[Date Prev][Date Next] [Chronological] [Thread] [Top]

SyncREPL Behaves Inconsistently (ITS#3262)



Full_Name: Adam Tauno Williams
Version: 2.2.15
OS: LINUX
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (206.114.45.106)


SyncRepl behaves inconsistently.

Three servers -
1.Master 2.2.15 slapd on Redhat Linux 9, littleboy
1.1.kernel-2.4.20-19.9
1.2.glibc-2.3.2-27.9.7
2.Consumer 2.2.15 slapd on RedHat Linux 9, turnstone
2.1.kernel-2.4.20-19.9
2.2.glibc-2.3.2-27.9.7
3.Consumer 2.2.14 slapd on SuSe Linux 9.1, throw
2.1.kernel-smp-2.6.4-54.5
2.2.glibc-2.3.3-97

Relevant sections from server 1 (master) slapd.conf -

sessionlog 100 256
sessionlog 101 256
sessionlog 102 256
sessionlog 103 256
sessionlog 104 256
sessionlog 105 256

We also tried with a single session log,  thought perhaps we needed one per
consumer;  but this didn't make any difference.

Relevant sections from server 2 (consumer) slapd.conf -
syncrepl rid=50
  provider=ldap://littleboy.morrison.iserv.net:389
  type=refreshAndPersist
  searchbase="o=Morrison Industries,c=US"
  filter="(objectclass=*)"
  scope=sub
  schemachecking=off
  updatedn="uid=syncrepl,ou=Replication,ou=SubSystems,o=Morrison
Industries,c=US"
  bindmethod=simple
  binddn="uid=turnstone,ou=Replication,ou=SubSystems,o=Morrison
Industries,c=US"
  credentials=**************

Credentials are stored in the mentioned object in cleartext,  we used MD5 at
first to encode the password but switched to cleartext encoding to see if that
would help.  It didn't have any effect.  This slapd DOES seem to create and
maintain a connection to the master slapd.

Relevant sections from server 3 (consumer) slapd.conf -
syncrepl rid=50
  provider=ldap://littleboy.morrison.iserv.net:389
  type=refreshAndPersist
  searchbase="o=Morrison Industries,c=US"
  filter="(objectclass=*)"
  scope=sub
  schemachecking=off
  updatedn="uid=syncrepl,ou=Replication,ou=SubSystems,o=Morrison
Industries,c=US"
  bindmethod=simple
  binddn="uid=throw,ou=Replication,ou=SubSystems,o=Morrison Industries,c=US"
  credentials=**************

Both consumers will come into sync if RESTARTED, but then syncronization stops.

Both consumers were loaded via -
Master
------
/opt/dsa/sbin/slapcat -n1 -m > /tmp/consumer.ldif
scp /tmp/consumer.ldif root@{consumer}:/tmp
Consumer
--------
cd /var/lib/ldap
rm -f *
ln -s /etc/openldap/DB_CONFIG
/opt/dsa/sbin/slapadd -r -i 50 -n1 < /tmp/consumer.ldif
chown ldap.ldap *

And both consumers immediately create a connection to the master -
# netstat -ap | grep slap
tcp 0 0 *:ldap *:* LISTEN 5296/slapd
tcp 0 0 {consumer}:33161 {master}:ldap ESTABLISHED 5296/slapd
unix 2 [ ] DGRAM 16836 5296/slapd 

IF I have JUST loaded and start ONE consumer it stays in sync.  If I start the
second consumer it sync's itself and then BOTH consumers stop syncing.  They
subsequently only sync on restart even if all slapds are stopped (including the
master) and restarted, or if all slapds are stopped (including the master) and
only ONE consumer is started.

Example......

Two consumers (localhost [turnstone] & throw) and master (littleboy), one
consumer
out of sync....

[root@turnstone root]# ldapsearch -x -LLL -h localhost uid=adam
morrisoninternalrate; ldapsearch -LLL -x -h throw uid=adam
morrisoninternalrate;ldapsearch -LLL -x -h littleboy  uid=adam
morrisoninternalrate
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 50
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 75
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 50

Two consumers (localhost & throw) and master (littleboy), after throw is
restarted it comes into sync.....
 
[root@turnstone root]# ldapsearch -x -LLL -h localhost uid=adam
morrisoninternalrate; ldapsearch -LLL -x -h throw uid=adam
morrisoninternalrate;ldapsearch -LLL -x -h littleboy  uid=adam
morrisoninternalrate
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 50
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 50
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 50

Two consumers (localhost & throw) and master (littleboy), change made on
master is not seen by consumers....

[root@turnstone root]# ldapsearch -x -LLL -h localhost uid=adam
morrisoninternalrate; ldapsearch -LLL -x -h throw uid=adam
morrisoninternalrate;ldapsearch -LLL -x -h littleboy  uid=adam
morrisoninternalrate
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 50
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 50
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 60


Two consumers (localhost & throw) and master (littleboy), both consumer
slapds restarted, they come into sync......

[root@turnstone root]# ldapsearch -x -LLL -h localhost uid=adam
morrisoninternalrate; ldapsearch -LLL -x -h throw uid=adam
morrisoninternalrate;ldapsearch -LLL -x -h littleboy  uid=adam
morrisoninternalrate
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 60
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 60
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 60

Two consumers (localhost & throw) and master (littleboy), change made on
master, both consumer out of sync......
[root@turnstone root]# ldapsearch -x -LLL -h localhost uid=adam
morrisoninternalrate; ldapsearch -LLL -x -h throw uid=adam
morrisoninternalrate;ldapsearch -LLL -x -h littleboy  uid=adam
morrisoninternalrate
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 60
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 60
dn: cn=Adam Williams,ou=People,o=Morrison Industries,c=US
morrisoninternalrate: 42

All three DSA installs compiled as -
 $ mkdir /opt/dsa
$ cd /tmp
$ tar xzvf openssl-0.9.7d.tar.gz
$ cd openssl-0.9.7d
$ env CC=gcc LDFLAGS="-L/opt/dsa/lib -R/opt/dsa/lib" \
PERL=/usr/bin/perl LD_RUN_PATH=/opt/dsa/lib \
./Configure --prefix=/opt/dsa --openssldir=/opt/dsa/openssl \
shared linux-ppro
$ nice -n19 make
$ make install
$ cd /tmp
$ tar xzvf heimdal-0.6.2.tar.gz
$ cd heimdal-0.6.2
$ export CFLAGS='-O2'
$ export CXXFLAGS='-O2'
$ export CCFLAGS="-O2 -D_REENTRANT"
$ ./configure --prefix=/opt/dsa CCFLAGS="-O2 -D_REENTRANT" --enable-shared
--with-krb4=/opt/dsa --with-openssl=/opt/dsa --without-readline --without-hesiod
--without-ipv6
$ nice -n 19 make
$ make install
$ cd /tmp
$ tar xzvf bdb-4.2.52.tar.gz
$ cd db-4.2.52
$ patch -p0 < ../patch.4.2.52.1
$ patch -p0 < ../patch.4.2.52.2
$ cd build_unix
$ ../dist/configure --prefix=/opt/dsa --enable-compat185
$ nice -n 19 make
$ make install
$ cd /tmp
$ tar xzvf cyrus-sasl-2.1.18.tar.gz
$ cd cyrus-sasl-2.1.18
$ export CFLAGS='-O2'
$ export CXXFLAGS='-O2'
$ ./configure --disable-sample --without-dblib --without-pam --without-des
--disable-des --with-openssl --with-saslauthd=/var/run --disable-checkapop
--disable-cram --disable-digest --disable-otp --disable-anon --enable-plain
--enable-login --enable-gssapi=/opt/dsa -with-plugindir=/opt/dsa/lib/sasl2
--prefix=/opt/dsa
$ nice -n 19 make
$ make install
$ cd /tmp
$ tar xzvf openldap-2.2.15.tgz
$ cd openldap-2.2.15
$ export CPPFLAGS="-I/opt/dsa/include"
$ export CXXFLAGS="-I/opt/dsa/include"
$ export CFLAGS="-I/opt/dsa/include"
$ export LDFLAGS="-L/opt/dsa/lib"
$ export LD_LIBRARY_PATH=/opt/dsa/lib
$ ./configure --prefix=/opt/dsa --sysconfdir=/etc --localstatedir=/var/run/slapd
--libexecdir=/opt/dsa/libexec --libdir=/opt/dsa/lib --mandir=/opt/dsa/man
--sbindir=/opt/dsa/sbin --datadir=/opt/dsa/share --localstatedir=/opt/dsa/var
--includedir=/opt/dsa/include --enable-aclgroups --enable-spasswd
--enable-modules --enable-shared --enable-dynamic --with-tls --with-cyrus-sasl
--enable-crypt --enable-ipv6=yes --enable-aci --enable-bdb --enable-rewrite
--enable-ldap --enable-meta --enable-monitor --enable-ldbm --enable-sql
--enable-lmpasswd --with-dyngroup --with-proxycache
$ nice -n19 make depend
$ nice -n19 make
$ make install