The following building blocks are needed to set up a multi-site deployment with synchronous replication.
The building blocks link to a blueprint with an example configuration. They are listed in the order in which they need to be installed.
| We provide these blueprints to show a minimal functionally complete example with a good baseline performance for regular installations. You would still need to adapt it to your environment and your organization’s standards and security best practices. |
Understanding the concepts laid out in the Concepts for multi-site deployments guide.
Ensures that synchronous replication is available for both the database and the external Infinispan.
Suggested setup: Two AWS Availability Zones within the same AWS Region.
Not considered: Two regions on the same or different continents, as it would increase the latency and the likelihood of network failures. Synchronous replication of databases as a services with Aurora Regional Deployments on AWS is only available within the same region.
Ensures that the instances are deployed and restarted as needed.
Suggested setup: Red Hat OpenShift Service on AWS (ROSA) deployed in each availability zone.
Not considered: A stretched ROSA cluster which spans multiple availability zones, as this could be a single point of failure if misconfigured.
A synchronously replicated database across two sites.
Blueprint: Deploy AWS Aurora in multiple availability zones.
A deployment of Infinispan that leverages the Infinispan’s Cross-DC functionality.
Blueprint: Deploy Infinispan for HA with the Infinispan Operator using the Infinispan Operator, and connect the two sites using Infinispan’s Gossip Router.
Not considered: Direct interconnections between the Kubernetes clusters on the network layer. It might be considered in the future.
A clustered deployment of Keycloak in each site, connected to an external Infinispan.
Blueprint: Deploy Keycloak for HA with the Keycloak Operator that includes connecting to the Aurora database and the Infinispan server.
A load balancer which checks the /lb-check URL of the Keycloak deployment in each site, plus an automation to detect Infinispan connectivity problems between the two sites.
Blueprint: Deploy an AWS Global Accelerator loadbalancer together with Deploy an AWS Lambda to disable a non-responding site.