.g., giving every microservice its own database or its own schema on a shared database) and various strategies for providing a consolidated view of data when different data is managed by different microservices.

Einführung: MariaDB heute und unsere Vision für die Zukunft

MariaDB plc

MariaDB is presenting at a roadshow in Hannover on building an easy to use, extendable, and deployable database. They highlight how MariaDB reduces costs compared to Oracle and is the default database on major Linux distributions and cloud platforms. MariaDB has an extensible architecture and over 40 plugins contributed by an active community to provide features like analytics, search, and replication.

Moving Beyond Cache by Yiftach Shoolman Redis Labs - Redis Day Seattle 2020

Redis Labs

This document summarizes a presentation about Redis version 6 and beyond. Some key points include: - Redis version 6 includes new features like ACL for security, client-side caching, diskless replication, and multi-threaded I/O. - Redis is positioned as both a cache and a database due to its speed, data structures, and ability to handle complex data models through modules. - Redis Enterprise provides additional capabilities like durability, high availability, geo-distribution, security and multi-tenancy. - Modern data models in Redis modules include Streams, RediSearch, RedisGraph, RedisTimeSeries, RedisAI, RedisJSON and RedisBloom. - RedisInsight is

Mysql ecosystem in 2018

Alkin Tezuysal

How to shard MariaDB like a pro - FOSDEM 2021

Alkin Tezuysal

This document discusses how Vitess can be used to shard MariaDB databases. Vitess is an open-source database clustering system that enables horizontal scaling of MySQL and MariaDB. It provides a control plane that includes a proxy server, orchestration tools, and supports sharding schemes. While Vitess supports MariaDB 10.3, more work is needed for full compatibility. The presentation demonstrates Vitess architecture and how it can route queries to different database shards in a transparent manner.

Architectural patterns for caching microservices

Rafał Leszko

RedisConf18 - The Intelligent Database Proxy

Redis Labs

1) The document discusses an intelligent database proxy called Heimdall Data that intercepts and forwards SQL traffic between applications and databases. 2) Heimdall caches SQL results automatically if there is a performance benefit and ensures data consistency. 3) It provides features like automated database failover, horizontal scaling, SQL analytics, and auditing without requiring code changes to applications.

5 Advantages of EDB's RemoteDBA Services

EDB

EDB offers RemoteDBA Services that provide on-demand, Postgres-certified talent to address organizations’ specific needs. A RemoteDBA can benefit your organizations in a variety of ways such as supporting the rapid growth and demands of your organization, support your staffing needs, as well as mitigate churn and reduce risk. This presentation covers the following steps to Remote DBA success: • Gain insights about how EDB’s RemoteDBA Services work • Identify challenges to ramping up and growing your Postgres systems • Learn about customer use cases where RemoteDBA makes the most impact • Evaluate next steps, and how to get started For more information on EDB’s RemoteDBA services please email sales@enterprisedb.com

Running database infrastructure on containers

MariaDB plc

This document discusses running MariaDB databases on containers and Kubernetes. It provides an overview of how containers offer advantages over traditional virtual machines by encapsulating dependencies and isolating processes. Kubernetes is presented as an open-source system for automating deployment, scaling, and management of containerized applications. The document also explores how MariaDB databases can be deployed in containerized environments, noting the need for data redundancy, dynamic discovery, self-healing, and application discovery of database clusters.

Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...

HostedbyConfluent

Deploying Cassandra Multi-cloud

Jeffrey Carpenter

One of the recent trends in cloud computing is the tendency for enterprises to use multiple clouds, either to take advantage of unique offerings per cloud vendor or to hedge their bets. Creating a data tier that spans multiple clouds is a key consideration in these architectures. Apache Cassandra is an ideal technology for the multi-cloud data tier due to its flexibility and resilience. In this talk we’ll discuss the challenges you’ll face in developing the data tier of multi-cloud applications, provide recommendations on how to address these challenges with Cassandra, and show how we created a sample application to demonstrate these recommendations in practice.

Coherence RoadMap 2018

harvraja

The document provides a roadmap for Oracle Coherence, including upcoming versions, new capabilities, and use cases. Key points include: - Coherence 19 will support JDK 8 and 11 and include new development, runtime, and cloud capabilities. - Common use cases for Coherence include as a web application platform, fast data platform, and for offloading backend/legacy systems. - New features in recent/upcoming versions include persistence, federated caching, security improvements, and leveraging Java 8 features like lambdas and streams.

What's hot

Caching for Microservices Architectures: Session I

VMware Tanzu

Accelerate Business Agility with PaaS

WSO2

How Pixid dropped Oracle and went hybrid with MariaDB

MariaDB plc

Recipes for a successful production cloudfoundry deployment - CF Summit 2014

Vinícius Carvalho

Proxysql use case scenarios hl++ 2017

Alkin Tezuysal

Automating Postgres Deployments on AWS and VMware, with Terraform and Ansible

EDB

Getting started in the cloud for developers

MariaDB plc

RedisConf18 - Designing a Redis Client for Humans

Redis Labs

Scylla Summit 2018: Scylla Feature Talks - Gains by Using Scylla-Specific Dri...

ScyllaDB

Change Data Capture using Kafka

Akash Vacher

How to power microservices with MariaDB

MariaDB plc

Einführung: MariaDB heute und unsere Vision für die Zukunft

MariaDB plc

Moving Beyond Cache by Yiftach Shoolman Redis Labs - Redis Day Seattle 2020

Redis Labs

Mysql ecosystem in 2018

Alkin Tezuysal

How to shard MariaDB like a pro - FOSDEM 2021

Alkin Tezuysal

Architectural patterns for caching microservices

Rafał Leszko

RedisConf18 - The Intelligent Database Proxy

Redis Labs

5 Advantages of EDB's RemoteDBA Services

EDB

Running database infrastructure on containers

MariaDB plc

Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...

HostedbyConfluent

What's hot (20)

Caching for Microservices Architectures: Session I

Accelerate Business Agility with PaaS

How Pixid dropped Oracle and went hybrid with MariaDB

Recipes for a successful production cloudfoundry deployment - CF Summit 2014

Proxysql use case scenarios hl++ 2017

Automating Postgres Deployments on AWS and VMware, with Terraform and Ansible

Getting started in the cloud for developers

RedisConf18 - Designing a Redis Client for Humans

Scylla Summit 2018: Scylla Feature Talks - Gains by Using Scylla-Specific Dri...

Change Data Capture using Kafka

How to power microservices with MariaDB

Einführung: MariaDB heute und unsere Vision für die Zukunft

Moving Beyond Cache by Yiftach Shoolman Redis Labs - Redis Day Seattle 2020

Mysql ecosystem in 2018

How to shard MariaDB like a pro - FOSDEM 2021

Architectural patterns for caching microservices

RedisConf18 - The Intelligent Database Proxy

5 Advantages of EDB's RemoteDBA Services

Running database infrastructure on containers

Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...

Similar to Lamar University CAS HA

Deploying Cassandra Multi-cloud

Jeffrey Carpenter

Coherence RoadMap 2018

harvraja

Cassandra Adoption on Cisco UCS & Open stack

DataStax Academy

Cisco has a large global IT infrastructure supporting many applications, databases, and employees. The document discusses Cisco's existing customer service and commerce systems (CSCC/SMS3) and some of the performance, scalability, and user experience issues. It then presents a proposed new architecture using modern technologies like Elasticsearch, Cassandra, and microservices to address these issues and improve agility, performance, scalability, uptime, and the user interface.

APIs, STOP Polling, lets go Streaming

Phil Wilkins

01282016 Aerospike-Docker webinar

Aerospike, Inc.

This document discusses using Docker containers with the Aerospike NoSQL database to simplify deployment from development to production. It provides examples of building a Python/Flask application with Aerospike in Docker for development and deploying it behind a load balancer to a Docker Swarm cluster for production. It also demonstrates scaling the web and Aerospike tiers independently by launching additional Docker containers.

OSDC 2017 - Christos Erotocritou - Apache ignite in-memory data fabric

NETWAYS

Apache Ignite is an integrated and distributed In-Memory Data Fabric for computing and transacting on large-scale data sets in real-time, orders of magnitude faster than possible with traditional disk-based or flash technologies. It is designed to easily power both existing and new applications in a distributed, massively parallel architecture on affordable, industry-standard hardware. Apache Ignite addresses today's Fast Data and Big Data needs by providing a comprehensive in-memory data fabric, which includes a data grid with SQL and transactional capabilities, in-memory streaming, an in-memory file system, and more.

Introduction to Apache Geode (Cork, Ireland)

Anthony Baker

Apache Geode Meetup, London

Apache Geode

Apache Geode is an open source in-memory data grid that provides data distribution, replication and high availability. It can be used for caching, messaging and interactive queries. The presentation discusses Geode concepts like cache, region and member. It provides examples of how large companies use Geode for applications requiring real-time response, high concurrency and global data visibility. Geode's performance comes from minimizing data copying and contention through flexible consistency and partitioning. The project is now hosted by Apache and the community is encouraged to get involved through mailing lists, code contributions and example applications.

Data Collection & Caching using redis | Swatantra Kumar

Swatantra Kumar

This document discusses using Redis caching to improve performance of the Cox & Kings Intranet Suite (CKIS) application. CKIS interacts with numerous internal and external databases and APIs. Caching is proposed to reduce database queries, requests to external services, and computation time. The document outlines problems with current performance including complex queries, dependencies, network latency. It introduces caching concepts and techniques like full page, SQL query, and response caching. Areas for performance tuning with caching include opcode, static content, image, and database caching. A proposed technology stack includes Redis for caching.

VMworld 2013: Virtualizing Mission Critical Oracle RAC with vSphere and vCOPS

VMworld

Why to Use an Oracle Database?

Markus Michalewicz

This presentation addresses and tries to provide a reasonable answer to the rather common question: "Why should we still use an Oracle Database?", which more often than not is raised by management, but in the presence of more and more "alternative solutions", also by non-Oracle database administrators who are looking to solve a particular problem. This is the first presentation of my "Oracle Fundamentals" presentation series. Note that slide 35 (of 38) is outdated and should not have been included. Unfortunately, SlideShare does not allow for re-uploads anymore and hence, I will leave it in for now.

Presto: Fast SQL-on-Anything Across Data Lakes, DBMS, and NoSQL Data Stores

Alluxio, Inc.

SimplifyStreamingArchitecture

Maheedhar Gunturu

This document discusses using Kafka and VoltDB together for streaming data architectures. It provides an overview of VoltDB as an operational database that can run entirely in-memory at web scale. It describes how VoltDB supports real-time analytics like counters, aggregates, and rankings through features like materialized views. The document also discusses how to configure Kafka producers and consumers to integrate with VoltDB importers and exporters. Using Kafka can simplify streaming data architectures by providing centralized queuing and resiliency while VoltDB supports low-latency transactions and analytics on streaming data.

What's New and Noteworthy on Oracle CAF 12.1.3

Bruno Borges

Apache Geode Meetup, Cork, Ireland at CIT

Apache Geode

This document provides an introduction to Apache Geode (incubating), including: - A brief history of Geode and why it was developed - An overview of key Geode concepts such as regions, caching, and functions - Examples of interesting large-scale use cases from companies like Indian Railways - A demonstration of using Geode with Apache Spark and Spring XD for a stock prediction application - Information on how to get involved with the Geode open source project community

Geek Nights Hong Kong

Rahul Gupta

This document provides an overview of Hazelcast, an in-memory distributed computing platform. It discusses Hazelcast's capabilities for distributed caching, data grids, and real-time processing. The document also provides details on Hazelcast's commercial support offerings, recent 3.7 release features including modularity and performance improvements, and roadmap including new client libraries and cloud integration.

Oracle WebLogic 12c New Multitenancy features

Michel Schildmeijer

WebLogic 12.2 introduces new multitenancy features including: - Improved high density deployment features through microcontainers and partitions that allow for increased isolation between tenant applications and resources. - Enhanced multitenancy capabilities including live partition migration to move running partitions between clusters with zero downtime. - Continuous availability features such as automated data center setup and failover, cross-domain transaction recovery, and multitenant live partition migration.

Confluent Platform 5.4 + Apache Kafka 2.4 Overview (RBAC, Tiered Storage, Mul...

Kai Wähner

Introducing new features in Confluent Platform 5.4 and Apache Kafka 2.4... CP 5.4 (based on AK 2.4) Security: Role-Based Access Control (RBAC) Structured Audit Logs Resilience: Multi-Region Clusters (MRC) Data Compatibility: Server-side Schema Validation Management & Monitoring: Control Center enhancements RBAC management Replicator monitoring Performance & Elasticity: Tiered Storage (preview) Stream Processing: New ksqlDB features like Pull Queries and Kafka Connect Integration (preview)

12 Factor Scala

Joe Kutner

The document discusses best practices for building and deploying Scala applications based on the 12 Factor App methodology. It covers topics like managing dependencies, separating configuration from code, building in a simple and automated way, scaling apps through stateless processes, achieving parity between development and production environments, and running admin tasks isolated from the main app. The presentation provides examples using tools like sbt, Dropwizard, and Heroku to demonstrate how to structure Scala apps according to the 12 factors.

MySQL Transformation Case Study: 80% Cost Savings & Uninterrupted Availabilit...

Mydbops

Discover how Mydbops achieved an impressive 80% cost savings and ensured uninterrupted availability through a transformative MySQL database case study. Join Vinoth Kanna RS, Co-Founder of Mydbops, as he shares insights into optimizing infrastructure, enhancing observability, and navigating critical technology decisions. Learn from real-world challenges, innovative solutions, and valuable takeaways for your own database management endeavors.

Similar to Lamar University CAS HA (20)

Deploying Cassandra Multi-cloud

Coherence RoadMap 2018

Cassandra Adoption on Cisco UCS & Open stack

APIs, STOP Polling, lets go Streaming

01282016 Aerospike-Docker webinar

OSDC 2017 - Christos Erotocritou - Apache ignite in-memory data fabric

Introduction to Apache Geode (Cork, Ireland)

Apache Geode Meetup, London

Data Collection & Caching using redis | Swatantra Kumar

VMworld 2013: Virtualizing Mission Critical Oracle RAC with vSphere and vCOPS

Why to Use an Oracle Database?

Presto: Fast SQL-on-Anything Across Data Lakes, DBMS, and NoSQL Data Stores

SimplifyStreamingArchitecture

What's New and Noteworthy on Oracle CAF 12.1.3

Apache Geode Meetup, Cork, Ireland at CIT

Geek Nights Hong Kong

Oracle WebLogic 12c New Multitenancy features

Confluent Platform 5.4 + Apache Kafka 2.4 Overview (RBAC, Tiered Storage, Mul...

12 Factor Scala

MySQL Transformation Case Study: 80% Cost Savings & Uninterrupted Availabilit...

Recently uploaded

A Deep Dive into ScyllaDB's Architecture

ScyllaDB

Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...

saastr

PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx

christinelarrosa

AppSec PNW: Android and iOS Application Security with MobSF

Ajin Abraham

Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application. This talk covers: Using MobSF for static analysis of mobile applications. Interactive dynamic security assessment of Android and iOS applications. Solving Mobile app CTF challenges. Reverse engineering and runtime analysis of Mobile malware. How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.

Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels

Northern Engraving

zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...

Alex Pruden

Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security. Paper Link: https://eprint.iacr.org/2024/257

Main news related to the CCS TSI 2023 (2023/1695)

Jakub Marek

An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers. The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 . The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .

9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...

saastr

"$10 thousand per minute of downtime: architecture, queues, streaming and fin...

Fwdays

Direct losses from downtime in 1 minute = $5-$10 thousand dollars. Reputation is priceless. As part of the talk, we will consider the architectural strategies necessary for the development of highly loaded fintech solutions. We will focus on using queues and streaming to efficiently work and manage large amounts of data in real-time and to minimize latency. We will focus special attention on the architectural patterns used in the design of the fintech system, microservices and event-driven architecture, which ensure scalability, fault tolerance, and consistency of the entire system.

Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...

Pitangent Analytics & Technology Solutions Pvt. Ltd

JavaLand 2024: Application Development Green Masterplan

Miro Wengner

Columbus Data & Analytics Wednesdays - June 2024

Jason Packer

GNSS spoofing via SDR (Criptored Talks 2024)

Javier Junquera

In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security. This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing. The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.

"Scaling RAG Applications to serve millions of users", Kevin Goedecke

Fwdays

The Microsoft 365 Migration Tutorial For Beginner.pptx

operationspcvita

LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...

DanBrown980551

This LF Energy webinar took place June 20, 2024. It featured: -Alex Thornton, LF Energy -Hallie Cramer, Google -Daniel Roesler, UtilityAPI -Henry Richardson, WattTime In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms. This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups. Three primary specifications will be discussed: -Discovery and client registration, emphasizing transparent processes and secure and private access -Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure -Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data

Y-Combinator seed pitch deck template PP

c5vrf27qcz

Christine's Product Research Presentation.pptx

christinelarrosa

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers

akankshawande

Must Know Postgres Extension for DBA and Developer during Migration

Mydbops

Mydbops Opensource Database Meetup 16 Topic: Must-Know PostgreSQL Extensions for Developers and DBAs During Migration Speaker: Deepak Mahto, Founder of DataCloudGaze Consulting Date & Time: 8th June | 10 AM - 1 PM IST Venue: Bangalore International Centre, Bangalore Abstract: Discover how PostgreSQL extensions can be your secret weapon! This talk explores how key extensions enhance database capabilities and streamline the migration process for users moving from other relational databases like Oracle. Key Takeaways: * Learn about crucial extensions like oracle_fdw, pgtt, and pg_audit that ease migration complexities. * Gain valuable strategies for implementing these extensions in PostgreSQL to achieve license freedom. * Discover how these key extensions can empower both developers and DBAs during the migration process. * Don't miss this chance to gain practical knowledge from an industry expert and stay updated on the latest open-source database trends. Mydbops Managed Services specializes in taking the pain out of database management while optimizing performance. Since 2015, we have been providing top-notch support and assistance for the top three open-source databases: MySQL, MongoDB, and PostgreSQL. Our team offers a wide range of services, including assistance, support, consulting, 24/7 operations, and expertise in all relevant technologies. We help organizations improve their database's performance, scalability, efficiency, and availability. Contact us: info@mydbops.com Visit: https://www.mydbops.com/ Follow us on LinkedIn: https://in.linkedin.com/company/mydbops For more details and updates, please follow up the below links. Meetup Page : https://www.meetup.com/mydbops-databa... Twitter: https://twitter.com/mydbopsofficial Blogs: https://www.mydbops.com/blog/ Facebook(Meta): https://www.facebook.com/mydbops/

Recently uploaded (20)

A Deep Dive into ScyllaDB's Architecture

Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...

PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx

AppSec PNW: Android and iOS Application Security with MobSF

Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels

zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...

Main news related to the CCS TSI 2023 (2023/1695)

9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...

"$10 thousand per minute of downtime: architecture, queues, streaming and fin...

Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...

JavaLand 2024: Application Development Green Masterplan

Columbus Data & Analytics Wednesdays - June 2024

GNSS spoofing via SDR (Criptored Talks 2024)

"Scaling RAG Applications to serve millions of users", Kevin Goedecke

The Microsoft 365 Migration Tutorial For Beginner.pptx

LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...

Y-Combinator seed pitch deck template PP

Christine's Product Research Presentation.pptx

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers

Must Know Postgres Extension for DBA and Developer during Migration

Lamar University CAS HA

1. High Availability in Hurricane Alley Multi-site multi-node CAS Deep in the Heart of Texas Srinivas Varadaraj & Bill Thompson Jasig Sakai Conference 1

2. Agenda 1. Strategy 2. Technical requirements 3. Constraints 4. Stuff at hand 5. Architectural decisions 6. Cluster & production architecture 7. Challenges and solutions 8. Multi-site routing 9. Production experiences 10. Questions & Comments Jasig Sakai Conference 2

3. Strategic requirements Single Identity Single Sign On/ Single Sign Off Maximize self service tools Improved user experience Jasig Sakai Conference 3

4. Technical requirements • Application Compatibility • High Availability • Rolling maintenance • Transparency • Scalability • AD integration • Customization(branding) Jasig Sakai Conference 4

5. Constraints • Limited budget , use existing resources. – Power in the datacenters – Single internet – High latency connectivity • Limited in-house development & experience – Stay close to release code • Aggressive timeframe Jasig Sakai Conference 5

6. Stuff we had at hand • SAN infrastructure with replication to DR • VM clusters • Site-to-site VPN based connectivity to DR • F5 loadbalancers • Dedicated firewalls • Opportunity Jasig Sakai Conference 6

7. Decisions ! Decisions ! Decisions ! • Virtual Machines • SAN based storage • The great ticket registry debate • To replicate tickets or NOT ! • Building by cloning • “Appliance” like • SSL Local vs Offloading • Cluster VS Standalone application servers • Timeout ! Jasig Sakai Conference 7

8. Cluster components Jasig Sakai Conference 8

9. Final Architecture Jasig Sakai Conference 9

10. “Holy troubles, Batman!” • SSL offloading – Tomcat offloading workaround • Authentication and Validation persistence – User and application can go to either site. – Enter site identifiers • Multi-site ticket replication. – Latency in WAN • Algorithm usage in phpCAS clients and Java CAS clients • Slow performance of mod_auth_cas on VMs Jasig Sakai Conference 10

11. Routing logic • HTTP_REQUEST • HTTP_REQUST_DATA • HTTP_RESPONSE Jasig Sakai Conference 11

12. HTTP_REQUEST(Request from the client) HTTP_REQUEST{ 1) Grab header length to determine payload size 2) If both sites are down, redirect to a branded service unavailable page 3) If URI has siteID of other site and other site is up, route to other site 4) Otherwise default route to local site } Jasig Sakai Conference 12

13. HTTP_REQUEST_DATA(Payload manipulation) HTTP_REQUEST_DATA{ 1) Grab <samlp:AssertionAtrifact> from payload , this may contain siteID 2) if we have a siteID of the other side { If the siteID is Loadbalancer introduced { blank the loadbalancer extension } Route to other side else { if we have a siteID of the local side { If the siteID is Loadbalancer introduced { blank the loadbalancer extension } Route to local side } } Jasig Sakai Conference 13

14. HTTP_RESPONSE(Response from the server) HTTP_RESPONSE{ 1) Grab server’s response headers 2) If SiteID is not in the response header { Introduce a loadbalancer siteID to compensate for java CAS client } Release HTTP to client } Jasig Sakai Conference 14

15. Jasig Sakai Conference 15

16. Experiences in Production • Approx. 8 months in production • 7 Applications in production 10 in development • Survived two power outages at DR • Survived multiple internet outages • Successful rolling upgrades to MySQL & CAS • Flow based redesign. • LPPE • Re-visit ticket registry Jasig Sakai Conference 16

17. Questions/Comments • Credits: – CAS developers and community – F5 & F5 devcentral – Unicon – LU & Txstate • Thank you for your time !! • Contacts: – Sri: Sri@lamar.edu – Bill: wgthom@unicon.net Jasig Sakai Conference 17

Editor's Notes

Consolidate identities on campus and standardize on a single LDAP service that provides that identity.Provide Single Sign On (SSO) standard to the campus compatible with a vast majority of existing applications, (Zimbra email, Self Service Banner, Blackboard LMS, payment gateway system, degree audit system, Library systems etc.)Introducing a self-service mechanism for account management and include this into the login flow process.Provide capabilities for a light weight portal which can be replaced with a full portal in the future.
Solution had to be compatible with majority of application. So, solution with open standards were most favorable.Solution had to highly available, resilient to both local disasters (datacenter outage, LAN and WAN outages, application service failures) and regional disasters ( Hurricanes).No single points of failureAbility to do maintenance work on the system without outage (rolling maintenance).This availability has to transparent to the user to keep the SSO process seamless.System had to easily scalable with load (horizontal or vertical).Tie into pre-existing AD with Attributes release to applications. Branding to match university standard requirements for regular browser access and mobile browser access.Active-active, or active-failover delivery model with automated failover of services.
Had to use existing network resources as much as possible ( existing LAN , WAN equipment and connections)Limited in house developers and experience led to very good partnership with Unicon to provide installation and ongoing support for install baseDesire to keep as close to the release code as possible without heavy customization.Latency link between the datacenters.Short timeframe :)
SAN based infrastructure , with VM clusters.A replication of core/mission critical data to the DR site from SAN to SAN over a site-to-site VPN tunnelLoadbalancer infrastructure (LTM) that supported SSL offload to a wildcard certificate.Dedicated datacenter firewalls at both primary and DR datacenters.Opportunity !
VMs clusters provided protection from hardware failures and ability to scale horizontally via cloning.SAN storage provided storage redundancy and protection from hardware failures with offline backup capabilitySSL offloading to the loadbalancers allowed us to save money by using the wildcard certs.Choice of ticket registry was much debate, it was down to EHCache and Database ticket registry.Chose to horizontally scale it to protect against service failures.To eliminate database failures taking down CAS, we chose an ndb cluster which allow, in memory data with periodic writes to disk, built in replication between nodes, multiple access points to the same data allowing building of VM like 'appliances' where each application instances
SSL offloading from Tomcat requires special setup in Apache + AJP , not a true solution but a workaround , < insert configuration here>To replicate tickets between sites or not ?Maintain persistence within the site ( options, source address vsjsession id)Maintain persistence across sites ?Authentication and Validation can happen at different sites, enter site identifiers.Routing traffic based on site identifiers. Site identifiers are all over the place, /serviceValidate is in the URI, /samlValidate its in the SAML payload, Java CAS client is unique !! unique ID is not generated using the same algoritms. So had to add and remove site identifiers on the loadbalancers

Lamar University CAS HA

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Lamar University CAS HA

Similar to Lamar University CAS HA (20)

Recently uploaded

Recently uploaded (20)

Lamar University CAS HA

Editor's Notes