High Availability deployment in Kubernetes (multi-replica setup)

[fabn]

Question

I'm planning to deploy mcp-auth-proxy in Kubernetes with multiple replicas for high availability.
I noticed the tool requires a /data volume and I have some questions about the correct setup.

Questions

1. What is stored in /data?

   • Session data?
   • OAuth tokens?
   • Encryption secrets?
   • Something else?

2. Can multiple replicas share the same volume?

   • Is a PVC with ReadWriteMany (RWX) access mode supported?
   • Are there any file locking issues to be aware of?

3. Are sticky sessions required?

   • If session data is stored locally, do we need sessionAffinity: ClientIP on the Service?
   • Or can requests be load-balanced across replicas without issues?

4. Alternative backends

   • I see --repository-backend supports sqlite, postgres, and mysql
   • Is using an external database (e.g., PostgreSQL) the recommended approach for HA setups?
   • If so, what schema/migrations are needed?

Current Setup (single replica)

volumes:
  - name: data
    persistentVolumeClaim:
      claimName: mcp-auth-data  # RWO

containers:
  - name: mcp-auth-proxy
    volumeMounts:
      - name: data
        mountPath: /data

Desired Setup

replicas: > 1

# Option A: Shared volume (RWX)?
# Option B: External database (PostgreSQL)?
# Option C: Sticky sessions + separate volumes per pod?

Any guidance on the recommended architecture for HA would be greatly appreciated.

Thank you.