Skip to content

fix: Bug #58523 - Add suitable startup probe for LDAP secondary servers #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 5, 2025
Merged

fix: Bug #58523 - Add suitable startup probe for LDAP secondary servers #1

merged 1 commit into from
Nov 5, 2025

Conversation

@charith-competa
Copy link
Collaborator

@charith-competa charith-competa commented Nov 4, 2025

Problem

Secondary LDAP servers were using a TCP-based startup probe that only checked if port 389 was listening, not if replication had completed. This could cause secondary servers to receive traffic before replication data was available, leading to errors when clients queried data that hadn't been replicated yet.

Solution

  • Added startupProbeSecondary configuration with exec-based probe
  • Probe queries base DN to verify LDAP is responding and data is accessible
  • Updated statefulset-secondary.yaml to use startupProbeSecondary with coalesce fallback to default startupProbe
  • Increased failureThreshold to 30 to allow sufficient time for initial replication to complete

Changes

  • helm/ldap-server/values.yaml: Added startupProbeSecondary configuration with exec command that queries base DN
  • helm/ldap-server/templates/statefulset-secondary.yaml: Updated startupProbe to use startupProbeSecondary if defined, otherwise fallback to default

Testing

  • Verified Helm template renders correctly with exec command for secondary servers
  • Confirmed primary servers still use default tcpSocket probe (unchanged)
  • Pattern matches existing readinessProbePrimary exec-based probe approach

Related

  • Bug #58523

@charith-competa
fix: Bug #58523 - Add suitable startup probe for LDAP secondary servers
f7d533c 
Added startupProbeSecondary with exec-based probe that queries base DN to verify replication completion. Updated statefulset-secondary.yaml to use the new probe with coalesce fallback.
@charith-competa charith-competa merged commit ddcb320 into main Nov 5, 2025
@charith-competa charith-competa deleted the fix/58523-ldap-startup-probe-replication branch November 21, 2025 03:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@graememacpherson graememacpherson graememacpherson approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@charith-competa @graememacpherson