Skip to content

Instantly share code, notes, and snippets.

@timlevett

timlevett/doc.md

Last active October 29, 2015 16:36
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save timlevett/22dadc049152f2b1d4df to your computer and use it in GitHub Desktop.
Save timlevett/22dadc049152f2b1d4df to your computer and use it in GitHub Desktop.
Download ZIP
MyUW : Outage and maintenance
Raw
doc.md

Introduction

The task at hand is to come up with a way to flag an application for an outage when MyUW is not down. If MyUW as a whole is down then they will be presented with the generic MyUW error page which is in place under /portal/500.html currently.

Solution 1

So right now the way people get into our MyUW applications is through /web. Which is handled by our layout manager. In uPortal 4.2 they introduced a life cycle of maintenance (uPortal-Project/uPortal#397). We could just flag the proper entity file for maintenance, and in the tomcat manager shut down the webapp. That should prevent people from seeing the application. Then if they deep link to it, it would show the 404 page which should suggest they go to / to find what they are looking for. That could be a simple enough solution if a single app goes down when MyUW is still up. This seems to happen very rarely. We may have to tweak the /web/ to deal with things in a maintenance state.

Solution 2

We could also introduce a outage war that if there is an application that is out, we simply inject this war in the real war's place (or do some magic on the httpd side).

Solution 3 (only valid after docker world is in production)

Once we introduce docker apps, then we could just redirect people to the outage page described in solution 2.

Solution 4

Create a generic outage page in uw-frame. Then suggest people check for there outage/maintence state (they could have a server side flag that they set) and route all traffic there. Should be easy.

@apetro
Copy link

apetro commented Oct 29, 2015

I am looking forward to Docker.

So, the JSR-286 version of this feature felt a lot like Access Control. As in, yanking access by reducing the groups able to SUBSCRIBE (i.e., render) the content, bumping the content into EXPIRED lifecycle state (so that only Admins could render it), or in the new MAINTENANCE lifecycle state which is a lot like EXPIRED but with user-facing messaging.

So I wonder about an Access-Control-oriented solution at the httpd layer, as in in the Shibboleth SP configuration, to bounce users not in a sufficient Manifest group to an error page. This would have some nice properties in allowing continued access by privileged users working on the outaged app.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment