A.5 Test Environment: Vertical and Horizontal Scalability

In vertical scaling, the capacity (CPU and memory) of a single instance of an Access Manager component is increased and tested for performance and scalability.

In horizontal scaling, additional instances of Access Manager components are added to the component cluster and tested for performance and scalability.

A.5.1 Test Infrastructures

The test lab consists of virtualized isolated environment where in test servers are running as virtual machines on top of the VMWare ESXi Server.

The following diagram illustrates the virtual machine layout of a Vertical Scaling setup:

The following diagram illustrates the virtual machine layout of a Horizontal Scaling setup:

A.5.2 Test Configuration and Test Data

  • For login performance tests, the eDirectory user store with 3 replicas is used. These replicas have 100,000 users, which are synced across all replicas. A Secure Name Password Form authentication contract is used with a session time out of 10 minutes.

  • For active sessions scaling tests, the eDirectory user store with a single replica having 1,000,000 users is used. A Secure Name Password Form authentication contract is used with a session time out of 30 minutes.

  • For Access Gateway throughput and hit tests, 3 web servers with the static web pages of size 60 KB are used.

  • The performance tests are run with Borland Silk Performer version 16.5.

  • During the tests, the load test clients and the servers were using the TSL_DHE_RSA_WITH_AES_128_CBC_SHA ciphers for SSL negotiation. Any change in the cipher may impact the performance behavior of Access Manager components.

A.5.3 Access Manager Tuning

For detailed information about Access Manager tuning, see Tuning Parameters. The following details are specific to the vertical and horizontal scalability tests:

Identity Server Tuning

JAVA Memory Allocation

  • Vertical memory scaling tests: 70% of the total memory is allocated to Tomcat.

  • Horizontals scaling tests: 8 GB memory is allocated to Tomcat in each Identity Server configuration.

You can allocate the Java memory by modifying –Xms and Xmx values in tomcat.conf.

For information about how to modify a file, see Modifying Configurations in the NetIQ Access Manager 5.0 Administration Guide.

Tomcat Max open files

The value of Tomcat max open files is set to 16384. This can be set by adding the following entry in the tomcat.conf file:

ulimit -Hn 16384
ulimit -Sn 16384

For information about how to modify a file, see Modifying Configurations in the NetIQ Access Manager 5.0 Administration Guide.

Access Gateway Tuning

You can allocate the Java memory by modifying –Xms and Xmx values in tomcat.conf.

  • In vertical memory scaling tests, 70% of the total memory is given to Tomcat.

  • In horizontals scaling tests, 8 GB memory is allocated to Tomcat in each Access Gateway configuration.

For information about how to modify a file, see Modifying Configurations in the NetIQ Access Manager 5.0 Administration Guide.