[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Replication for high availability?



Steve Schultze wrote:

> On Thu, 9 Aug 2001, Pierangelo Masarati wrote:
> > David Wright wrote:
> > >
> > > (This question is unrelated to my other posts.) My LDAP server went was
> > > down for ~hour today, which caused chaos at my site, because it does
> > > login authentication. I would like to avoid such problems in the future
> > > by setting up a cheap box that replicates its database and could be used
> > > in its place. The trouble is, how do I configure my client machines to
> > > use the slave in the event of the master's failure? Can anyone suggest
> > > some neat trick involving DNS or virtual interfaces or some such magic?
> >
> > If your clients use the ldap_init initialization function (most do)
> > then you only have to feed them a list of hosts; the library tries
> > automatically all the hosts until one succeeds.
>
> This is not, in my experience, a very dependable way of providing
> redundancy.  The problem which you will likely encounter is that much
> software re-uses LDAP connections, and the host is not re-checked and
> failed over between uses of the same connection.  This means that if your
> master goes down, then your clients will probably have many open
> connections to that server which it will not intelligently fail over to
> the backup(s) you specified in the list of hosts.  Instead, they will just
> keep failing.
>
> My experience with this is solely limited to PADL's nss_ldap, but it is
> certainly true that in that case it is totally unnacceptable to try to
> provide redundancy simply by specifying multiple hosts.  I believe that
> this sort of problem will manifest itself in many other situations as
> well.  I don't know the technical specifics as well as others on this
> list, so anyone else can feel free to fill in the details or correct me if
> I'm wrong.
>
> We chose the hardware (cluster) route.  We have one ip for the cluster,
> and it does failover for us automatically.

You're right. In my clients, if any operation fails I try to re-init the
connection; usually, I also keep track of the last bind I performed,
so that I can restore the state of the connection as much as possible.
But very few clients do, indeed.

Pierangelo.


--
Dr. Pierangelo Masarati               | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale                | fax:   +39 02 2399 8334
Politecnico di Milano                 | mailto:masarati@aero.polimi.it
via La Masa 34, 20156 Milano, Italy   | http://www.aero.polimi.it/~masarati