[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Adding read-only consumers to a Mirror Mode Replication setup?

To: openldap-technical@openldap.org
Subject: Re: Adding read-only consumers to a Mirror Mode Replication setup?
From: Jean-Francois Malouin <Jean-Francois.Malouin@bic.mni.mcgill.ca>
Date: Tue, 23 Oct 2018 14:44:06 -0400
Content-disposition: inline
In-reply-to: <14968333DB238BE93FF00C4C@[192.168.1.39]>
Mail-followup-to: openldap-technical@openldap.org
References: <20181017205209.GE441@bic.mni.mcgill.ca> <7B80FD3752A55025EC8F3373@[192.168.1.39]> <455cc73a-fbf4-7e4d-22df-f1a3f9c50a1e@stroeder.com> <14968333DB238BE93FF00C4C@[192.168.1.39]>
User-agent: Mutt/1.5.21 (2010-09-15)

* Quanah Gibson-Mount <quanah@symas.com> [20181018 09:26]:
> --On Thursday, October 18, 2018 11:10 AM +0200 Michael Ströder
> <michael@stroeder.com> wrote:
> 
> >On 10/18/18 1:41 AM, Quanah Gibson-Mount wrote:
> >>I've had setups with 2-node MMR on the front, and read only consumers. 
> >>It works just fine, as long as any given consumer only points to one
> >>master. Theoretically, it's supposed to work so that consumers can point
> >>to more than one master in an MMR setup, but my experience didn't match
> >>that (<http://www.openldap.org/its/index.cgi/?findid=8373>).
> >
> >There's no config in ITS#8373.
> >But you mention accesslog DB.
> >Does that mean your setup used delta-syncrepl?
> 
> Yes.  It was simply a standard Zimbra MMR deployment.
> 
> >If yes, does that issue also apply to normal syncrepl?
> 
> No idea.  I generally consider "normal" syncrepl unsafe as using it
> can lead to data loss.  I use delta-syncrepl exclusively because of
> this, with a focus on eliminating all scnearios in which it might
> fall back to "normal" syncrepl. (See
> <http://www.openldap.org/its/index.cgi/?findid=8125> for example).
> 
> --Quanah

I'd like to follow up on this discussion, sorry if I've taken so long to reply.

First, I'd like to thank all that have commented so far, much appreciated.

I have a few more questions because some sort of un-easiness about my setup has
crept up in view of the different comments that have been written so far.

Right now I have 2 Debian Stretch 9.5 servers running 2.4.46 from the stretch
backports. Servers are in a MMR setup, using syncrepl for replication (NOT
delta-syncrepl), with a LMDB backend. 

The intent is to use the directory as a users authentication repository for a
100+ workstations-- with what I said above, would such a setup considered safe?
Am I asking for trouble down the road with version 2.4.46? 

Finally, should I rather consider the LTB project for Debian OpenLDAP as been
mentioned in some other threads rather than using the Debian backports?  I'm a
bit reluctant to roll my own packaging from source.

Sorry for the very naive questions, I'm still fairly new to OpenLDAP!

thanks!
jf

> 
> 
> 
> --
> 
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
> 

-- 
Jean-François Malouin           | IT Operations and Infrastructure
McConnell Brain Imaging Centre  | Montreal Neurological Institute
McGill University               | 3801 University St., Room NW119 
Montréal QC, H3A 2B4            | 514.398.8924

Follow-Ups:
- Re: Adding read-only consumers to a Mirror Mode Replication setup?
  - From: Michael Ströder <michael@stroeder.com>

References:
- Adding read-only consumers to a Mirror Mode Replication setup?
  - From: Jean-Francois Malouin <Jean-Francois.Malouin@bic.mni.mcgill.ca>
- Re: Adding read-only consumers to a Mirror Mode Replication setup?
  - From: Quanah Gibson-Mount <quanah@symas.com>
- Re: Adding read-only consumers to a Mirror Mode Replication setup?
  - From: Michael Ströder <michael@stroeder.com>
- Re: Adding read-only consumers to a Mirror Mode Replication setup?
  - From: Quanah Gibson-Mount <quanah@symas.com>

Prev by Date: two subtrees replication
Next by Date: Re: granting write privileges to alternate updatedn
Index(es):
- Chronological
- Thread