High availability concepts

Concepts and architecture

Access Gateway high availability consists of:

  • A single administration instance of Access Gateway. The Administration instance, typically referred to as the admin node, is used to maintain and propagate configuration changes to worker nodes. In addition the admin node can be used a normal Access Gateway instance.
  • One or more worker instances, bound to the admin node, which service requests.
  • A customer provided load balancer, routing requests to the Access Gateway High Availability cluster.

Access Gateway high availability instance life-cycle overview:

  • An instance of Access Gateway is provisioned. This instance, referred to as the Admin node, is configured normally, including defining protected applications. Note that is not a requirement to configure applications or IDP support before configuring high availability.
  • Second and subsequent instances of Access Gateway are provisioned. These instances, referred to as Worker nodes, are not configured with applications, but rather obtain all configuration from the Admin node.
  • Worker nodes are then specifically configured to use the Admin node for all configuration. Once configured, worker nodes no longer expose the admin UI but can only be accessed using the command line interface.
Access Gateway High Availability architecture