Closed danfmihai closed 4 months ago
sgissi
commented
1 year ago Hi @danfmihai, I have asked the Vaultwarden team and, in theory you can run multiple pods with the following caveats:
With that said, I have not tested it yet. Let me know if you run any test or find any issue
viollinn
commented
1 year ago Hello,
(sorry for my english)
I am trying to run it in HPA on a k3s cluster, so far found those issues using a mariadb-galera cluster:
sgissi
commented
1 year ago Hi @viollinn, thanks for testing that (and your English is good!). My understanding is that Vaultwarden is not necessarily developed to run distributed.
1) Tables created on all pods - As you said, you can start with one pod, wait until ready then scale. I have not looked at the code, if there is an option to just connect to the database, upgrade and exit. If there is, you could run the actual vaultwarden image as an init container.
2) Session issues - JWT tokens are derived from RSA keys stored in the filesystem. If your data folder is shared across instances, it should work. Do you have more details on the issue?
3) Storage for attachments - You can either disable attachments or run on a shared storage. Enabling attachments with a separate storage per Pod will end up with users randomly unable to download their attachments.
4) Websockets - In a previous discussion with the Vaultwarden team, they mentioned that websocket will be a problem. The notification can come from any instance and if your websocket is not connected to the same instance, you will lose the notification. For what it is worth, WS is only used by desktop applications, not mobile.
sgissi
commented
4 months ago I'm closing this issue as it is more of an application issue to support multiple instances than this chart. If/When Vaultwarden supports that, I can work on HPA for the chart.
Any idea how to make vaultwarden work with multiple replicas? I currently use the built in SQLite database, if it matters. Thanks.