1- The CA Identity Manager IME may have awareness of multiple IM Provisioning Servers but these are NOT used for load-balancing, but failover only.
2- The IM Provisioning Servers have minimal knowledge of peer servers.
Information shared between IM Provisioning Servers is limited to the shared Provisioning Directory DSAs.
As the number of transactions with provisoning events scale, the need for the provisioning tier to scale is required. Current default configurations may have 1-N number of J2EE servers communicating to a SINGLE IMPS (IM Provisioning Servers).
One method to address the default challenge, is the use of pseudo hostnames where the "primary IMPS server" may be different for every J2EE by using a different IP address for the psuedo hostname in the local J2EE OS host file.
- This configuration does NOT offer load-balancing, but does have the advantage of using multiple IMPS servers during transactions.
- This configuration relies on the J2EE load-balancing feature for any top-driven business logic, that may have provisioning, to use a dedicated IMPS server for every J2EE server.
- Load-Balancing configuration for the Identity Manager Provisioning Tier/Service (TCP 20390/20390).
- May be delivered as READ-ONLY for a first version.
- This would be expected to increase overall performance where 95% of all transactions observed are queries to the provisioning tier.
- Later release may be delivered with full load-balancing, where a messaging bus or similar would be used to manage any out-of-order challenges.
- Perhaps a documented configuration to use "load-share" feature as an intermediate router between the J2EE servers and the IMPS servers.