[Date Prev][Date Next] [Chronological] [Thread] [Top]

Design for large openldap deployments

To: openldap-technical@openldap.org
Subject: Design for large openldap deployments
From: Christian Kratzer <ck-lists@cksoft.de>
Date: Fri, 13 Dec 2013 18:40:02 +0100 (CET)
Cc: Christian Kratzer <ck@cksoft.de>
User-agent: Alpine 2.00 (BSF 1167 2008-08-23)

Hi,

I have been thinking about a scalable multi site deployment architecture for
openldap where I would like to:

- Have a small number of master servers centrally in the enterprise with MMR.

- All account provisioning would be at the central sites.

- Have multiple edge sites replicate of those masters in a star toplogy with MMR.

- Allow writes to those edge sites for the purpososes of slapo_ppolicy,
  slapo_lastbind and password changes.

I would like to avoid fully meshing all servers for MMR and would prefer
a star topology where each edge site only replicates with the central site.

I would also like to avoid chaining. See my previous posts why.

Before I set this up in my lab I would like a second opinion. The customer
is asking for best practice in large deployments.

Any comments ?

Greetings
Christian

--
Christian Kratzer                      CK Software GmbH
Email:   ck@cksoft.de                  Wildberger Weg 24/2
Phone:   +49 7032 893 997 - 0          D-71126 Gaeufelden
Fax:     +49 7032 893 997 - 9          HRB 245288, Amtsgericht Stuttgart
Web:     http://www.cksoft.de/         Geschaeftsfuehrer: Christian Kratzer

Follow-Ups:
- Re: Design for large openldap deployments
  - From: "Michael StrÃder" <michael@stroeder.com>
- Re: Design for large openldap deployments
  - From: Dieter Klünter <dieter@dkluenter.de>

Prev by Date: Re: ldapsearch limit of 500 entries
Next by Date: RE: ldapsearch limit of 500 entries
Index(es):
- Chronological
- Thread