Skip to content

High Availability deployment in Kubernetes (multi-replica setup) #110

@fabn

Description

@fabn

Question

I'm planning to deploy mcp-auth-proxy in Kubernetes with multiple replicas for high availability.
I noticed the tool requires a /data volume and I have some questions about the correct setup.

Questions

  1. What is stored in /data?

    • Session data?
    • OAuth tokens?
    • Encryption secrets?
    • Something else?
  2. Can multiple replicas share the same volume?

    • Is a PVC with ReadWriteMany (RWX) access mode supported?
    • Are there any file locking issues to be aware of?
  3. Are sticky sessions required?

    • If session data is stored locally, do we need sessionAffinity: ClientIP on the Service?
    • Or can requests be load-balanced across replicas without issues?
  4. Alternative backends

    • I see --repository-backend supports sqlite, postgres, and mysql
    • Is using an external database (e.g., PostgreSQL) the recommended approach for HA setups?
    • If so, what schema/migrations are needed?

Current Setup (single replica)

volumes:
  - name: data
    persistentVolumeClaim:
      claimName: mcp-auth-data  # RWO

containers:
  - name: mcp-auth-proxy
    volumeMounts:
      - name: data
        mountPath: /data

Desired Setup

replicas: > 1

# Option A: Shared volume (RWX)?
# Option B: External database (PostgreSQL)?
# Option C: Sticky sessions + separate volumes per pod?

Any guidance on the recommended architecture for HA would be greatly appreciated.

Thank you.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions