Do any one of you guys have used Azure Loadbalancer SAS version for HAA Load balancing ?
I am having issues with changing the dll.config, identity config files and then modifying the values in the tables. Once these values are changed i am not able to Login to the Orchestrator Webpage either using the Load Balancer URL or the actual Orchestrator URL.
We currently have a single node Orchestrator and we are upgrading our architecture to a Multinode Orchestrator with HAA for high availability. While doing that we have setup the HAA Nodes and the Orchestrator is talking perfectly to the HAA Nodes.
Now we are bringing in the Load Balancer in front of the current Orchestrator (Fully functional and working). for doing this change as mentioned in your article we are making changes to the orchestrator.dll.config (IdentityServer.Integration.Authority,Auth.OAuth.SharedRobotOAuthAuthority,ExternalAuth.System.OpenIdConnect.Authority,ExternalAuth.System.OpenIdConnect.RedirectUri,ExternalAuth.System.OpenIdConnect.PostLogoutRedirectUri) and the appsettings.Production.json (“IdentityServerAddress”: “https://esot1rpa.abc.xyz.ca/identity” , “OrchestratorUrl”: “https://esot1rpa.abc.xyz.ca”) files to have the Load Balancer URL.
We are also making a change to the 2 DB Tables as you mentioned.
I have never used Azure before - but a stab in the dark - Have you updated/verified your IIS Site Binding on each of your Orchestrator Nodes to ensure it is listening to all available hostnames/protocols/ports combinations, whether you have it wildcarded or explicitly defined?
I would imagine there are health checks you can look at on the Load-balancers to see if the heartbeat is healthy to determine if a particular target/member should be included in the LB Pool, what does it look like when you check the LB? (Although if you are following the tutorial from @JithinKP I don’t see a section on Health Monitors for the F5 LB)
We use F5 LBs as well and I’ve defined a very simple Health Monitor that polls the /api/Status/Get endpoint every 5 seconds and looks for a 200 OK Response to determine if a member should be included in the pool.
I see no error on the Event Viewer on the IIS Server. When i searched the Internet for this error it seems like a certificate error “thumbprint” issue.
As Azure load Balancer does not support SSL offloading (I cannot update a certificate on the Azure Load Balancer) could it be the reason for this error ?