[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Syncrepl and mmr



Hi John,

SIDs (server IDs) must be unique across servers.

RIDs (replication IDs) must be unique inside a single server.

So the answer to your question is essentially "no".

If you email me your full cn=config db bits from both servers (minus passwords), there's some cleanup on them I can send back.

The serverID: 1 <URI> bit is only necessary if you are doing cn=config replication, which you are not doing. If you are going to use the <#> <URI> form, then the <URI> must EXACTLY MATCH the arguments slapd is being started with.

Personally, since I do not do cn=config replication, and the URIs are customizable by customers, I go with the much simpler:

olcServerID: <#>

form. Then each server only has a single value for olcServerID, which is its specific serverID. This way I never have to worry that MMR replication is going to get mesed up because of URI changes.

--Quanah

--On Tuesday, February 18, 2014 10:09 AM -0500 "Borresen, John - 0442 - MITLL" <John.Borresen@ll.mit.edu> wrote:

All,

The long weekend didn't help...still at a loss.  Question...

If the olcServerIDs look like, on all three servers:

olcServerID: 1 ldap://mm-server1.example.ldap
olcServerID: 2 ldap://mm-server2.example.ldap
olcServerID: 3 ldap://mm-server3.example.ldap

Should the Replica IDs (rid) in the olcSycnrepl directive be:

olcSyncrepl: {0} rid=001 provider=mm-server1.example.ldap
bindmethod=simple binddn="cn=ldapadmin,dc=group42,dc=ldap"
credentials=<password> interval=01:00:00:00
searchbase="dc=example,dc=ldap" logbase="cn=accesslog" schemachecking=on
type=refreshAndPersist retry="60 +" filter="(objectClass=*)" attrs=*,+"
syncdata=accesslog starttls=no olcSyncrepl: {1} rid=002
provider=mm-server2.example.ldap bindmethod=simple
binddn="cn=ldapadmin,dc=group42,dc=ldap" credentials=<password>
interval=01:00:00:00 searchbase="dc=example,dc=ldap"
logbase="cn=accesslog" schemachecking=on type=refreshAndPersist retry="60
+" filter="(objectClass=*)" attrs=*,+" syncdata=accesslog starttls=no
olcSyncrepl: {0} rid=003 provider=mm-server3.example.ldap
bindmethod=simple binddn="cn=ldapadmin,dc=group42,dc=ldap"
credentials=<password> interval=01:00:00:00
searchbase="dc=example,dc=ldap" logbase="cn=accesslog" schemachecking=on
type=refreshAndPersist retry="60 +" filter="(objectClass=*)" attrs=*,+"
syncdata=accesslog starttls=no

OR

olcSyncrepl: {0} rid=1 provider=mm-server1.example.ldap bindmethod=simple
binddn="cn=ldapadmin,dc=group42,dc=ldap" credentials=<password>
interval=01:00:00:00 searchbase="dc=example,dc=ldap"
logbase="cn=accesslog" schemachecking=on type=refreshAndPersist retry="60
+" filter="(objectClass=*)" attrs=*,+" syncdata=accesslog starttls=no
olcSyncrepl: {1} rid=2 provider=mm-server2.example.ldap bindmethod=simple
binddn="cn=ldapadmin,dc=group42,dc=ldap" credentials=<password>
interval=01:00:00:00 searchbase="dc=example,dc=ldap"
logbase="cn=accesslog" schemachecking=on type=refreshAndPersist retry="60
+" filter="(objectClass=*)" attrs=*,+" syncdata=accesslog starttls=no
olcSyncrepl: {0} rid=3 provider=mm-server3.example.ldap bindmethod=simple
binddn="cn=ldapadmin,dc=group42,dc=ldap" credentials=<password>
interval=01:00:00:00 searchbase="dc=example,dc=ldap"
logbase="cn=accesslog" schemachecking=on type=refreshAndPersist retry="60
+" filter="(objectClass=*)" attrs=*,+" syncdata=accesslog starttls=no

OR

Does it matter?

Also, should the all three olcSycrepl directives be loaded on all three
servers so they look identical.  What I mean by that is should each
Server "replicate" to itself?  There is confusion on this matter.  I
asked Quanah that back in late January, and he stated that the system
knows about itself so it knows what to ignore.  Then last week, he asked
why I had the master replicating to itself.

Also, since I have refreshAndPersist configured do I need an interval as
well?

Thanks in advance,

John

-----Original Message-----
From: openldap-technical-bounces@OpenLDAP.org
[mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Borresen,
John - 0442 - MITLL Sent: Friday, February 14, 2014 4:28 PM
To: Quanah Gibson-Mount; openldap-technical@openldap.org
Subject: RE: Syncrepl and mmr

All,

I just created an mm-server3, using the config_dbase and main_dbase from
mm-server2 -- copied the ldif's I created from mm-server2 then ran
slapadd.

On mm-server3:
olcServerID: 1 ldap://mm-server1.example.ldap
olcServerID: 2 ldap://mm-server2.example.ldap
olcServerID: 3 ldap://mm-server3.example.ldap

olcSyncrepl: {0} rid=001 provider=mm-server1.example.ldap
bindmethod=simple binddn="cn=ldapadmin,dc=group42,dc=ldap"
credentials=<password> interval=01:00:00:00
searchbase="dc=example,dc=ldap" logbase="cn=accesslog" schemachecking=on
type=refreshAndPersist retry="60 +" filter="(objectClass=*)" attrs=*,+"
syncdata=accesslog starttls=no olcSyncrepl: {1} rid=002
provider=mm-server2.example.ldap bindmethod=simple
binddn="cn=ldapadmin,dc=group42,dc=ldap" credentials=<password>
interval=01:00:00:00 searchbase="dc=example,dc=ldap"
logbase="cn=accesslog" schemachecking=on type=refreshAndPersist retry="60
+" filter="(objectClass=*)" attrs=*,+" syncdata=accesslog starttls=no
olcSyncrepl: {0} rid=003 provider=mm-server3.example.ldap
bindmethod=simple binddn="cn=ldapadmin,dc=group42,dc=ldap"
credentials=<password> interval=01:00:00:00
searchbase="dc=example,dc=ldap" logbase="cn=accesslog" schemachecking=on
type=refreshAndPersist retry="60 +" filter="(objectClass=*)" attrs=*,+"
syncdata=accesslog starttls=no

Started slapd, no errors.  It immediately sync'd up with mm-server1!
Changes that I made on mm-server1 days ago which have never replicated
over to mm-server2...replicated to mm-server3 immediately on startup.

I had not even got around to adding mm-server3 to mm-server1 (or
mm-server2) yet.

The olcServerIDs and olcSyncrepl on both mm-server1 and 2 show:
olcServerID: 1 ldap://mm-server1.example.ldap
olcServerID: 2 ldap://mm-server2.example.ldap

olcSyncrepl: {0} rid=001 provider=mm-server1.example.ldap
bindmethod=simple binddn="cn=ldapadmin,dc=group42,dc=ldap"
credentials=<password> interval=01:00:00:00
searchbase="dc=example,dc=ldap" logbase="cn=accesslog" schemachecking=on
type=refreshAndPersist retry="60 +" filter="(objectClass=*)" attrs=*,+"
syncdata=accesslog starttls=no olcSyncrepl: {1} rid=002
provider=mm-server2.example.ldap bindmethod=simple
binddn="cn=ldapadmin,dc=group42,dc=ldap" credentials=<password>
interval=01:00:00:00 searchbase="dc=example,dc=ldap"
logbase="cn=accesslog" schemachecking=on type=refreshAndPersist retry="60
+" filter="(objectClass=*)" attrs=*,+" syncdata=accesslog starttls=no

So...now, I am at even more of a loss.  Why would mm-server1 be
replicating to mm-server3 and not 2?  When the configs are the same
between mm-server2 and 3???



Thanks in advance...
John


-----Original Message-----
From: openldap-technical-bounces@OpenLDAP.org
[mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Borresen,
John - 0442 - MITLL Sent: Friday, February 14, 2014 1:34 PM
To: Quanah Gibson-Mount; openldap-technical@openldap.org
Subject: RE: Syncrepl and mmr

All,

If I went off the beaten' path...where did I go wrong?   (my config and
error messages are in a previous posting)

Thanks in advance,
John

-----Original Message-----
From: openldap-technical-bounces@OpenLDAP.org
[mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Borresen,
John - 0442 - MITLL Sent: Friday, February 14, 2014 8:40 AM
To: Quanah Gibson-Mount; openldap-technical@openldap.org
Subject: RE: Syncrepl and mmr

Thanks Quanah,

A few weeks back I asked that question (on 1/30):
All Masters in the chain have the olcServerID's and olcSynRepl for
itself and its partner?  I can understand having each knowing about
the others but why itself?  It's replicating to itself?
-You replied
-It knows about itself so it knows what to ignore.

Even in the Admin Guide is specifies setting it up that way...each server
has all the others and itself listed. I was following the procedures
delineated in the Admin Guide and in the man-pages (including how I
understood what was put out on the board): From the Admin Guide:
8.3.3. N-Way Multi-Master

For the following example we will be using 3 Master nodes. Keeping in
line with test050-syncrepl-multimaster of the OpenLDAP test suite, we
will be configuring slapd(8) via cn=config

This sets up the config database:

     dn: cn=config
     objectClass: olcGlobal
     cn: config
     olcServerID: 1

     dn: olcDatabase={0}config,cn=config
     objectClass: olcDatabaseConfig
     olcDatabase: {0}config
     olcRootPW: secret

second and third servers will have a different olcServerID obviously:

     dn: cn=config
     objectClass: olcGlobal
     cn: config
     olcServerID: 2

     dn: olcDatabase={0}config,cn=config
     objectClass: olcDatabaseConfig
     olcDatabase: {0}config
     olcRootPW: secret

This sets up syncrepl as a provider (since these are all masters):

     dn: cn=module,cn=config
     objectClass: olcModuleList
     cn: module
     olcModulePath: /usr/local/libexec/openldap
     olcModuleLoad: syncprov.la

Now we setup the first Master Node (replace $URI1, $URI2 and $URI3 etc.
with your actual ldap urls):

     dn: cn=config
     changetype: modify
     replace: olcServerID
     olcServerID: 1 $URI1
     olcServerID: 2 $URI2
     olcServerID: 3 $URI3

     dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config
     changetype: add
     objectClass: olcOverlayConfig
     objectClass: olcSyncProvConfig
     olcOverlay: syncprov

     dn: olcDatabase={0}config,cn=config
     changetype: modify
     add: olcSyncRepl
     olcSyncRepl: rid=001 provider=$URI1 binddn="cn=config"
bindmethod=simple        credentials=secret searchbase="cn=config"
type=refreshAndPersist        retry="5 5 300 5" timeout=1
     olcSyncRepl: rid=002 provider=$URI2 binddn="cn=config"
bindmethod=simple        credentials=secret searchbase="cn=config"
type=refreshAndPersist        retry="5 5 300 5" timeout=1
     olcSyncRepl: rid=003 provider=$URI3 binddn="cn=config"
bindmethod=simple        credentials=secret searchbase="cn=config"
type=refreshAndPersist        retry="5 5 300 5" timeout=1
     -
     add: olcMirrorMode
     olcMirrorMode: TRUE

I followed what is put in the Admin Guide, etc...

Thanks

-----Original Message-----
From: openldap-technical-bounces@OpenLDAP.org
[mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Quanah
Gibson-Mount Sent: Thursday, February 13, 2014 1:57 PM
To: Borresen, John - 0442 - MITLL; openldap-technical@openldap.org
Subject: Re: Syncrepl and mmr

--On Thursday, February 13, 2014 10:54 AM -0500 "Borresen, John - 0442 -
MITLL" <John.Borresen@ll.mit.edu> wrote:

All,

Your configuration is very confused.  Why do you have the master
replicate to itself, for example?

--Quanah


--

Quanah Gibson-Mount
Architect - Server
Zimbra, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration







--

Quanah Gibson-Mount
Architect - Server
Zimbra, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration