[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Multi Master Enviornment for Openldap 2.3

To: "Aviles, Hugo" <haviles@covad.com>
Subject: Re: Multi Master Enviornment for Openldap 2.3
From: Matthew Backes <mbackes@symas.com>
Date: Thu, 1 Feb 2007 11:41:27 -0800
Cc: openldap-software@openldap.org
In-reply-to: <DE218759AAF51B45B534A59F516642540894E312@ZANEVS03.cc-ntd1.covad.com>
References: <DE218759AAF51B45B534A59F516642540894E312@ZANEVS03.cc-ntd1.covad.com>

So here's my situation, I need to setup two openldap instances that will be setup behind a load balancers and be redundant for each other.

What goal are you trying to accomplish? i.e. do you need two instances to handle the load, or for reliability? These are two separate problems and really should be addressed as such.

But i don't want any referrels' to another "master" instance to make the writes. I want both instances to be able to write and do the update without a referral and also have the same data across both instances. I am having trouble figuring out how to setup openldap to do that but from what I have read so far, syncrepl seems to be what I should use to get close to what I want. But I still need some assistance.

Mirrormode, which is available in CVS or Symas's CDS build of OpenLDAP lets you do something resembling what you seek.

In particular, you can have two servers that are masters and accepting changes from each other. Unfortunately you absolutely must ensure that only one of them receives writes at a time, generally via a load balancer. All replicas and clients would then point at the load balancer.

If a new entry 'A' gets added to the provider master (ligit entry) and then a new entry B gets added to the consumer database (ligit entry), when they replicate, will both provider and master have the A and B entries? Or will the consumer database be screwed and whatever the provider has is it?

In mirrormode, both masters are peers with neither one in charge. If you violate the design assumptions and write to both, they can trade objects, have disjoint changes, and all sorts of other interesting and generally undesirable things.

As Dr. Spangler said, "Don't cross the streams."

It doesn't haven't to be Multi-master but I do what the two instances to have the same data and be able to update requests to modify/add/delete entries without a refferal..

As long as you only write to one at a time, sure. Otherwise you need the full elaborate multi-master conflict resolution system, which has not yet been written. And no, the other directory servers don't generally have a strict-reliable multi-master either.

Matthew Backes
Symas Corporation
mbackes@symas.com
lucca@accela.net

Follow-Ups:
- Re: Multi Master Enviornment for Openldap 2.3
  - From: "Sam Tran" <stlist@gmail.com>

References:
- Multi Master Enviornment for Openldap 2.3
  - From: "Aviles, Hugo" <haviles@covad.com>

Prev by Date: Re: Can't add data to new ou
Next by Date: Re: ldapsearch for digest-md5
Index(es):
- Chronological
- Thread