On Thu, Sep 28, 2017 at 04:13:46PM +0000, ondra(a)openldap.org wrote:
The 'lloadd' branch linked above contains the load balancer
code that
is now ready for review.
This adds a new server to the OpenLDAP project, a load balancing proxy
(prototype).
To summarise the reasons for this project to exist and highlight its
features, limitations:
- most LDAP load balancers pin a connection to another server and
then just ship data, lloadd can distribute operations from a single
client connection across LDAP servers
- to make the above possible, lloadd sets up connections to the backend
servers on startup and manages them as per configuration (independent
on the clients)
- bind operations are forwarded over dedicated bind connections or using
the VC exop if feature 'vc' is enabled in its config, the designated
identity is then passed on with the operations with proxyauth control
(if feature 'proxyauthz' is enabled)
- it is expected that all backends are indistinguishable (same features,
suffixes, data)
- no SASL bind support yet
- if an operation cannot be processed or forwarded for any reason
(overload, connection loss, ...), it is never re-sent, client will
however still be sent an appropriate result in that case
The lloadd.8 and lloadd.conf.5 manpages are provided, Admin guide and
further documentation will come as the implementation matures.
--
Ondřej Kuzník
Senior Software Engineer
Symas Corporation
http://www.symas.com
Packaged, certified, and supported LDAP solutions powered by OpenLDAP