Bug 1508605 - [RFE] Hability to provide multiple ldap servers to an ldap client
Summary: [RFE] Hability to provide multiple ldap servers to an ldap client
Keywords:
Status: CLOSED DUPLICATE of bug 1459046
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: RFE
Version: 3.6.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: ---
Assignee: Paul Weil
QA Contact: Xiaoli Tian
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-11-01 18:55 UTC by hgomes
Modified: 2017-11-21 15:10 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-11-06 14:18:52 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description hgomes 2017-11-01 18:55:09 UTC 
Description of problem:

Currently OpenShift configuration only allows for pointing at a single authentication server.  

There is an elaborate workaround as described in both links below.

But a proxy shouldn't be necessary to make up for the platform being unable to reference two ldap servers.  

LDAP config:
https://docs.openshift.com/container-platform/3.6/install_config/configuring_authentication.html#LDAPPasswordIdentityProvider

Auth proxy workaround for HA:
https://docs.openshift.com/container-platform/3.6/install_config/advanced_ldap_configuration/sssd_for_ldap_failover.html#setting-up-for-ldap-failover


There is a expectation to be able to provide multiple ldap servers to an ldap client.  A proxy in the middle to provide HA feels like a workaround while you solve the actual client side issue.


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Paul Weil 2017-11-06 14:18:52 UTC 

*** This bug has been marked as a duplicate of bug 1459046 ***
Note You need to log in before you can comment on or make changes to this bug.