dopey
commented
2 days ago Hey @ILikePhysics π. Thanks for opening the issue!
This is not currently possible and it's also not something we we plan to support in step-ca (barring an outpouring of support from the community). In our opinion, HA features are outside the scope of this project. HA is broad and often entails different requirements for different users.
We do maintain other step-ca based projects that address HA requirements, but those projects are commercial (if you're interested in learning more, definitely reach out).
Hello!
Issue details
I would like to know if its currently possible (or if it could be easily implemented) to support connecting an instance of step-ca to a read-only instance of postgresql database.
Why is this needed?
I am trying to build a two nodes step-ca mini cluster consisting of a primary step-ca/postgres instance on node 1, and a standby step-ca/postgres instance on node 2.
My goal here is not to build a fully scalable HA cluster of step-ca, but rather a setup that can failover to a standby node that buys us time to recover in case of failure.
My postgres database on node 1 is the primary instance and any writes are replicated to the replica instance on node 2. While being in standby mode, the postgres instance on node 2 is in read-only mode. Therefore, I cannot start my step-ca instance on this node because it tries to create its tables even if they already exist (by replication).
To give some more context, I am using repmgr for the failover management and intend to use keepalived to switch the virtual/floating ip to the standby node in case of failure on primary node.
Thanks!