My team has asked me to investigate the introduction of two additional IPA server into our
infrastructure. This means a total of 3 servers.
We also want to be able to load balance between these servers since we already have client
connected to our existing ipa server through LDAP.
I came across this blog post by Dmitri Pal, where he discusses some part of Identity
Manageent and Load Balancing (See:
https://www.redhat.com/en/blog/identity-management-and-load-balancing-red...)
Since we're using AWS i'm wondering if it's beneficial to load balance the
LDAP or if we just try like Dmitri mention in the blog post to use DNS SRV records. Would
it be possible for us to so and only point one FQDN in the /etc/sssd/sssd.conf for our
hosts?
E.g
IPA servers: DNS SRV Record
ipa1.example.com >>
ldaps_ipa.example.com
ipa2.example.com >>
ldaps_ipa.example.com
ipa3.example.com >>
ldaps_ipa.example.com
And put following in a sssd.conf file:
[
domain/example.com]
id_provider = ldap
ldap_uri =
ldaps://ipa.example.com