Hello,
Has anyone tried to configure this?
I'm looking to see if anyone has some sample configurations on how to get this working.
Thanks
Experts, looking for a answer. How to configure SSO in a HA environment using F5 load balancer?
The F5 part is fairly straightforward, just creating VIPs for the various ports required then binding them in a single persistence profile with the 'match across virtuals' checkbox. The bigger issue right now is that trying to replicate the suggested HA settings in SSO doesn't work as some of the file permissions prohibit the needed changes to files to point back at the VIP rather than the local real IP.
This is something we (VMware team at F5) have on our radar and are working on.
Simon
Hi Simon,
We are currently using gateway_ICMP to bother primary and secondary nodes and trying to do the install. It looks like the installation went to the 99% state and then failed with an error code 20030.( Failed to create Multisite Package) . we are not doing a multi site install, rather we are looking at HA. I have a case open with VMware and is escalated to higher level. No response yet.
Any help in this regard will be appreciated.
Here is the portion of the error:
e Sign On-build-941610: 01/31/13 14:28:44 Found "C:\Program Files\VMware\Infrastructure\jre
bin\java.exe"
VMware Single Sign On-build-941610: 01/31/13 14:28:44 Launch as logon user dcx7587
VMware Single Sign On-build-941610: 01/31/13 14:28:44 Found "C:\Program Files\VMware\Infrastructure\jre
bin\java.exe"
VMware Single Sign On-build-941610: 01/31/13 14:28:47 Process returned 0
VMware Single Sign On-build-941610: 01/31/13 14:28:47 Successfully ran the command
VMware Single Sign On-build-941610: 01/31/13 14:28:47 failOnError value is : 0
VMware Single Sign On-build-941610: 01/31/13 14:28:47 VMSSOExecuteJava::done Res: 0
VMware Single Sign On-build-941610: 01/31/13 14:28:47 End Logging
VMware Single Sign On-build-941610: 01/31/13 14:28:47 Begin Logging
VMware Single Sign On-build-941610: 01/31/13 14:28:47 --- CA exec: VMExecuteSSOCommand
VMware Single Sign On-build-941610: 01/31/13 14:28:47 Found "C:\Program Files\VMware\Infrastructure\SSOServer\utils\rsautil.cmd"
VMware Single Sign On-build-941610: 01/31/13 14:28:47 Performing Creating a package for MultiSite node operation
VMware Single Sign On-build-941610: 01/31/13 14:28:47 COMMAND USED: -S configure-riat --verbose -a create-instance-pkg -u admin --password ***** --instance-pkg-secret pass
VMware Single Sign On-build-941610: 01/31/13 14:28:47 GetPath::File: C:\Program Files\VMware\Infrastructure\SSOServer\utils\rsautil.cmd
VMware Single Sign On-build-941610: 01/31/13 14:28:47 GetPath::done Res: C:\Program Files\VMware\Infrastructure\SSOServer\utils
VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteA
VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteA::File: C:\Program Files\VMware\Infrastructure\SSOServer\utils\rsautil.cmd Len: 66
VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteA::Params Len: 114
VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteA::ShellExecuteEx Res: 1
VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteA::Process: 780
VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteA::done Res: 0
VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteWait::Execute Res: 0
VMware Single Sign On-build-941610: 01/31/13 14:28:54 ShellExecuteWait::WAIT_OBJECT_0
VMware Single Sign On-build-941610: 01/31/13 14:28:54 ShellExecuteWait::GetExitCodeProcess Process: 780 ExitCode: 1 Res: 1
VMware Single Sign On-build-941610: 01/31/13 14:28:54 ShellExecuteWait::done (wait) Res: 1
VMware Single Sign On-build-941610: 01/31/13 14:28:54 RunSSOCommand:: error code returned is 1 while launching C:\Program Files\VMware\Infrastructure\SSOServer\utils\rsautil.cmd
VMware Single Sign On-build-941610: 01/31/13 14:28:54 Posting error message 20030
VMware Single Sign On-build-941610: 01/31/13 14:30:12 MsiProcessMessage returned: 1
VMware Single Sign On-build-941610: 01/31/13 14:30:12 VMExecuteSSOCommand::done Res: 1603
VMware Single Sign On-build-941610: 01/31/13 14:30:12 End Logging
tcServerInst: 01/31/13 14:30:12
Were you ever able to resolve this? I'm encountering more folk load balancing SSO now, so may be able to help if you got past this error.
Simon
We did . I Know I have to reply back with details. I had the 3rd level support engineers (2) worked with me. We did this in 3 environments from start to end and it is working. According to VMware they are going to setup a new KB to address this. We used 3 KB’s to fix the issue. Majority of the issue was related to certs.
Thanks
Deepu
Yes somehow the majority of everyone's problems with vCenter & View relate to certs in some way
Yes I've seen a couple of draft documents which will make life a lot easier for people to do this in future.
Simon
Please read all three pars of this blog. Will be useful. It was helpful for us.
http://www.virtualantipodeans.com/2012/11/ha-vcenter-51-sso-and-web-client_29.html
Thanks
Deepu
Hi Guys,
I need assistance in setting up Load Balancer and setting up Additional node for failover in SSO HA mode.
Can you please let me know on how to proceed with Load balancer
Thanks