Creating User Management Service server clones

For production environments, you must configure multiple User Management Service servers to provide high-availability and load-balancing.
Quick start: For a quick start configuration, a web server is not required. Continue at Configuring single sign-on.
For a production environment, create multiple User Management Service servers by performing the following actions:
  1. The quickest and most reliable way to create server clones on the same machine is to create copies of a server subdirectory after the server was started at least once with basic configuration, for example, copying the contents of wlp/usr/servers/ums to wlp/usr/servers/ums2. This will contain the generated SSL certificate and LTPA key, however, this approach requires re-sharing the keys when they are regenerated.
  2. After copying a server configuration, you must customize the values that are specified for http_port and https_port in wlp/usr/servers/serverName/configDropins/overrides/umsVariables.xml because different server instances on a single machine cannot listen on the same port.
  3. Make sure that all server instances have an identical user registry configuration.
    Alternative: An alternative way of sharing configuration is to store shared configuration files in wlp/usr/shared/config and refer to the ${shared.config.dir} from within each server’s configuration. For more information, see Liberty: Directory locations and properties and Using include elements in configuration files. Ensure that each server clone listens to a different port by keeping this configuration information in an XML file that is not shared.
  4. All User Management Service servers must share the same LTPA key, which by default is stored in generated keystore in wlp/usr/serverName/resources/security/ltpa.keys.
    Tip: An easy way for sharing LTPA keys is described in Configuring LTPA in Liberty. You can point to a shared LTPA key file in ${shared.resource.dir} from the keysFileName of a new ltpa configuration element, as detailed in Liberty: Directory locations and properties.

Next, perform Configuring a web server.