FAQ¶

Frequently asked questions about Pleiades GSLB.

General - What is Pleiades GSLB? - A DNS-based global server load balancer that answers A/AAAA records using round-robin and health awareness. - Does it support IPv6? - Yes. Include IPv6 addresses in loadbalancer.endpoints to enable AAAA responses.

Health checks - What types of health checks are supported? - TCP and HTTP. HTTP supports TLS, expected status, body substring match, and custom Host header. - Are HTTPS certificates verified? - Yes by default when health.http.tls: true. Set insecureSkipVerify: true only for lab/testing.

Configuration - Where is the config file? - Default /etc/gslb/config.yaml, override with -config flag. - Can I manage config via Git? - Yes. Enable GitOps with gitops.repoURL, signed commits required by default.

State synchronization - How do nodes share health information? - Via NATS + JetStream subjects and KV with TTL. Policies control how local and global health are merged. - What policy should I use? - Default prefer-local is conservative. Use global-quorum for stronger cross-region consensus.

Metrics - How do I expose Prometheus metrics? - Enable metrics.enablePrometheus: true and scrape http://<host>:9090/metrics (default port 9090).

Security - How are GitOps changes secured? - GPG-signed commit verification; optionally restrict to an allowlist of signer fingerprints. - How do clients authenticate to NATS? - Use TLS client certificates or NATS accounts/JWT. See Security Guide.

Operations - Why are no records returned sometimes? - Likely all endpoints are unhealthy for that family or health policy excludes them. Check health metrics and logs. - How do I run on port 53 without root? - Grant capability: setcap 'cap_net_bind_service=+ep' /usr/local/bin/gslbd and run as non-root.