Hello, I am trying to run gluu Identity management server as containers in Kubernetes cluster. I am using your docker images as a base. I am facing issues with deployment and the actual issue depends on start up order of the services. Here is how I start my containers in Kubernetes. 1) I start consul first. All the volumes used by consul for the previous run are deleted. After simple verification that key value store is empty, I run locally following command to initialize consul with initial keys and values. ``` CONSUL=100.96.2.20 docker run --rm \ -v /home/robert/src/hubub-kubernetes/forgerock/keystore/2017/bundle.crt:/etc/certs/gluu_https.crt \ -v /home/robert/src/hubub-kubernetes/forgerock/keystore/2017/hubub.key.nopass:/etc/certs/gluu_https.key \ gluufederation/config-init:3.1.1_rev1.0.0-beta3 \ --admin-pw my-password \ --email 'my-email@email.domain' \ --domain gluu.hubub.com \ --org-name 'Stagwell' \ --kv-host $CONSUL \ --kv-port 8500 \ --save ``` 2) When step 1) is completed, I verify that keys are populated in consul. Next I start OpenLDAP container in Kubernetes. As image I use I am using gluufederation/openldap:3.1.1_dev. I supply following environment variables for the container: - GLUU_KV_HOST - GLUU_KV_PORT - GLUU_LDAP_INIT - GLUU_LDAP_INIT_HOST - GLUU_LDAP_INIT_PORT 3) When OpenLDAP is fully up, I start the rest of the containers. Images used are gluufederation/oxtrust:3.1.1_dev, gluufederation/oxauth:3.1.1_dev, gluufederation/key-rotation:3.1.1_dev and gluufederation/nginx:3.1.1_dev. I tested 2 different scenarios where each produces different issues. 3a) If I start them all the remaining containers at once, one of them modifies attribute oxIDPAuthentication of LDAP entry DN: inum=@!XXXX,ou=appliances,o=gluu and changes its value from \"servers\": [\"ldap.hubub.com:1389\"] to \"servers\": [\"localhost:1389\"] which results in following error on oxAuth server: ``` 2017-12-03 16:59:46,448 ERROR [qtp204349222-15] [org.xdi.oxauth.service.AuthenticationService] (AuthenticationService.java:308) - Failed to find entries with baseDN: o=gluu, filter: (&(&(objectClass=top))(&(uid=admin))) 2017-12-03 16:59:46,451 INFO [qtp204349222-15] [org.xdi.oxauth.auth.Authenticator] (Authenticator.java:152) - Authentication failed for 'admin' ``` It took me a while to figure out what is happening since I expected that in a case where oxauth connects to localhost and there is no LDAP running there, the message should state connection failure rather than entry not found. 3b) If I start the remaining containers in following sequence, in many cases I am facing with oxAuth issue, where following exception with a call stack log is generated (please see https://pastebin.com/Lssz1sHG). 1) oxauth 2) oxtrust 3) keyrotation 4) nginx While 3a sounds to me like some kind of bug which might be related to way I try to run containers, I would certainly appreciate help with 3B, since I am stuck there. While I will be waiting for your response I try to do some debugging to get the understanding of the problem. I will post any relevant findings in this case. Thank you in advance for your help.