[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Replication monitoring
Hi Andreas!
> Your servers should be recognized as openldap.
> * Check the Environment page if it says "OpenLDAP".
> * Click on one of the servers to open the server view page and you
should
> now see two more buttons.
Yes, that works now. But I still didn't see any replication agreements.
So I digged a bit into the code. I first thought the problem may be that
my monitoring user cannot read cn=config, but it can.
I originally used version 2.0.4, but I also checked the current SVN
version; it still has the same (and possibly other) problems.
In your function openldap_setBackEndDatabases you are querying for
objectclass=olcBdbConfig. That means you will be missing several databases,
because you are only asking for BDB databases. In our example, we are using
HDB databases. So changing this to objectclass=olcHdbConfig made our
replication agreements visible all of a sudden.
But I guess this is not how to do it as there may be many other backend
types.
Also in our setup, we are replicating the cn=config database itself. It
also isn't recognized because it's neither a BDB nor HDB database.
So maybe you should look for some generic way of doing this here.
Interesting enough, on the query page, you recognize all our backends,
including cn=monitor and cn=config. I didn't compare the code, though.
Let me know if you need more information.
The other problem I found (in version 2.0.4):
I made it recognize the two DITs / backends we have. Both of them are
replicated. But I can only get replication information for the first one. I
was unable to compare this to the latest development version because in the
latest development version I cannot make the "Replication" page show up.
It't giving me an error message "Database not configured" without any
further information on the server overview page. Will worry about that in a
next step. Are there any changes in the configuration needed between 2.0.4
and the current SVN version or may the trunk just be broken?
Regards,
Torsten
On Tue, 25 Jan 2011 22:40:44 +0100, Andreas Andersson <zreoxx@gmail.com>
wrote:
> Hi Torsten!
>
> Your servers should be recognized as openldap.
> * Check the Environment page if it says "OpenLDAP".
> * Click on one of the servers to open the server view page and you
should
> now see two more buttons.
> One saying Cache in the middle and replication (to the right).
>
> It would be interesting to know how much CN=Monitor recognize your
servers
> as OpenLDAP because that should be enough to show these options.
> Can you fetch monitoring information from base suffix cn=monitor
> (CN=Monitor fetches statistics from this base suffix) for OpenLDAP.
>
> Yes the documentation can and will be improved until the next release
and
> the buttons are a bit hidden in the server view.
>
> To view replication information you don't need to configure anything
more
> in CN=Monitor than one environment with your servers if you are running
on
> ports 389 and 636 and it allows anonymous access.
> In my example I'm using a monitoring user.
>
> CN=Monitor configuration:
> <environment>
> <name>Test OpenLDAP</name>
> <dn>cn=CNMonitor User,dc=domain,dc=com</dn>
> <password>secret</password>
> <server>
> <name>10.0.1.14</name>
> </server>
> <server>
> <name>10.0.1.15</name>
> </server>
> </environment>
>
> This user is allowed access to both cn=monitor and cn=config suffixes:
> # allow onlu rootdn to read the monitor
> access to *
> by dn.exact="cn=CNMonitor User,dc=domain,dc=com" read
> by * none
>
> # enable monitoring
> database config
>
> # allow onlu rootdn to read the monitor
> access to *
> by dn.exact="cn=CNMonitor User,dc=domain,dc=com" read
> by * none
>
> Let me know if this helps!
>
> Regards - Andreas
>
> On Jan 25, 2011, at 8:58 PM, Torsten Schlabach (Tascel eG) wrote:
>
>> Hi Andreas!
>>
>> We must have missed your post a year ago, but thanks a lot for this
one.
>> As we sometimes experience trouble in our OpenLDAP repication, we do
>> appreciate a tool which could visualize the current replication status,
>> as
>> seen in the screenshot, so your tool immediately caught me attention
and
>> I
>> spend an hour to install it today.
>>
>> I also spent another hour looing at the two PDF guides; just ... sorry
if
>> I overlooked anything ... I cannot get to the page your are showing in
>> your
>> screenshot. I don't have a "Replication" button at all in my options.
>>
>> We have configured two servers which we can see in the tool. We can do
>> queries and we get a nice status page. All fine. But I guess I will
have
>> to
>> put somewhere in the config the information that those two servers are
>> replicating each other, don't I? Just I cannot find any example how to
do
>> that.
>>
>> Regards,
>> Torsten
>>
>> On Mon, 24 Jan 2011 18:55:03 +0100, Andreas Andersson
<zreoxx@gmail.com>
>> wrote:
>>> Hi!
>>>
>>> I posted an announcement here about a year ago about my little LDAP
>>> monitoring project CN=Monitor.
>>> Asked for feedback and received a lot. Thank you! Some feedback was
>>> related to adding replication verification for OpenLDAP so of course I
>> gave
>>> it a try.
>>>
>>> Unfortunately I don’t have a large scale OpenLDAP environment to
verify
>>> this functionality on so I need your help :)
>>> Is it working and can it be improved?
>>>
>>> This is how it works:
>>> The contextCSN is verified on all servers within the same environment.
>> See
>>> attached image.
>>>
>>> As always… I appreciate all feedback I can get and let me know if you
>> have
>>> any suggestions on new features or something else that can approve
this
>>> monitoring application.
>>>
>>> Project page:
>>> http://cnmonitor.sourceforge.net
>>>
>>> Freshmeat:
>>> http://freshmeat.net/projects/cnmonitor
>>>
>>> Best Regards - Andreas