Running Shibboleth SP in Kubernetes

Luo, Pan pan.luo at ubc.ca
Sat Sep 3 00:16:42 UTC 2022 

Hi Spencer,

We also run shib in k8s for different applications, e.g. webwork and JupyterHub (we used to do it with Moodle but migrated to a plugin to simplify the architeture). The approach we took is focused on scalability and HA. We are using shared DB for session storage and separate deployment for apache and Shibd. When having multiple apache and Shibd pods, we don't have a single point of failure. Also we can scale them independently. 

Here is the repo for our Shibd container: https://github.com/ubc/shibd-docker <https://github.com/ubc/shibd-docker>
And charts for webwork as an example: https://github.com/ubc/charts/blob/master/webwork/templates/deployment.yaml <https://github.com/ubc/charts/blob/master/webwork/templates/deployment.yaml>

Hope it helps.

Cheers,
Pan



> On Sep 1, 2022, at 7:14 AM, Spencer Thomas via users <users at shibboleth.net> wrote:
> 
> [CAUTION: Non-UBC Email]
> Just wondering if anyone here has deployed the SP into Kubernetes. Right now we are deploying onto a Debian instance in AWS EC2. I guess one option is just to make a fairly heavyweight container that replicates that deployment. But I’m interested to hear if anyone has come up with a more “Kubernetes native” implementation.
>  
> -- 
> Spencer Thomas
> Technical Architect 
> ITHAKA <https://www.ithaka.org/> 
> 301 E. Liberty St, Suite 250, Ann Arbor, MI 48104
> Email: Spencer.Thomas at ithaka.org <mailto:Spencer.Thomas at ithaka.org>
> Voicemail: +1-734-887-7004
> ithaka.org <https://www.ithaka.org/> 
> <image001.png>
>  
> -- 
> For Consortium Member technical support, see https://shibboleth.atlassian.net/wiki/x/ZYEpPw <https://shibboleth.atlassian.net/wiki/x/ZYEpPw>
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net <mailto:users-unsubscribe at shibboleth.net>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20220903/7fef1a94/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1400 bytes
Desc: not available
URL: <http://shibboleth.net/pipermail/users/attachments/20220903/7fef1a94/attachment.p7s>

More information about the users mailing list