Appendix - Logi Load Balancing: Keyfactor Command Configuration Wizard Setup

In order for the Keyfactor Command Management Portal Dashboard and Reports to load when using a load balancer, the Keyfactor Command Configuration Wizard should have the following configuration on each of the application servers:

  • On the Keyfactor Command Portal Tab, the Host NameClosed The unique identifier that serves as name of a computer. It is sometimes presented as a fully qualified domain name (e.g. servername.keyexample.com) and sometimes just as a short name (e.g. servername). must be the Load Balanced URL.

    Figure 525: Logi Configuration Settings—Keyfactor Command Portal Tab

  • Dashboard and Reports Tab:
    • The Host Name must be the Load Balanced URL. This is the host name that the Management Portal server uses to connect to the Logi Analytics Platform, and it therefore needs to be the name used on the internal side of the network.
    • The Keyfactor Command Site IP Address(es) must contain:
      • The application machine IPv4 addresses for all of the servers that will be load balanced.
      • The application machine IPv6 addresses for all of the servers that will be load balanced if IPv6 is enabled.
      • The internal IPv4 addresses of the load balancer that the load balancer will use to connect to the application servers.

    Figure 526: Logi Configuration Settings—Keyfactor Command Dashboards and Reports Tab

Tip:   All IP Addresses that could be used internally to connect to the Logi application must be in the Dashboard and Reports configuration section in the configuration wizard. This includes the application host IPs and the load balancer IPs. It is also recommended that the host file is modified to map the load balancer URL to the local IP address.

  • Load Balancer

    On the load balancer, a new rewrite rule needs to be made that changes the outbound URL from the application servers. Logi sends the HostNameClosed The unique identifier that serves as name of a computer. It is sometimes presented as a fully qualified domain name (e.g. servername.keyexample.com) and sometimes just as a short name (e.g. servername)..domain.com/KeyfactorAnalysis URL back to the browser instead of the LoadBalancer.URL.com/KeyfactorAnalysis URL that the browser needs to complete the Logi authorization. In short, an Outbound rewrite rule needs to be created on the Load Balancer that does the following: HostName_URL/KeyfactorAnalysis needs to be converted to LoadBalancer_URL/keyfactorAnalysis

  • Load Balancer - Session Affinity

    There are two load balancing scenarios based on user session management: Sticky session (recommended) and Non-Sticky session. In the Sticky session scenario, each user is assigned to a server by the load balancer and all the requests sent by this user are answered by the same server, for as long as the user's session persist. This is the recommended approach and does not require you to centralize the rdDataCache folder of the application. We strongly recommend using Sticky session instead. You can learn more about Load Balancing with Info applications on DevNet.