[Date Prev][Date Next]
Re: OpenLDAP 2.1 High Availability
On Thursday 07 May 2009 05:32:25 Kukkala Prasad wrote:
> Hi All,
> We are planning to configure High Availability for OpenLDAP 2.1 on Linux
Why 2.1? AFAIK, no version of CentOS shipped 2.1 anyway (RHEL3 had 2.0.27.
RHEL4 had 2.2.13, RHEL5 shipped with 2.3.27, but 5.3 now has a relatively
> We are looking at following options and we want to check our understanding
> about corresponding options and looking for your valuable suggestions.
> 1. Using Replica Service
> a. This is not enough because if master machine goes down then LDAP
> updates will not be possible.
You haven't stated all your requirements, but if you require HA for writes,
then this is not a sufficient option.
> 2. Migrating to OpenLDAP2.4
> a. Master-Master solution looks promising but in our current project
> time line it is not possible to migrate.
Why not ? OpenLDAP 2.1 is very old, and not supported any more, same for 2.2,
and 2.3 is effectively end of life.
There are packages of 2.4 available for some versions of RHEL or CentOS.
> 3. Sharing LDAP file system on NFS
> a. After going through the thread
> http://www.openldap.org/lists/openldap-software/200209/msg00256.html it is
> understood that OpenLDAP does not support GFS or NFS.
It could work on GFS, but not concurrently, and GFS requires the same (or
better) infrastructure than a simple HA cluster.
However, I hope this is not the best option you found in researching this.
NFS can't work.
> b. But the thread discussion happened very long back around in 2000 to
> 2002. ????Is that conclusion applicable to OpenLDAP 2.1????
> 4. Hosting LDAP Service on CentOS Cluster Suite
> a. ????Is it possible to configure "Active-Passive" setup using
> CentOS Cluster Suite????
Of course. I have been running OpenLDAP masters on Red Hat Cluster Suite since
2004 on Red Hat Advanced Server 2.1 (with OpenLDAP 2.1.25). I currently have
an active-passive master cluster running RHEL3 with cluster suite, with
OpenLDAP 2.3.42 (will be upgraded to 2.3.43 tonight). It has seen a few
minutes of downtime in the past 3 years (about one minute for each OpenLDAP
upgrade as the service must be migrated twice).
You need some kind of shared storage solution for this (preferably FC SAN, but
iSCSI is an option, and DRBD could do the trick).
> 5. H/W based clustering
> a. We don't know what are the possible solutions in this approach and
> cost incurred. !!!!Please share your ideas.!!!!
> 6. NetApp2020
> a. We have NetApp 2020 Appliance
> http://www.b2net.co.uk/netapp/network_appliance_netapp_fas2020.htm with us.
> ????Does this any way help us????
> 7. Other alternatives
> a. !!!!We need your valuable ideas and suggestions.!!!!
I would probably go for an HA cluster with cluster suite using iSCSI for
shared storage, running 2.3.43 or 2.4.16.
Multi-master might also be an option, but then you *must* 2.4.16 (with patches
from CVS if you use hdb).