[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#3680) Meta failsafe operation
michael.med@r-it.at wrote:
>Full_Name: Michael Med
>Version: 2.2.24
>OS: Solaris 8
>URL:
>Submission from: (NULL) (193.110.28.9)
>
>
>We use openldap as metadirectory for two independent ldap servers.
>simplified setup:
>
># first ldap server
>database meta
>suffix "o=company1,dc=central"
>uri "ldap://srv1/"
># second ldap server
>database meta
>suffix "o=company2,dc=central"
>uri "ldap://srv2/"
>
>Assume there is temporary problem with one of the servers (network
>unavailable).
>After the failed server has become online again new client connections work
>pretty fine but existing connections still do not retry the failed server.
>I would suggest a functionality where failed servers are tried after a
>given timeout.
>
>
It is unclear where the bug currently lies. Back-meta doesn't cache
connections, so if a client gets a LDAP_SERVER_DOWN error, it should be
the client's responsibility to shut down the connection and open a new
one. The issue you mention was present in back-ldap, since it caches
connections, and it was solved when ITS#3217, ITS#3537 were addressed.
Note that all this is being reworked in 2.3, so there is very little
issue in addressing such sort of failover in 2.2, which is
feature-frozen, to provide smart failover to "dumb" clients.
You should clarify what your client's behavior is with respect to target
unavailability. One thing that might be misleading in current 2.2.24
behavior is that if a client attempts an operation (I checked with
search, but the same should apply to other operations) on a connection
that relates to a target that was restarted, back-meta actually returns
error 80 (other) instead of something more descriptive (e.g.
"unavailable"). I'd respond to this issue by correctly returning (52,
unavailable) instead of 80, and leave more sophisticated behavior to 2.3.
I also note that back-meta is a bit oversized fo your aims, you could
use back-ldap, which is known have more nice features than back-meta.
What back-meta uniquely provides is essentially the capability to
broadcast search requests to multiple target, and you're not exploiting
it by using a singl target per instance of back-meta. Back-ldap, in
turn, currently provides the failover capability you're looing for, and
that's being implemented in back-meta for 2.3.
Cheers, p.
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497