[Date Prev][Date Next]
Re: Replication for high availability?
Steve Schultze wrote:
> On Thu, 9 Aug 2001, Pierangelo Masarati wrote:
> > David Wright wrote:
> > >
> > > (This question is unrelated to my other posts.) My LDAP server went was
> > > down for ~hour today, which caused chaos at my site, because it does
> > > login authentication. I would like to avoid such problems in the future
> > > by setting up a cheap box that replicates its database and could be used
> > > in its place. The trouble is, how do I configure my client machines to
> > > use the slave in the event of the master's failure? Can anyone suggest
> > > some neat trick involving DNS or virtual interfaces or some such magic?
> > If your clients use the ldap_init initialization function (most do)
> > then you only have to feed them a list of hosts; the library tries
> > automatically all the hosts until one succeeds.
> This is not, in my experience, a very dependable way of providing
> redundancy. The problem which you will likely encounter is that much
> software re-uses LDAP connections, and the host is not re-checked and
> failed over between uses of the same connection. This means that if your
> master goes down, then your clients will probably have many open
> connections to that server which it will not intelligently fail over to
> the backup(s) you specified in the list of hosts. Instead, they will just
> keep failing.
> My experience with this is solely limited to PADL's nss_ldap, but it is
> certainly true that in that case it is totally unnacceptable to try to
> provide redundancy simply by specifying multiple hosts. I believe that
> this sort of problem will manifest itself in many other situations as
> well. I don't know the technical specifics as well as others on this
> list, so anyone else can feel free to fill in the details or correct me if
> I'm wrong.
> We chose the hardware (cluster) route. We have one ip for the cluster,
> and it does failover for us automatically.
You're right. In my clients, if any operation fails I try to re-init the
connection; usually, I also keep track of the last bind I performed,
so that I can restore the state of the connection as much as possible.
But very few clients do, indeed.
Dr. Pierangelo Masarati | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale | fax: +39 02 2399 8334
Politecnico di Milano | mailto:email@example.com
via La Masa 34, 20156 Milano, Italy | http://www.aero.polimi.it/~masarati