cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Using a load balancer in front of replicated LDAP service for Windchill

Highlighted
Level 8

Using a load balancer in front of replicated LDAP service for Windchill

Hi

 

We have a 2-node clustered Windchill as well as a 2-node replicated LDAP service in a lab environment. Below is a brief on services configured.

  1. Site01
    1. Srv01 - Windchill, LDAP, HTTP
    2. Srv02 - Windchill, LDAP, HTTP
    3. Srv03 - Oracle Db
    4. Srv04 - CAD Worker + Main Vault
  2. Site02
    1. Srv05 - Remote File Server with Vault, HTTP and probably local Worker for Site02

Windchill service in Srv01 and Srv02 are clustered and sitting behind a F5 load balancer, working fine. LDAP service in Srv01 and Srv02 are replicated and replication works fine.

 

We see there are 2 ways to configure LDAP in this environment as following;

  1. Let LDAP services sit behind a Load Balancer like F5 BIG-IP and configure LDAP in Windchill using virtual IP given by Load Balancer. This way we can take advantage of load balancing as well as failover on LDAP services. Also, every time a new node is added, changes only need to be made on LB instead of all application nodes as well as Remote File Servers.
  2. Configure both LDAP servers in Windchill directly instead of going through a Load Balancer just like mentioned in https://goo.gl/sgY34r. This way we only get failover feature without load balancing of LDAP traffic. Also, any new nodes in future with LDAP service will need to be added in every application node as well as remote file servers.

Question is, which method is recommended, given the fact that an environment has got all above mentioned devices in place.

 

Regards,

1 REPLY 1

Re: Using a load balancer in front of replicated LDAP service for Windchill

Very well, the reply I got from PTC is that they never tried it. All what they tested is configuring multiple LDAP endpoints in Windchill application, which is fine with us.

 

But since an LB like F5 BIGIP, which very well supports LDAP traffic to be load balanced, I believe it can be used as well. This method got advantage over traditional one like less configuration hassle in application as well as using multiple LDAP endpoints in active-active setup. I did try it in a test environment.