certificates
certificates copied to clipboard
smallstep
Possibility to connect to a read-only instance of postgres
Hello!
- Vote on this issue by adding a 👍 reaction
- If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)
Issue details
I would like to know if its currently possible (or if it could be easily implemented) to support connecting an instance of step-ca to a read-only instance of postgresql database.
Why is this needed?
I am trying to build a two nodes step-ca mini cluster consisting of a primary step-ca/postgres instance on node 1, and a standby step-ca/postgres instance on node 2.
My goal here is not to build a fully scalable HA cluster of step-ca, but rather a setup that can failover to a standby node that buys us time to recover in case of failure.
My postgres database on node 1 is the primary instance and any writes are replicated to the replica instance on node 2. While being in standby mode, the postgres instance on node 2 is in read-only mode. Therefore, I cannot start my step-ca instance on this node because it tries to create its tables even if they already exist (by replication).
To give some more context, I am using repmgr for the failover management and intend to use keepalived to switch the virtual/floating ip to the standby node in case of failure on primary node.
Thanks!
