[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Transparent redundancy

--On Thursday, July 15, 2004 4:43 PM +0200 Sensei <senseiwa@tin.it> wrote:

Hi. I've a question about robustness.

I've built an openafs cell, on debian stable. It authenticates over
kerberos 5, and gains a token from openafs_session, so no kaserver and
no passwords anywhere other than kerberos db. Good it works. All the
users acquire informations (naming, home dirs...) on an openldap server.
Now, my question about it is: how to make it redundant?

We have a quite unreliable network. The server is on one floor and I'm
thinking about having a second server on the second floor. I need these
two cells to work cooperatively but ``independent'' one from each other.

In other words, if the link between the two servers goes down, each
floor keep to authenticate and work. Login can work fine, even without
the home directory, which can reside on the other server. How can I do

Do not bother about krb5 or afs. I'm dealing now with the ldap issues.

I suggest having several ldap replicas in a load-balance pool, and point your systems to use the load balanced pool name.


-- Quanah Gibson-Mount Principal Software Developer ITSS/Shared Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html