[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#8444) Out-of-sync issue with memberOf overlay, Delta-syncrepl MMR and >2 nodes
- To: openldap-its@OpenLDAP.org
- Subject: (ITS#8444) Out-of-sync issue with memberOf overlay, Delta-syncrepl MMR and >2 nodes
- From: Mark.Cairney@ed.ac.uk
- Date: Thu, 16 Jun 2016 12:33:25 +0000
- Auto-submitted: auto-generated (OpenLDAP-ITS)
Full_Name: Mark Cairney
Version: 2.4.44 (git_master)
OS: Centos 6 x86_64
URL: http://homepages.ed.ac.uk/mcairney/delta-mmr-memberof.tar.gz
Submission from: (NULL) (129.215.201.136)
Hi,
I think I've identified an issue where if you have more than 2 OpenLDAP servers
set up in MMR using delta-syncrepl and push-based replication
(refreshAndPersist) and the memberOf overlay.
If you add/delete objects which are maintained by the memberOf overlay i.e.
users and groups delta-syncrepl goes out-of-sync and triggers a SYNC_ID_SET
refresh on the consumers. It looks like it receives the same change from all
other nodes. This behaviour doesn't appear to happen when using pull-based
replication with delta-syncrepl or standard syncrepl (push and pull-based).
To confirm this behaviour I removed the memberOf overlay from the config, dumped
the database, removed any "memberOf" attributes and put the database back in
place (slapcat/slapadd on both cn=config and my main DB) on all 3 nodes. Without
the memberof overlay loaded sync behaved normally on all 3 nodes.
In the tarball I've included a sanitised copy of my config (Schema, ACLs,
password hashes, indices for non-standard attributes, operational attributes all
removed), a log entry showing deletion of an object not managed by memberOf (a
netgroup entry), and log entries showing what happens when a group is deleted
both with and without the memberOf overlay.
The 3 servers are identical in both config and hardware spec apart from the
olcSASLHost. They are Sun X4150's with 24GB RAM, 10KRPM HDDs in 2 pairs of
RAID-1 and 2x4 CPU cores (Xeon E5540 @2.53GHz).