Hello,
I've been running a multi master configuration without any problem for
years. This running servers are running in 5 ubuntu 14.04 servers with
openldap 2.4.43.
The configuration is:
dn: olcDatabase={3}mdb,cn=config
...
olcSyncrepl: {0}rid=31 provider=ldap://canis31.um.es binddn=<repl user
dn> bindmethod=simple credentials=XXXXXXX searc
hbase=dc=Telematica type=refreshAndPersist retry="300 +" timeout=1
olcSyncrepl: {1}rid=32 provider=ldap://canis32.um.es binddn=<repl user
dn> bindmethod=simple credentials=XXXXXXX searc
hbase=dc=Telematica type=refreshAndPersist retry="300 +" timeout=1
olcSyncrepl: {2}rid=33 provider=ldap://canis33.um.es binddn=<repl user
dn> bindmethod=simple credentials=XXXXXXX searc
hbase=dc=Telematica type=refreshAndPersist retry="300 +" timeout=1
olcSyncrepl: {3}rid=34 provider=ldap://canis34.um.es binddn=<repl user
dn> bindmethod=simple credentials=XXXXXXX searc
hbase=dc=Telematica type=refreshAndPersist retry="300 +" timeout=1
dn: olcOverlay={0}dynlist,olcDatabase={3}mdb,cn=config
objectClass: olcDynamicList
objectClass: olcOverlayConfig
objectClass: olcConfig
olcOverlay: {0}dynlist
olcDlAttrSet: {0}labeledURIObject labeledURI
dn: olcOverlay={1}ppolicy,olcDatabase={3}mdb,cn=config
objectClass: olcPPolicyConfig
objectClass: olcOverlayConfig
objectClass: olcConfig
olcOverlay: {1}ppolicy
olcPPolicyDefault: cn=default,ou=policies,dc=Telematica
dn: olcOverlay={2}syncprov,olcDatabase={3}mdb,cn=config
objectClass: olcSyncProvConfig
objectClass: olcOverlayConfig
objectClass: olcConfig
olcOverlay: {2}syncprov
olcSpCheckpoint: 100 10
olcSpSessionlog: 100
where each server has 4 olcSyncrepl attributes pointing to the other
servers.
I had no problem with this configuration for years
Now I'm deploying an update of these servers in a new ubuntu 18.04
server with openldap 2.4.47. In order to synchronize entries between
them, I have linked this new server to one of the other (and this one to
the new one).
Configuration in the new one (named canis41) is:
dn: olcDatabase={3}mdb,cn=config
...
olcSyncrepl: {0}rid=39 provider=ldap://canis39.um.es binddn=<repl user
dn> bindmethod=simple credentials=XXXXXXXX searc
hbase=dc=Telematica type=refreshAndPersist retry="60 +" timeout=1
schemache
cking=off scope=sub
olcSyncrepl: {1}rid=42 provider=ldap://canis42.um.es binddn=<repl user
dn> bindmethod=simple credentials=XXXXXXXX searc
hbase=dc=Telematica type=refreshAndPersist retry="30 +" timeout=1
logbase="
cn=log" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))"
schemaCh
ecking=on syncdata=accesslog exattrs="pwdFailureTime"
dn: olcOverlay={0}syncprov,olcDatabase={3}mdb,cn=config
objectClass: olcSyncProvConfig
objectClass: olcOverlayConfig
objectClass: olcConfig
olcOverlay: {0}syncprov
olcSpCheckpoint: 100 10
olcSpSessionlog: 100
dn: olcOverlay={1}ppolicy,olcDatabase={3}mdb,cn=config
objectClass: olcPPolicyConfig
objectClass: olcOverlayConfig
objectClass: olcConfig
olcOverlay: {1}ppolicy
olcPPolicyDefault: cn=default,ou=policies,dc=Telematica
dn: olcOverlay={2}dynlist,olcDatabase={3}mdb,cn=config
objectClass: olcDynamicList
objectClass: olcOverlayConfig
objectClass: olcConfig
olcOverlay: {2}dynlist
olcDlAttrSet: {0}labeledURIObject labeledURI
where canis39 is one the former servers and canis42 is a new server too
synchronizing just with canis41.
My problem is that synchronization is working, but sometimes
modifications done in the canis3x farm are delayed a lot of time until
they are replicated to the new one (sometimes in the order of 40-60
minutes).
I'm logging sync logs, but I haven't found much information about these
logs. Is there any way to debug it? How?
--
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información
y las Comunicaciones Aplicadas (ATICA)
http://www.um.es/atica
Tfo: 868889150
Fax: 868888337