On Tue, Jun 23, 2015 at 07:52:46AM -0700, Janelle wrote:
On 6/23/15 7:33 AM, John Hodrien wrote:
>On Tue, 23 Jun 2015, Janelle wrote:
>>Servers are behind a load-balancer. Address never changes.
>But one problem with that is that SSSD will see multiple servers as one
>server, and so will mark the server as failed if the load balancer
>with a broken back end server.
>Works much better in my experience when you tell SSSD about all the
Sadly that is not possible. If SSSD did load balancing when given multiple
servers, then yes, but it does not. When you are running 30,000 servers with
3000 users, you have to load balance or SSSD simply dies and an ssh login
takes 5 minutes to complete.
What is the configuration you were running here? I'm interested in
seeing how we can make SSSD not die :-)
The only way to make SSSD happy and not kill
the single server it would point to is to have multiple servers behind a
Hmm, did you consider SRV records as John pointed out elsewhere? Then
you could load-balance using weight fields of SRV records..
Am I completely off base to think this is the way to go? Can SSSD be
taught to actually load balance?
I'm not exactly sure how you would like SSSD to behave. Would this
ticket help - https://fedorahosted.org/sssd/ticket/2499