[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Seeking comments on replication
I've inherited an OpenLDAP installation (2.0.25), and I'm seeking comments
as to whether the replication setup makes any sense, or whether it can be
improved.
We have branches in several countries - USA, Thailand, Singapore,
Indonesia, and Malaysia (head office is in Australia). Each of these
is in a separate directory, mastered by that region and replicated
everywhere else (with a top-level one to tie them together). Thus
we have, for example, something like this in slapd.conf (just the
highlights):
database ldbm
directory /usr/local/openldap-ldbm/au
replogfile /usr/local/etc/openldap/replog/log
replica host=ldap2.au.cordoors.com:389
replica host=ldap.my.cordoors.com:389
replica host=ldap.us.cordoors.com:389
replica host=ldap.id.cordoors.com:389
database ldbm
directory /usr/local/openldap-ldbm/my
replogfile /usr/local/etc/openldap/replog/log
replica host=ldap2.au.cordoors.com:3089
replica host=ldap.us.cordoors.com:3089
updatedn "cn=ModMan,dc=my,dc=cordoors,dc=com"
updateref ldaps://ldap.my.cordoors.com:636
database ldbm
directory /usr/local/openldap-ldbm/id
replogfile /usr/local/etc/openldap/replog/log
replica host=ldap2.au.cordoors.com:3090
replica host=ldap.us.cordoors.com:3090
updatedn "cn=ModMan,dc=id,dc=cordoors,dc=com"
updateref ldaps://ldap.id.cordoors.com:636
And so on. Soemthing that may not be evident in the above is that we
do a lot of replica chaining e.g. Thailand replicates to Malaysia which
replicates in turn to Australia which replicates to USA and a backup. It
seems to be crying out for a working multi-master setup, but let's not
go down that track just yet.
Note in particular the "port" of 3089 etc; it's not a port, but something
to make a unique entry in the slurpd.status file. The slurpd source was
modified to hard-wire port 389 (not by me, remember) and in my view
having to modify source is a sure sign we're doing something wrong...
So, I guess my question is, does this setup make sense, or is there a
better way?
--
Dave Horsfall DTM VK2KFU daveh@ci.com.au Ph: +61 2 9906-4333