Deploy Follower for OpenShift/Kubernetes integration

This topic describes the options for deploying a Follower for a Conjur - OpenShift / Kubernetes integration.

A Follower is a read only replica of the Conjur Leader. Followers are horizontally-scaling components that are typically configured behind a load balancer to handle all types of read requests from workloads and applications, including authentication, permission checks, and secret fetches.

In a Conjur - Kubernetes integration, the Follower can be deployed inside or outside the Kubernetes environment. Deploy the Follower using the method that best suits your use-case and organizational requirements.

Followers for OpenShift/ Kubernetes integrations do not support data segregation per Follower.

Follower inside the OpenShift/Kubernetes cluster

You can deploy the Conjur Kubernetes Follower or the Conjur Follower inside the cluster.

Follower Description

Conjur Kubernetes Follower

This Follower is specifically designed for deployment inside supported OpenShift/Kubernetes cluster.

It is unique in that it is a collection of microservices that run as separate containers as unprivileged (non-root) users within a Pod and, together, provide a scalable way to access the secrets stored in Conjur. For more information, see Conjur Kubernetes Follower.

To deploy the Conjur Kubernetes Follower, see Deploy Conjur Kubernetes Follower.

Conjur Follower

This Follower runs as a single container in the same Pod as the application it is serving. For more information about this Follower, see Conjur Follower.

To deploy this Follower inside Kubernetes, see Conjur Follower inside OpenShift/Kubernetes cluster.

Follower outside the OpenShift/Kubernetes cluster

To set up the Follower outside the Kubernetes cluster, see Deploy the Conjur Follower.