[OpenID] OpenId downtime
Kevin Turner
kevin at janrain.com
Fri Dec 7 04:08:17 UTC 2007
On Thu, 2007-12-06 at 19:29 -0800, Martin Fick wrote:
> As a simple home user you too can get that
> capability with email without relying on having
> several email addresses (a yahoo one, a gmail one...),
> or having an HA site (multiple uplinks, multiple
> backup servers...). You can host your
> own email server (I do for non-list type mail,)
> and you can have your ISP easily spool your
> email for you if your email server or link goes
> down!
I think the situation isn't quite analogous, as in most deployments I've
seen, as long as my mail server is down I still can't _read_ my mail, no
matter how many other people I have offering to spool it for me, because
it's stuck in a spool somewhere that's not accessible to my reader.
Somehow I do not think you would be satisfied with that solution for
OpenID.
> This seems like it is a lot harder to do with
> something like a web site? Can I do it with
> openid? Can I host my own openid server and have
> my DNS records suggest a backup if my server is
> down?
You can assign multiple IPs to a single domain, but AFAIK you can't
prioritize A records (see "round robin DNS"), so all the IPs need to be
live all the time and you need to keep them all synchronized.
It's pretty easy to synchronize the discovery information (XRDS). It
would get complicated to synchronize OpenID provider associations,
though. So one way to do this that might be "good enough" is to keep
your static XRDS copied to servers on two IPs. Your XRDS points to two
Service endpoints on different domains.
For example, say your identifier is "example.name", and you have two
OpenID servers at a.example.com and b.example.net. You'd set your DNS
up like this:
example.name IN A 10.0.0.1
IN A 192.168.0.1
And the static web servers on each of those IPs would serve an XRDS
containing this:
<Service>
<URI>http://a.example.com/endpoint</URI>
<URI>http://b.example.net/endpoint</URI>
</Service>
now, either example.com or example.net can go down, and you'll be fine.
If one of example.name's IPs goes down, things will kind of suck,
because half the time things will be directed to the broken server. But
maybe if you reload enough times, it'd probably work, maybe.
In summary: Those high availability techniques you mentioned? (backup
power, redundant uplinks, live failover servers) Those are good. Use
those. DNS is not a failover mechanism.
More information about the general
mailing list