On 6/23/15 7:33 AM, John Hodrien wrote:
On Tue, 23 Jun 2015, Janelle wrote:
> Servers are behind a load-balancer. Address never changes.
But one problem with that is that SSSD will see multiple servers as one
server, and so will mark the server as failed if the load balancer
with a broken back end server.
Works much better in my experience when you tell SSSD about all the
Sadly that is not possible. If SSSD did load balancing when given
multiple servers, then yes, but it does not. When you are running 30,000
servers with 3000 users, you have to load balance or SSSD simply dies
and an ssh login takes 5 minutes to complete. The only way to make SSSD
happy and not kill the single server it would point to is to have
multiple servers behind a VIP. Am I completely off base to think this
is the way to go? Can SSSD be taught to actually load balance?