000038664 - How to determine which node of a WildFly cluster should be designated as the Systems Operation Node (SON) in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Apr 1, 2020
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000038664
Applies ToRSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.1.x, 7.1.x, 7.2.x
Platform/Application Server: WildFly
 
IssueA frequently asked question is which node of a WildFly cluster should be designated as the Systems Operation Node (SON). The SON performs administrative activities such as data collections and AFX requests.
 
ResolutionAny node of a WildFly cluster may be designated as the SON. The recommendation is to make the domain controller the SON and not one of the general nodes. This is because no matter how many nodes in the cluster, none of the nodes can run if the domain controller is down. However, if one or more general nodes fail, and the domain controller is up, then the application will still be available. If one of the nodes that fails is the SON, the application will have limited functionality in that certain activities such as collections and AFX requests can only be running on the SON. By keeping the SON on the domain controller, full functionality can be maintained no matter how many nodes go down in the cluster with the exception of the domain controller.

This is best illustrated with an example. The following example illustrates this concept with a two-node cluster:
 

Scenario 1: The SON is on the domain controller.


 

Node 1: Domain controller and SON.
Node 2: General node.


If Node 1 goes down, the entire application becomes unavailable because a cluster cannot operate without a domain controller.
If Node 2 goes down, Node 1 will stay fully functional because it is the SON.
 


Scenario 2: The SON is on a general node.
 



Node 1: Domain controller.
Node 2: General node and SON.


If Node 1 goes down, the entire application becomes unavailable because a cluster cannot operate without a domain controller.
If Node 2 goes down, Node 1 will stay functional but with limited functionality since the SON will be gone. No data collections or AFX requests will process.


 

Attachments

    Outcomes