OpenLDAP + CARP
rnavaza at hotmail.com
Tue Sep 20 11:02:49 UTC 2011
Thank you for the reply Matthew.
I'm indeed using the built in
failover capability of LDAP clients. It works just fine when the first
LDAP server is powered off, but it does not work that well when slapd
becomes a zombi ( because the clients take about 1 min to try the second
LDAP server, for each request, every time ... )
It is for that reason I'm interested in building a HA cluster for OpenLDAP.
currently using the single-master replication and I will certainly move
to a mirrormode or a n-way multimaster replication schema (as long as
the multimaster is used with CARP, this mode is equivalent to a
mirrormode with more than 2 replicas, isn't it ?).
As far as I
know CARP will not check if the slapd is running correctly; that could
be a problem if the CARP Master has a failing slapd. Do I have to
monitor slapd with a third party software (like Monit) ? Can I configure
CARP and OpenLDAP to watch each other more closely ?
> Date: Tue, 20 Sep 2011 09:04:21 +0100
> From: m.seaman at infracaninophile.co.uk
> To: rnavaza at hotmail.com
> CC: freebsd-questions at freebsd.org
> Subject: Re: OpenLDAP + CARP
> On 19/09/2011 15:54, Rafael NAVAZA wrote:
> > Is there a way to setup an OpenLDAP HA cluster (intersite multimaster) with CARP on FreeBSD ?
> Hmmm... So long as both the LDAP servers are on the same network
> segment, and so long as they have separate addresses for their
> replication channel, then I can't see why that wouldn't work.
> However, LDAP, by its nature has a failover capability built in. You
> can just list several LDAP servers in your ldap.conf and each will be
> tried in turn until you get an answer. Or put a comma separated list of
> several servers into a ldap:/// or ldaps:/// style URI.
> There's also a way you can use SRV records with LDAP -- that gives you
> weighted load distribution over a number of servers. See RFC 3088.
> Note that not all LDAP clients support this, and its still only an
> experimental service.
> Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
> Flat 3
> PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
> JID: matthew at infracaninophile.co.uk Kent, CT11 9PW
More information about the freebsd-questions