[Date Prev][Date Next]
Re: best practices for backing up ldap configuration
On December 14, 2012 07:06:13 PM Michael Ströder wrote:
> That's what SVN/puppet is for in my current project which generates static
> configuration files for all the nodes based on templates. We can specify as
> many MMR replica instances as needed and use the same Puppet manifests for
> MMR setups in different stages.
> And that works *much* better than tracking changes to back-config because it
> is easier to automate configuration without an "internal" state change in a
But managing back-config using any config management tool remains an issue. I
don't think I can just push the entire slapd.d directory using chef or puppet.
That's why I thought of tracking the changes.
Having said all that I do agree with you that using a static configuration is
better suited for this kind of thing.
> IIRC the static configuration will be dropped not before 2.5.x is out.
That's good to know, though we are entirely on back-config now.
I found something interesting as well. Openldap seems to ignore dotfiles in
slapd.d directory. This can help avoid having to check for config changes using
a script and I can simply commit the entire slapd.d to my VCS.