Example configurations for mgmt-gateway with high availability

Use these examples to configure multiple mgmt-gateway instances with high availability (HA) in an active/standby configuration with keepalived for seamless failover.

Example mgmt-gateway configuration

service_type: mgmt-gateway   
placement:   
  label: mgmt   
spec:   
  enable_auth: true   
  virtual_ip: 192.168.100.220  # HA Virtual IP

Example of ingress configuration for keepalived

service_type: ingress   
service_id: ingress-mgmt-gw   
placement:   
  label: mgmt   
virtual_ip: 192.168.100.220   
backend_service: mgmt-gateway   
keepalive_only: true

Example for deploying the mgmt-gateway in a high availability configuration

The following is a complete example that shows all the components required to deploy the Ceph management gateway in HA mode with SSO enabled. The configuration includes the nodes, the management gateway, oauth2-proxy, and ingress. 
---
service_type: host
hostname: ceph-node-1
addr: 192.168.100.101
labels:
  - mgmt
---
service_type: host
hostname: ceph-node-2
addr: 192.168.100.102
labels:
  - mgmt
---
service_type: mgmt-gateway
placement:
  label: mgmt
spec:
  enable_auth: true
  virtual_ip: <your-virtual-ip>
---
service_type: oauth2-proxy
placement:
  label: mgmt
spec:
  provider_display_name: "<your-oidc-provider>"
  client_id: <your-client-id>
  client_secret: <your-client-secret>
  oidc_issuer_url: <your-oidc-url>
  allowlist_domains:
    - 192.168.100.1:8080
---
service_type: ingress
service_id: ingress-mgmt-gw
placement:
  label: mgmt
virtual_ip: <your-virtual-ip>
backend_service: mgmt-gateway
keepalive_only: true