[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: faked transactions

To: "Howard Chu" <hyc@highlandsun.com>
Subject: Re: faked transactions
From: Nahuel Greco <ngreco@axonsis.com.ar>
Date: Wed, 14 May 2003 10:47:50 -0300
Cc: openldap-software@OpenLDAP.org
In-reply-to: <008a01c319fd$4f95bf20$0e01a8c0@CELLO>
Organization: Axon Sistemas
References: <20030513162324.3429e0b6.ngreco@axonsis.com.ar> <008a01c319fd$4f95bf20$0e01a8c0@CELLO>

On Wed, 14 May 2003 02:43:30 -0700
"Howard Chu" <hyc@highlandsun.com> wrote:

> No. If you could set the clients to automatically retry after a connection
> closes though, then this wouldn't be a problem.
> 

I don't have control over the clients, I can only assure that the clients
will only make reads to the LDAP directory and no writes (but write capability
will be nice). Also I can't know if the clients will follow referrals with no
problems (because that your back-ldap solution sounds nice).

> You could create a proxy server for the clients. The proxy would never break
> its connections to the clients, but could redirect itself to one of the
> slaves whenever the administrator completed a transaction. With the current
> OpenLDAP release you can accomplish this like so:
> 
>   admin --> LDAP Referral Server
> 		regular database:
> 			o=myorg
> 			  ref: ldap://data1:port/o=myorg
> 		LDAP Client Server
> 		back-ldap database
> 		o=myorg
> 			points to LDAP Referral Server
> 		LDAP Data Servers (2 instances)
> 			o=myorg
> 

If I understand the following paragraph, then the previous graph is
wrong, the admin will connect to one of the data servers directly, not 
using the referral server (or connecting to the referal server but
using another DN that the clients). I'm correct?

> clients connect only to back-ldap. Whenever the admin completes a
> transaction, LDAPmodify the referral to point to the updated data server. You
> will need two data servers, data1 and data2. When the master is updating
> data1, the clients will be reading from data2. When the master completes a
> transaction, and toggles the referral, then the clients can read from data1
> and the master can proceed to update data2. Configure both data servers for
> full replication. After the master completes a transaction on data1 and
> toggles the referral, run slurpd in one-shot mode to bring data2 up to date.
> And so on. With the exception of slurpd, no server restarts are needed.
> 

This configurations seems ok, but I have a question: If a client is making
a long search in data2 (via the back-ldap server), and in the middle
of that search you change the referral to point data1, what happens with
that long search? continues on data2 and returns valid data?

Saludos,

Nahuel Greco.

Follow-Ups:
- RE: faked transactions
  - From: "Howard Chu" <hyc@highlandsun.com>

References:
- faked transactions
  - From: Nahuel Greco <ngreco@axonsis.com.ar>
- RE: faked transactions
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: uppercase
Next by Date: RE: Indexing performance
Index(es):
- Chronological
- Thread