CAS 5.3.x with Mongo Ticket Store (anyone had any issues)

[Justin Isenhour]

Hey All,

We are planning to go live in production with CAS 5.3.7 using MongoDB ticket store in the next 6 weeks.  We have been using CAS for many years and are upgrading from 3.5.1 and DB2.  We been running this in non-prd environment for last few months and everything has performed well even under many various load/capacity tests.  Just wanted to reach out to the community at large to find out if anyone else is running CAS 5 with MongoDb Ticket Store and have you had any issues, advice, or lessons learned that could help us head off any potential future production incidents? 

Thanks in advance,

Justin Isenhour

[Andy Ng]

Hi Justin,

This thread might be a good read for your :) 

https://groups.google.com/a/apereo.org/forum/#!searchin/cas-user/mongodb$20service$20david|sort:date/cas-user/tCk7jJz5pnE/Tilp-dbqBwAJ

Basically, it seem if too high stress and MongoDB will have some minor problem, you can check out more detail in the thread above.

Cheers!

- Andy

[David Curry]

Since the first and last messages in the thread Andy points to were mine, I'll add a follow-up with current information. We did indeed switch from a MongoDB ticket registry (which seemed to have issues under heavy-ish load) to a Hazelcast ticket registry, based on what we learned from that thread.

Since we did that about 11 months ago, we have not had any issues with the ticket registry.

Based on our experience, I would not recommend MongoDB for the ticket registry (it continues to work very well for us as the service registry, however).

--Dave

--

DAVID A. CURRY, CISSP
DIRECTOR • INFORMATION SECURITY & PRIVACY
THE NEW SCHOOL • INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 646 909-4728 • david...@newschool.edu

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/a541b16d-beab-4ce6-8cfd-ce5015e70a81%40apereo.org.

[Justin Isenhour]

Thanks for the feedback.  We have started seeing performance issues as well, we just stared doing load testing with Mongo Ticket store and are seeing high CPU utilization with AWS EC2 M5 XXL (8cpu/32gb ram) which was surprising.  My original design was to use Mongo only for Service Registry and to use AWS Elasticache (Redis) for the ticket store.  We did lots of load testing with this stack and the performance was fantastic but then realized that the Redis instance that was setup for us was running in stand alone mode.  My goal with moving to CAS 5 & AWS was to be able to have complete HA across all layers of our SSO solution and this presented a risk for that.  I tried getting CAS 5.3.7 to work with Redis in cluster mode but was unable to get it working.  It seems that for cluster mode with SSL I need Jedis 3, Spring Data 2, and Spring Boot 2, which means I need to upgrade to CAS 6.  Since we could not get clustering working we thought it would be easy enough to switch the ticket store to Mongo since we were already using it and Mongo typically performs well and we are getting close to our production date.  This would have been a short term solution to meet our goals then we would upgrade CAS to v6.x and switch back to Redis with clustering.  Seems now that is not going to work because of the performance issues noted so we are going to re-evaluate our options.  

Thanks for all the feedback from this group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-...@apereo.org.