[Date Prev][Date Next]
Re: replicated cn=config
--On Monday, November 21, 2005 11:15 PM -0800 Quanah Gibson-Mount
--On Monday, November 21, 2005 10:42 PM -0800 Quanah Gibson-Mount
Then either slurpd or syncrepl can be used to keep the slaves'
configurations up to date.
To follow up on this, it is impossible to do this with slurpd unless you
are using simple binds with the same password on all the database
backends on the replica and master, as slurpd can only store one way to
bind to a slave (i.e., I cannot have it bind to the slave using
SASL/GSSAPI for dc=stanford,dc=edu, and simple binds for cn=config). And
cn=config does not support binding to it with anything other than simple
mechs (at least until ITS#4192 is addressed).
I guess I'll have to try delta-syncrepl instead.
Which won't fork for a few reasons:
1) No indexing in back-ldif
2) database config does not support operations required for syncrepl
So at this time it is entirely impossible to do a replicated cn=config on
the replica side (Howard said it was probably possible by doing rewrites on
the master side with back-ldif... blah) because back-relay and slapo-rwm
don't support back-config at this time.
Hopefully the various bits of 2.3 will support back-config enough to make
it worthwhile to use someday soon, because right now every time I go to use
it, I'm stymied by unsupported pieces. I'd be happy to convert things
over, and have even done some attempts at this, but my C skills are very
rusty, and I'm still trying to figure out the *_cf_func pieces.
Principal Software Developer
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html