[Date Prev][Date Next] [Chronological] [Thread] [Top]

Multimaster ldap related questions

I have implemented a multi-master two node ldap with openldap 2.4.22
and Berkely DB 4.8.26 on Redhat enterprise 5.4 with several readonly
replicas off of the masters.

I have a need to add several optional attributes to a schema and
probably should upgrade to 2.4.24 as well.  If this was a single-master
server, it would be easy to do; just slapcat the ldap store, update
software, change schema, slapadd the ldap store back, and resume slapd.

I'm not sure how to do that with multi-master.  One reason for using
multi-master was if one master was down, the other would keep running.
One should be able to upgrade one server, have it catch up with the
changes that the other master had done while the first master is down
and then repeat for the 2nd master.  Is this possible?  Has anyone done
this and how was it done?

I know in the near future, a high-level branch on my DIT will be purged
and bulk reloaded.  I have tested the load with a test setup of
multi-master ldap.  If I do it via ldapadd, it takes over 6 hours to
load.  With slapadd (and slapd down) it only takes 25 minutes plus the
time for the other master to get up-to-date.  Is there any way that I
can speed-up the update with ldapadd?  I have pieces of my slapd.conf
for the 1st master at the end of this email. 

Slapadd has two options that appear to be needed when dealing with
multi-master or replicate nodes.  The first is the "-S sid" option, the
second is "-w".  I'm a little confused what is used where.  If you are
doing a dump and restore operation (slapcat, delete database, slapadd)
the only option you need is the "-w" option?  If you are adding new
entries offline then do both options need to be specified?

Is there a multi-master best practice quide somewhere?

Thanks for any help,



==============  slapd.conf extract ==============:
ServerID 001
pidfile         /usr/local/var/run/slapd.pid
argsfile        /usr/local/var/run/slapd.args
sizelimit unlimited
moduleload ppolicy.1a

database        bdb
suffix          "dc=htc,dc=com"
rootdn          "cn=Manager,dc=htc,dc=com"
rootpw                  XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx


directory       /usr/local/var/openldap-data
cachesize 50000
dncachesize 50000
idlcachesize 150000
checkpoint 1024 5
dbconfig set_cachesize 0 268435456 1
dbconfig set_lg_bsize 2097152
dbconfig set_lg_regionmax 262144
dbconfig set_flags DB_LOG_AUTOREMOVE
monitoring on

index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub
index entryCSN                          eq
index entryUUID                         eq
index uniqueIdentifier                  eq

overlay ppolicy
ppolicy_default "cn=default,ou=policies,dc=htc,dc=com"



syncrepl rid=002
        provider=ldap://vmldapdev2.htc.external:389
        type=refreshAndPersist
        retry="5 5 300 +"
        searchbase="dc=htc,dc=com"
        attrs="*,+"
        bindmethod=simple
        binddn="uid=vmldapdev1,ou=replicants,ou=admin,dc=htc,dc=com"
        credentials=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

mirrormode TRUE

overlay syncprov
syncprov-checkpoint 1000 1

database monitor 


**********************************************************************
HTC Disclaimer:  The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.  If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.  Thank you.
**********************************************************************