In this post I am going to cover new feature introduced in Oracle Access Manager i.e. to deploy OAM in high availability (Active-Active) across Data Centres. For list of all the new features introduced in OAM 11gR2 PS2 click here. Till before 11gR2 PS2 (i.e. 11gR1 and 11gR2 PS1) you could deploy OAM in Active-Active within data centre but only in Active-Passive across data centres.
From OAM 11gR2 PS2 (188.8.131.52) you could use one of the three deployment model across data centres
1. Active – Active Mode : OAM cluster in Data Centre 1 and Data Centre 2 run Active – Active mode and both OAM clusters can be used at any given time (as shown in image above)
2. Active – Hot Standby Mode : OAM cluster in Data Centre 1 is active and OAM cluster in Data Centre 2 is running but not actively used until data centre 1 goes down.
3. Active – Standby Passive Mode : OAM cluster in Data Centre 1 is active and OAM cluster in Data Centre 2 is down. OAM cluster in data centre 2 can be bought up within reasonable time, if OAM cluster in primary data centre fails.
Key Points when deploying OAM across data centres in Active-Active mode
1. The WebLogic Server domain (containing OAM cluster) will NOT span across data centres. As shown in figure above, there will be two OAM WebLogic domains, one in Data Centre 1 and second OAM domain in data centre 2.
Note: You will have two WebLogic domains each containing 1 OAM cluster
2. Install (or use an existing OAM) and configure OAM domain in data centre 1 and install/configure (or clone) OAM in data centre 2 . Then use T2P (Test2Prod) tools to configure syncing of configuration and policies.
For more information on T2P (Test 2 Production) click here
3. WebGates in data center 1 will have Primary Server List pointing to OAM cluster in data center 1 and Secondary Server List pointing to OAM cluster in data center 2
4. WebGates in data center2 will have Primary Server List pointing to OAM cluster in data center 2 and Secondary Server List pointing to OAM cluster in data center 1
5. One of the OAM cluster is designated as master while other OAM cluster as clone, any modification to policies or configurations must be done on master OAM cluster .
More information to set one OAM as master check WLST setMultiDataCentreClusterName.
6. Other OAM cluster (in data centre 2) is designated as CLONE using WLST addPartnerForMultiDataCentre
8. Periodically syncing of data (policies/configuration) from Master to Clone happen using replication REST API
To learn more in Oracle Access Manager, Register for our free Minicourse by clicking on below image.
Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Specialising in Design, Implement, and Trainings.