|
The Iron Rose posted:How do yall handle caching authentication tokens between multiple pods/processes/etc? Current practice is to just toss a 5min TTL JWT into the cluster local redis so the authentication service doesn’t get swamped with requests. I'd probably renegotiate your auth system with your vendor or fix the rate limit You can store the token as a Kubernetes secret, then use reflector to push the "secret" across the cluster, and reloader to verify the pod gets reloaded when the secret changes? I dunno how fast or scalable that is compared to redis, but that gives you a pure Kubernetes solution, at least in theory Edit: at 30k pods you're probably going to bring etcd to it's knees, making your cluster really grim performance wise, don't do this This is a great interview question Hadlock fucked around with this message at 22:19 on Apr 23, 2024 |
# ? Apr 23, 2024 22:11 |
|
|
# ? Apr 24, 2024 06:15 |