[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Openldap in container advice, how have you done it?

To: Marc Roos <M.Roos@f1-outsourcing.eu>
Subject: Re: Openldap in container advice, how have you done it?
From: Ryan Tandy <ryan@nardis.ca>
Date: Sat, 10 Aug 2019 11:00:31 -0700
Cc: openldap-technical <openldap-technical@openldap.org>
Content-disposition: inline
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nardis.ca; s=google; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-disposition:in-reply-to:user-agent; bh=usPh+ktD3QTgnQsxTvhxscuDX/v2XZcHCOyWNbF/MBk=; b=dDrCB1IVhiStjN2hTfgr3udM47MZPijQpJjBXDUmtmeCELm8jcZlaLrg/4y0TvcXv2 XGu0EnHe/kQYWZgAbeNSSXtRFKavmgJOr55rQMJBSShGNIsDtfIRJK6rQrdPjP7WVcA0 +9xM9ZL48Ul1FS3HMD/XpYgEAGI4O9m3dApq0=
In-reply-to: <"H00000710014b844.1565393021.sx.f1-outsourcing.eu*"@MHS>
Mail-followup-to: Marc Roos <M.Roos@f1-outsourcing.eu>, openldap-technical <openldap-technical@openldap.org>
References: <"H00000710014b844.1565393021.sx.f1-outsourcing.eu*"@MHS>
User-agent: Mutt/1.10.1 (2018-07-13)

On Sat, Aug 10, 2019 at 01:23:41AM +0200, Marc Roos wrote:

- updating of a newly spawned slapd instance
When the new task is launched, it is not up to date with its database,
can I prevent connections to the slapd until it is fully synced?

This is not implemented at this time. See ITS#7616<https://openldap.org/its/?findid=7616>.

- to prevent lots of records syncing
Can I just copy the data of /var/lib/ldap of any running instance to the
container default image?

Maybe, if they are all running identical software and configuration. Themore robust way to do it is slapcat the database on a known-good system,and slapadd it on the new one you're bringing up. In current versions itis safe to use slapcat (but not slapadd) while slapd is running.

- doing some /var/lib/ldap cleanup
I am cleaning with db_checkpoint -1 -h /var/lib/ldap, and db_archive -d.
Is there an option slapd can initiate this?


See <https://www.openldap.org/doc/admin24/maintenance.html>.

Checkpointing can be configured using the 'checkpoint' directive (withslapd.conf, olcDbCheckpoint with slapd-config).

The DB_CONFIG flag DB_LOG_AUTOREMOVE causes transaction logs to becleaned up automatically.

But please consider migrating to the LMDB backend, which does notrequire any such maintenance.

Follow-Ups:
- RE: Openldap in container advice, how have you done it?
  - From: "Marc Roos" <M.Roos@f1-outsourcing.eu>

References:
- Openldap in container advice, how have you done it?
  - From: "Marc Roos" <M.Roos@f1-outsourcing.eu>

Prev by Date: Re: Openldap in container advice, how have you done it?
Next by Date: Re: How can I run slapd in foreground
Index(es):
- Chronological
- Thread