System/Architecture Overview
Components
Summary
Before beginning the CAS build and configuration process, you will want to plan out your server environment. Below is how we have things setup - but by no means is the only way.
We at New Paltz have a three-tiered CAS consisting of:
- Development: This is used exclusively for deploying/configuring/testing CAS itself - no end users use this.
- Test: This is used for test applications/environments which still need authentication such as Banner Test. Since there are a number of IT staff and end users testing these applications, changes here can still impact users though far less than production.
- Production: The actual public facing CAS.
Within each tier, you will want one or more servers. We do something similar to the following:
-
Development
- login6deva
- login6devb
- logindev: Public-facing load balanced virtual host
-
Test
- login6testa
- login6testb
- logintest: Public-facing load balanced virtual host
-
Production
- login6proda
- login6prodb
- login6prodc
- login: Public-facing load balanced virtual host
Each of these servers for us are RHEL 8 hosts, with:
- 2 virtual CPUs for production, 1 for test/dev
- 4 GB memory (though you may need more or less depending on load)
- 25 GB disk
For the official requirements, see the Apereo CAS Installation Requirements document.
I will document both how to set these up manually, as well as my Ansible playbooks which handle deployment (of Apache, Apache Tomcat, and CAS itself).
I've put a copy of my ansible playbooks that are used in this document at: (https://github.com/paulchauvet/ansible-playbooks).