[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
readonly replica configuration
Howdy... I'm trying to implement a read-only replica and for some reason
I can't get it to actually be "read only"!
Some questions:
* Is support for the "readonly" attribute actually implemented? In
the slapd source I see it getting evaluated in config.c, but no
mention of it seems to exist where it really matters, which (I
think) would be modify.c
* If it isn't implemented, then how does one properly implement
single-master replication scenarios?
* Assuming there is a satisfactory answer to the above, what is the
correct way for the replica server to "point" to the master as the
place where write requests are handled? The only obvious option
that I can see is the global "referral" parameter, but somehow this
doesn't seem right.
Background:
Servers:
M - master, rw
R - replica, ro
I have replication set up and working (i.e. writes make to M get
replicated to R). Below is the config file for R. As you can see,
'readonly' is set to 'on' and I have the default referral pointing to M
(as best I know how). My understanding is that when a client attempts a
write to R, R is supposed to send back an LDAP_UNWILLING_TO_PERFORM
result code and a referral to the read-write master (M). The client is
supposed to follow take head and submit the request directly to the
master. Various sources (e.g. Howes et al, "Understanding and Deploying
LDAP...") seem to suggest that this configuration is standard stuff.
With this configuration, though, I'm finding that R is still writeable
(i.e. "readonly" doesn't seem to affect anything). That being the case,
of course, R has no need to refer the request elsewhere. :-(
Can this be done with OpenLDAP in its current state? If not, then what
sort of configuration is recommended instead?
Last details: I'm running OpenLDAP v1.2.10 on FreeBSD 4-stable.
Thanks much!
Charles
R's config file:
include /usr/local/etc/openldap/slapd.at.conf
include /usr/local/etc/openldap/slapd.at.local
include /usr/local/etc/openldap/slapd.oc.conf
include /usr/local/etc/openldap/slapd.oc.local
schemacheck off
# Note, for this test, 'M' is running on same host, at port 9010
referral ldap://localhost:9010
pidfile /var/run/slapd2.pid
argsfile /var/run/slapd2.args
database ldbm
suffix "dc=enc, dc=edu"
directory /var/ldap/db2
readonly on
cachesize 200000
dbcachesize 1500000
rootdn "cn=BigGuy, dc=enc, dc=edu"
rootpw {crypt}blahblah
updatedn "cn=BigGuy, dc=enc, dc=edu"
# index defs....
--
-------------------------------------------------------------------------
Charles N. Owens Email: owensc@enc.edu
http://www.enc.edu/~owensc
Network & Systems Administrator
Information Technology Services "Outside of a dog, a book is a man's
Eastern Nazarene College best friend. Inside of a dog it's
too dark to read." - Groucho Marx
-------------------------------------------------------------------------