Hi Alejandro, There is a long list of considerations/preparation needed when running OpenLDAP in a container setup (we use Nomad). From memory: - use the HA proxy protocol, now supported in 2.5/2.6 so you see client IP's - DB persistence: make sure each container always has the same db files. - Sync cookies: make sure the containers sync from the same node each time. - Backups? (We use netapp mounts) - Logging? (I bundle rsyslogd in the container that handles queueing and fwd files to remote rsyslog through TCP). - Support for operations like provisioning, indexing and debugging.
Furthermore, I would separate the clusters in a simple replica only one (ro), and the one that is provisioned (rw). C. Le ven. 27 oct. 2023 à 18:11, Alejandro Imass <aim...@yabarana.com> a écrit : > > Hi there! > > We are working on a new installation and decided to try something new.. > > In the past I would have gone with multi-master with ldap balancer but after > reading and researching more and more on MDB, we decided to try to integrate > OpenLDAP into our current CI/CD pipelines using K8s. > > What we tried so far and it seems to work is initialize a common persistence > storage and then an auto scaling group that shares that common drive. Ech pod > has as many threads as virtual CPU it may have, and none of the pods can > write, except a dedicated write pod (single instance) with multiple threads > for writing. > > Is there anything else we are missing here? Any experience scaling OpenLDAP > with Kubernetes or other container technology. > > Thank you in advance for any comments, pointers or recommendations! > > -- > Alex
