Ghyslain Tissot wrote:
Hello, We are looking for input on how to upgrade openLDAP from 2.2 to 2.3. We have looked and it seems the only documented way to upgrade is by unloading and reloading the data which is very time consuming (approx. 8-10 hours). Since this is a production system it is not adequate. What options are available?
You should realize that you're moving from one unsupported release to another unsupported release, both have been obsoleted by OpenLDAP 2.4 for a number of years already.
To give more more background:
- there are currently approximately 7M entries in the LDAP;
- we are migrating to a new server with a new version of openLDAP (dependant
on RHEL version - previously RHEL 4 now RHEL 5);
- we tried the option creating a staging server with 2.2 and importing on the
new system (v2.3) the extracted data on the new system. Then we activated replication (SLURPD) between the two and tried updating the staging server with the transaction logs of production hoping the data would then replicate to the new system. But that does not work.
Despite slurpd's many flaws, this approach should have worked fine. Since you provide no details, there's no way to tell what went wrong. But in the meantime, slurpd is also obsolete and no longer supported.
Any ideas on how it can be done with minimal impact to the current LDAP and reducing the outage period?
The outage period should only last as long as it takes to run slapcat on your current server. I would go one step further: edit your 2.2 slapd.conf and turn on read-only mode - then your outage for servicing reads is only as long as it takes to restart the server. Once the server is in read-only mode you can run slapcat while slapd is running so there's no further service impact.
Loading on the new server, read the new slapadd(8) manpage, look at using the -q option.
Do yourself a favor and use OpenLDAP 2.4. Questions about 2.3 or older will be ignored by the Project.