Re: OpenLDAP 2.1 High Availability
On Thursday 07 May 2009 05:32:25 Kukkala Prasad wrote:
Hi All,
We are planning to configure High Availability for OpenLDAP 2.1 on Linux
CentOS.
Why 2.1? AFAIK, no version of CentOS shipped 2.1 anyway (RHEL3 had 2.0.27.
RHEL4 had 2.2.13, RHEL5 shipped with 2.3.27, but 5.3 now has a relatively
decent 2.3.43).
We are looking at following options and we want to check our
understanding
about corresponding options and looking for your valuable suggestions.
1. Using Replica Service
a. This is not enough because if master machine goes down then LDAP
updates will not be possible.
You haven't stated all your requirements, but if you require HA for writes,
then this is not a sufficient option.
2. Migrating to OpenLDAP2.4
a. Master-Master solution looks promising but in our current project
time line it is not possible to migrate.
Why not ? OpenLDAP 2.1 is very old, and not supported any more, same for 2.2,
and 2.3 is effectively end of life.
There are packages of 2.4 available for some versions of RHEL or CentOS.
3. Sharing LDAP file system on NFS
a. After going through the thread
http://www.openldap.org/lists/openldap-software/200209/msg00256.html it is
understood that OpenLDAP does not support GFS or NFS.
It could work on GFS, but not concurrently, and GFS requires the same (or
better) infrastructure than a simple HA cluster.
However, I hope this is not the best option you found in researching this.
NFS can't work.
b. But the thread discussion happened very long back around in
2000 to
2002. ????Is that conclusion applicable to OpenLDAP 2.1????
4. Hosting LDAP Service on CentOS Cluster Suite
a. ????Is it possible to configure "Active-Passive" setup using
CentOS Cluster Suite????
Of course. I have been running OpenLDAP masters on Red Hat Cluster Suite since
2004 on Red Hat Advanced Server 2.1 (with OpenLDAP 2.1.25). I currently have
an active-passive master cluster running RHEL3 with cluster suite, with
OpenLDAP 2.3.42 (will be upgraded to 2.3.43 tonight). It has seen a few
minutes of downtime in the past 3 years (about one minute for each OpenLDAP
upgrade as the service must be migrated twice).
You need some kind of shared storage solution for this (preferably FC SAN, but
iSCSI is an option, and DRBD could do the trick).
5. H/W based clustering
a. We don't know what are the possible solutions in this approach and
cost incurred. !!!!Please share your ideas.!!!!
6. NetApp2020
a. We have NetApp 2020 Appliance
http://www.b2net.co.uk/netapp/network_appliance_netapp_fas2020.htm with us.
????Does this any way help us????
7. Other alternatives
a. !!!!We need your valuable ideas and suggestions.!!!!
I would probably go for an HA cluster with cluster suite using iSCSI for
shared storage, running 2.3.43 or 2.4.16.
Multi-master might also be an option, but then you *must* 2.4.16 (with patches
from CVS if you use hdb).
Regards,
Buchan