Set up Follower

This section describes how to deploy a Conjur Follower. A Follower is a read only replica of the Conjur Leader. Followers are horizontally-scaling components that are typically configured behind a load balancer to handle all types of read requests from workloads and applications, including authentication, permission checks, and secret fetches.

Deploy the Follower that fits your use-case and organizational requirements.



Non-OpenShift / Kubernetes integrations

The Conjur Follower is deployed as any other Conjur Server, and is configured using the Follower seed file obtained from the Conjur Leader.

To deploy the Conjur Follower, see Deploy the Conjur Follower.

OpenShift / Kubernetes integration

  • Conjur Kubernetes Follower - This Follower is specifically designed for deployment inside supported OpenShift/Kubernetes clusters.

    It is unique in that it is a collection of microservices that run as separate containers as unprivileged (non-root) users within a Pod and, together, provide a scalable way to access the secrets stored in Conjur.

    To deploy the Conjur Kubernetes Follower, see Deploy Conjur Kubernetes Follower.

  • Conjur Follower - This Follower can be deployed both inside and outside the OpenShift / Kubernetes cluster

    • Inside the Kubernetes cluster, this Follower runs as a single container in the same Pod as the application is it serving. The Follower authenticates to Conjur using cert-based or JWT-based authentication. See Conjur Follower inside OpenShift/Kubernetes cluster.

    • Outside the Kubernetes cluster, this Follower is configured using the Follower seed file obtained from the Conjur Leader. See Deploy the Conjur Follower.

Followers for OpenShift/ Kubernetes integrations do not support data segregation by Follower.