Configuring Failover and Redundancy in a Single Data Center (Windows)

To achieve failover and redundancy, you can add multiple VMware Identity Manager machines in a cluster. If one of the machines shuts down for any reason, VMware Identity Manager is still available.

You install and configure VMware Identity Manager on a Windows server, and then you run a script to create an ENC file that is a copy of the first instance of the VMware Identity Manager for Windows with the same configuration as the original.

Before you create a copy of the first instance, you must configure the first node behind a load balancer and change its Fully Qualified Domain Name (FQDN) to match the load balancer FQDN. Also, complete the directory configuration in the VMware Identity Manager service before you create the ENC file.

You run theVMware Identity Manager for Windows installer on each node and import the copied ENC file. You can customize these nodes to change the name, network settings, and other properties, as required. Each node has a different IP address. This IP address must follow the same guidelines as the IP address for the first node. The IP address must resolve to a valid host name using forward and reverse DNS.

All nodes in the cluster are identical and nearly stateless copies of each other. Syncing to Active Directory and to resources that are configured, such as Horizon, is enabled on the first node, but disabled on all other nodes in the cluster.

Network Partitions

Creating a network partition between nodes in a VMware Identity Manager cluster is not recommended. If a network partition exists between VMware Identity Manager service nodes such that the nodes cannot communicate with each other, and if all the nodes are still accessible from the load balancer, letting login requests go to any of the partitioned nodes, you might encounter the following problems:

You might see stale data across requests. For example, changes made to an access policy on one node might not apply to login requests that go to another node if there is a partition between the nodes.
Login calls that use the outbound connector might fail.