The current LDAP service is running on triana.nceas.ucsb.edu, and it makes sense that the shibboleth services would run on the same machine. This needs to be discussed with Nick Brand, but I think it will be the best location.

I'm in the process of deploying two IdPs on one machine to see if they can coexist. So far so good, but I still need to get this newer IdP registered with CILogon to make sure.

I have the ou=Account and the o=unaffiliated accounts both running on the same mn-demo-5.test.dataone.org server in the CILogon test environment. So I think we should be good running two (or more) IdPs on the same server in the same Tomcat container. We do have to do a couple more configuration steps to use contexts other than "idp" but they are pretty trivial.

So, is triana the one?

Talked to Nick about the set-up:

Will make new VM on the same host that houses triana.nceas.ucsb.edu.¶

Deploy each IdP using distinct hostnames:¶

identity.nceas.ucsb.edu (ou=Account)¶

identity.ecoinformatics.org (o=unaffiliated)¶

This means we need another IP for the VM

The new server is up. Ben has sudo, hostname is frey.nceas.ucsb.edu.

I set it up with monitoring, nightly tape backups, and stats collection.