regify provider loadbalancer setup
version 5.2.0-9616, 2022-04-12
If you run a VM environment with full redundancy (eg redundant hosts or cluster, redundant drives and redundant connectivity), you do not need to set up a redundant regify provider. In this case, you might simply set up one instance on your environment and use this together with a good backup policy.
In case you want to run the system on non redundant host(s) or on real hardware, please consider implementing one of the following redundant setup options.
A regify-provider must be operated in a redundant setup. The following diagram shows a minimalistic setup as an example:
This minimalistic setup allows a switch to the slave provider in case of a malfunction of the master provider. In this case, the switch has to be done manually. Such setup can be recommended as an inexpensive, fairly resilient start-up constellation.
Fully redundant installation
The following diagram shows a more sophisticated setup with fully redundant instances of regify-providers and a redundant clearing connection:
Such setup ensures high availability and illustrates how scaling can be achieved. Both the connections to the regify clearing-service and the complete regify application run in fully redundant mode. The databases are synchronized in real time (master-master synchronization). Alternatively, your own MySQL cluster may get used. The loadbalancer distributes the load of incoming requests between the two regify-provider appliances.
If you plan to use a loadbalancer in your infrastructure, we recommend you to use the following setup:
Do SSL offloading on the loadbalancers (recommended).
Enable session persistance on the loadbalancer (important) .
Chose master-master replication on the appliances (important).
Configure loadbalancer to forward all http:// connections to https://
(important in case of SSL offloading).
Please use the source IP address for sticky sessions / session persistance. The regify session cookies are changing to prevent session hijacking and, therefore, can not get used.
The following setup examples are showing the IP setup in case of a regify provider hosting two domains (main provider ABC.COM and one subprovider DEF.COM).
Loadbalancer with SSL offloading
Loadbalancer without SSL offloading
Example IP addresses:
Public IP A: 188.8.131.52 (DNS to ABC.COM)
Public IP B: 184.108.40.206 (DNS to DEF.COM)
Internal IP A: 10.10.10.1
Internal IP B: 10.10.10.2
Internal IP C: 10.10.10.3
Internal IP D: 10.10.10.4