[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Replication monitoring
- To: "Torsten Schlabach (Tascel eG)" <tschlabach@tascel.net>
- Subject: Re: Replication monitoring
- From: Andreas Andersson <zreoxx@gmail.com>
- Date: Tue, 25 Jan 2011 22:40:44 +0100
- Cc: openldap-technical@openldap.org
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:subject:mime-version:content-type:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to:x-mailer; bh=+iekSeaD8PNLU6x6kdOzOagLtImXR8pf1RmMSyv0ijM=; b=G45wcsTcyKZVg6/eF6JV4pv+6EIIhGrSlyoGFyILAcp/rIKhUsSJZx7hICYyjJpPxS K6teYMl3AI/tImxK3jFu6b8ARuS6KouDH3MO4I+zU6ZkUimaTtWQgJgZDy6Z9pDWUITo FNPaRxsu5RRczSynGvodVEwLtjgvvTja+0lko=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=subject:mime-version:content-type:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to:x-mailer; b=rhVvmx/OCLBX4c0EDDjMBS+ip/N84oYwwdSoUvmpIz9Z6kSPDVKU/uC7L+Q0Cvvb4P KYeESLtFPutK1mv6uobQrLK/HGwoF2gik3mZwzKSuUU4Q23KQxSdQUHHTtx8TGrnCxF+ N9ERbbwuVbiJtd0UECnhOSJ+OfcB+CFGTecv8=
- In-reply-to: <ec641950e2855de4fcbad232c512b085@imap.tascel.net>
- References: <7AC33588-AE65-48EB-BAC6-DE6E22AF3205@gmail.com> <ec641950e2855de4fcbad232c512b085@imap.tascel.net>
Hi Torsten!
Your servers should be recognized as openldap.
* Check the Environment page if it says "OpenLDAP".
* Click on one of the servers to open the server view page and you should now see two more buttons.
One saying Cache in the middle and replication (to the right).
It would be interesting to know how much CN=Monitor recognize your servers as OpenLDAP because that should be enough to show these options.
Can you fetch monitoring information from base suffix cn=monitor (CN=Monitor fetches statistics from this base suffix) for OpenLDAP.
Yes the documentation can and will be improved until the next release and the buttons are a bit hidden in the server view.
To view replication information you don't need to configure anything more in CN=Monitor than one environment with your servers if you are running on ports 389 and 636 and it allows anonymous access.
In my example I'm using a monitoring user.
CN=Monitor configuration:
<environment>
<name>Test OpenLDAP</name>
<dn>cn=CNMonitor User,dc=domain,dc=com</dn>
<password>secret</password>
<server>
<name>10.0.1.14</name>
</server>
<server>
<name>10.0.1.15</name>
</server>
</environment>
This user is allowed access to both cn=monitor and cn=config suffixes:
# allow onlu rootdn to read the monitor
access to *
by dn.exact="cn=CNMonitor User,dc=domain,dc=com" read
by * none
# enable monitoring
database config
# allow onlu rootdn to read the monitor
access to *
by dn.exact="cn=CNMonitor User,dc=domain,dc=com" read
by * none
Let me know if this helps!
Regards - Andreas
On Jan 25, 2011, at 8:58 PM, Torsten Schlabach (Tascel eG) wrote:
> Hi Andreas!
>
> We must have missed your post a year ago, but thanks a lot for this one.
> As we sometimes experience trouble in our OpenLDAP repication, we do
> appreciate a tool which could visualize the current replication status, as
> seen in the screenshot, so your tool immediately caught me attention and I
> spend an hour to install it today.
>
> I also spent another hour looing at the two PDF guides; just ... sorry if
> I overlooked anything ... I cannot get to the page your are showing in your
> screenshot. I don't have a "Replication" button at all in my options.
>
> We have configured two servers which we can see in the tool. We can do
> queries and we get a nice status page. All fine. But I guess I will have to
> put somewhere in the config the information that those two servers are
> replicating each other, don't I? Just I cannot find any example how to do
> that.
>
> Regards,
> Torsten
>
> On Mon, 24 Jan 2011 18:55:03 +0100, Andreas Andersson <zreoxx@gmail.com>
> wrote:
>> Hi!
>>
>> I posted an announcement here about a year ago about my little LDAP
>> monitoring project CN=Monitor.
>> Asked for feedback and received a lot. Thank you! Some feedback was
>> related to adding replication verification for OpenLDAP so of course I
> gave
>> it a try.
>>
>> Unfortunately I don’t have a large scale OpenLDAP environment to verify
>> this functionality on so I need your help :)
>> Is it working and can it be improved?
>>
>> This is how it works:
>> The contextCSN is verified on all servers within the same environment.
> See
>> attached image.
>>
>> As always… I appreciate all feedback I can get and let me know if you
> have
>> any suggestions on new features or something else that can approve this
>> monitoring application.
>>
>> Project page:
>> http://cnmonitor.sourceforge.net
>>
>> Freshmeat:
>> http://freshmeat.net/projects/cnmonitor
>>
>> Best Regards - Andreas