Date: Tue, 20 Sep 2011 13:02:47 +0200 From: Rafael NAVAZA <rnavaza@hotmail.com> To: <freebsd-questions@freebsd.org> Subject: RE: OpenLDAP + CARP Message-ID: <DUB102-W57786E3DD32C6528A794D0BE0A0@phx.gbl> In-Reply-To: <4E784905.1080007@infracaninophile.co.uk> References: <DUB102-W60312A9A530D84FC783777BE0B0@phx.gbl>, <4E784905.1080007@infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Thank you for the reply Matthew. I'm indeed using the built in=20 failover capability of LDAP clients. It works just fine when the first=20 LDAP server is powered off=2C but it does not work that well when slapd=20 becomes a zombi ( because the clients take about 1 min to try the second LDAP server=2C for each request=2C every time ... ) It is for that reason I'm interested in building a HA cluster for OpenLDAP. I'm currently using the single-master replication and I will certainly move to a mirrormode or a n-way multimaster replication schema (as long as=20 the multimaster is used with CARP=2C this mode is equivalent to a=20 mirrormode with more than 2 replicas=2C isn't it ?). As far as I=20 know CARP will not check if the slapd is running correctly=3B that could=20 be a problem if the CARP Master has a failing slapd. Do I have to=20 monitor slapd with a third party software (like Monit) ? Can I configure CARP and OpenLDAP to watch each other more closely ? Rafael. > Date: Tue=2C 20 Sep 2011 09:04:21 +0100 > From: m.seaman@infracaninophile.co.uk > To: rnavaza@hotmail.com > CC: freebsd-questions@freebsd.org > Subject: Re: OpenLDAP + CARP >=20 > On 19/09/2011 15:54=2C Rafael NAVAZA wrote: > > Is there a way to setup an OpenLDAP HA cluster (intersite multimaster) = with CARP on FreeBSD ? >=20 > Hmmm... So long as both the LDAP servers are on the same network > segment=2C and so long as they have separate addresses for their > replication channel=2C then I can't see why that wouldn't work. >=20 > However=2C LDAP=2C by its nature has a failover capability built in. You > can just list several LDAP servers in your ldap.conf and each will be > tried in turn until you get an answer. Or put a comma separated list of > several servers into a ldap:/// or ldaps:/// style URI. >=20 > There's also a way you can use SRV records with LDAP -- that gives you > weighted load distribution over a number of servers. See RFC 3088. > Note that not all LDAP clients support this=2C and its still only an > experimental service. >=20 > Cheers=2C >=20 > Matthew >=20 > --=20 > Dr Matthew J Seaman MA=2C D.Phil. 7 Priory Courtyard > Flat 3 > PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate > JID: matthew@infracaninophile.co.uk Kent=2C CT11 9PW >=20 =
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DUB102-W57786E3DD32C6528A794D0BE0A0>