[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: multi master not syncing.

To: Howard Chu <hyc@symas.com>
Subject: Re: multi master not syncing.
From: Sébastien Bernard <seb@frankengul.org>
Date: Sun, 25 Sep 2011 23:28:20 +0200
Cc: openldap-technical@openldap.org
In-reply-to: <4E7D1997.5080101@symas.com>
References: <4E7AF3B3.2020202@frankengul.org> <4E7D1997.5080101@symas.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:7.0) Gecko/20110918 Thunderbird/7.0

On 24/09/2011 01:43, Howard Chu wrote:

Sébastien Bernard wrote:

Hi,

I've setup a multimaster cluster composed of two machine (in my example
192.168.0.204 and 192.168.0.197).
Everything is working ok and both side are replicating ok.

However, I've a problem I'd like to submit to your sagacity.

When I put down a server, and modify the other server (delete or add),
when the first server comes back, the modifications are not pushed in
the old server.
Server 1 says Entry cn=seb,ou=orgunit,o=org,dc=example,dc=com changed by
peer, ignored

You have not provided enough useful information (OpenLDAP version,exact server configurations, which one is "server 1" in yourdescription) to be certain. But most likely you have not configuredtheir ServerIDs correctly.

OpenLDAP is 2.4.26-2 from fedora. I'll include the cn=config tree Ihave. The cn=config is replicated between both servers (as stated in thechap 18 of the admin guide).

Server 1 is 192.168.0.204.
Server 2 is 192.168.0.197.
I used server 1 to import all the nodes.

Configuration is included as attachement. All I can say is that I triedto follow the instruction in the guide.

I did not pretend I fully understood what I was doing, but I managed tohave replication both ways working.

A few points stays in the dark, like the numbering of the rid forreplication:

    are the rid per branch or global to the slapd ?
    Should one assign with an incremental policy ?

Next the ServerIds are only declared in the cn=config node. Shouldn'tthey be declared in the dc=aaa,dc=fr branch ?



Sincerely

Seb

dn: cn=config
objectClass: olcGlobal
cn: config
olcConfigFile: slapd.conf
olcArgsFile: /var/run/openldap/slapd.args
olcAttributeOptions: lang-
olcAuthzPolicy: none
olcConcurrency: 0
olcConnMaxPending: 100
olcConnMaxPendingAuth: 1000
olcGentleHUP: FALSE
olcIdleTimeout: 0
olcIndexSubstrIfMaxLen: 4
olcIndexSubstrIfMinLen: 2
olcIndexSubstrAnyLen: 4
olcIndexSubstrAnyStep: 2
olcIndexIntLen: 4
olcLocalSSF: 71
olcLogLevel: Stats
olcLogLevel: Stats2
olcLogLevel: Sync
olcPidFile: /var/run/openldap/slapd.pid
olcReadOnly: FALSE
olcReverseLookup: FALSE
olcSaslSecProps: noplain,noanonymous
olcSockbufMaxIncoming: 262143
olcSockbufMaxIncomingAuth: 16777215
olcThreads: 16
olcTLSCRLCheck: none
olcTLSVerifyClient: never
olcToolThreads: 1
olcWriteTimeout: 0
structuralObjectClass: olcGlobal
olcServerID: 1 ldap://192.168.0.204/
olcServerID: 2 ldap://192.168.0.197/
olcConfigDir: /etc/openldap/slapd.d
entryUUID: 818d86c8-6ee3-40f2-adef-31305e2e5a3f
createTimestamp: 20110913162447Z
creatorsName: cn=config
olcLogFile: /var/log/slapd.log
entryCSN: 20110922084820.552277Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20110922084820Z
contextCSN: 20110913164245.586057Z#000000#001#000000
contextCSN: 20110913165140.217289Z#000000#002#000000
contextCSN: 20110922155152.665490Z#000000#000#000000

dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModuleLoad: {0}back_bdb.la
olcModuleLoad: {1}back_hdb.la
olcModuleLoad: {2}syncprov.la
structuralObjectClass: olcModuleList
entryUUID: a99d4b98-5a92-4ba0-836f-defbb8610e91
creatorsName: cn=config
createTimestamp: 20110913135532Z
entryCSN: 20110913135532.612450Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20110913135532Z

dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 0
olcReadOnly: FALSE
olcSchemaDN: cn=Subschema
olcMonitoring: FALSE
structuralObjectClass: olcDatabaseConfig
entryUUID: 28ba24ea-a123-4736-903f-2be7c2c6967f
creatorsName: cn=config
createTimestamp: 20110913135532Z
entryCSN: 20110913135532.612450Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20110913135532Z

dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to *  by * none
olcAddContentAcl: TRUE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=config
olcRootPW:: c2VjcmV0
olcMonitoring: FALSE
structuralObjectClass: olcDatabaseConfig
entryUUID: dfb9d6e0-d6b2-4523-85ce-9c78270d3e97
createTimestamp: 20110913162447Z
creatorsName: cn=config
olcSyncrepl: {0}rid=001 provider=ldap://192.168.0.204 binddn="cn=config" bindm
 ethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist
  retry="5 5 300 5" timeout=1
olcSyncrepl: {1}rid=002 provider=ldap://192.168.0.197 binddn="cn=config" bindm
 ethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist
  retry="5 5 300 5" timeout=1
olcMirrorMode: TRUE
entryCSN: 20110914074645.088898Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20110914074645Z

dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
structuralObjectClass: olcSyncProvConfig
creatorsName: cn=config
entryUUID: 67443a06-15b8-4935-aee8-2a8e861b5469
createTimestamp: 20110913164506Z
entryCSN: 20110913164506.063347Z#000000#002#000000
modifiersName: cn=config
modifyTimestamp: 20110913164506Z

dn: olcDatabase={1}hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcSuffix: dc=,dc=com
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=Manager,dc=aaa,dc=com
olcRootPW: manager
olcMonitoring: TRUE
olcDbDirectory: /var/lib/ldap
olcDbCacheSize: 1000
olcDbNoSync: FALSE
olcDbDirtyRead: FALSE
olcDbIDLcacheSize: 0
olcDbIndex: objectClass eq
olcDbIndex: entryUUID eq
olcDbIndex: entryCSN eq
olcDbIndex: cn eq
olcDbIndex: ou eq
olcDbLinearIndex: FALSE
olcDbMode: 0600
olcDbSearchStack: 16
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0
structuralObjectClass: olcHdbConfig
entryUUID: 11efae0c-9d2d-4c7d-a53c-74ef612f22cd
createTimestamp: 20110913135532Z
olcMirrorMode: TRUE
creatorsName: cn=config
olcSyncrepl: {0}rid=003 provider=ldap://192.168.0.204 binddn="cn=Manager,dc=aa
 a,dc=com" bindmethod=simple credentials=secret searchbase="dc=aaa,dc=com" typ
 e=refreshAndPersist retry="60 +" timeout=1
olcSyncrepl: {1}rid=004 provider=ldap://192.168.0.197 binddn="cn=Manager,dc=aa
 a,dc=com" bindmethod=simple credentials=secret searchbase="dc=aaa,dc=com" typ
 e=refreshAndPersist retry="60 +" timeout=1
entryCSN: 20110922155152.665490Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20110922155152Z

dn: olcOverlay={0}syncprov,olcDatabase={1}hdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpCheckpoint: 100 600
olcSpSessionlog: 100
structuralObjectClass: olcSyncProvConfig
entryUUID: 4678b99e-6ce2-4797-b789-157fef6218e3
creatorsName: cn=config
createTimestamp: 20110913135532Z
entryCSN: 20110913135532.612450Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20110913135532Z

References:
- multi master no syncing.
  - From: Sébastien Bernard <seb@frankengul.org>
- Re: multi master no syncing.
  - From: Howard Chu <hyc@symas.com>

Prev by Date: RE: OpenLDAP with MySQL backend not working
Next by Date: Migrating from local LDAP auth to LDAP+kerberos
Index(es):
- Chronological
- Thread