Sorry, but currently I strongly not recommended multi-master. We have a big troubles in the same case, but most high load.
I am currently working on the two major issues: - syncrepl seems unreliable, survives no more than 3-5 min under a stress test (ITS#7968). - fix of ITS#7904 does not affect syncrepl, thereby MDB_MAP_FULL may occur in case of LMDB backed (no ITS now).
But another couple seem be forever: - replication is significantly slowdown if are more than 3 nodes. - replication may never be completed until all ldap-write activities are stopped.
More over, just RTFM http://www.openldap.org/doc/admin24/guide.html 18.2.2.3. Arguments against Multi-Master replication - If connectivity with a provider is lost because of a network partition, then "automatic failover" can just compound the problem. - Typically, a particular machine cannot distinguish between losing contact with a peer because that peer crashed, or because the network link has failed. - If a network is partitioned and multiple clients start writing to each of the "masters" then reconciliation will be a pain; it may be best to simply deny writes to the clients that are partitioned from the single provider.
Leonid.
2014-10-17 20:23 GMT+04:00 Clément OUDOT clem.oudot@gmail.com:
Hi,
I need to set up a backup OpenLDAP cluster and I am looking for advices on the best solutions to achieve it.
The situation is:
- A mirror mode cluster on one geographical site
- A mirror mode cluster on another geographical site (backup site)
- I would prefer not to impact configuration of main cluster
- I think that full multi-master on different geographical site is not the
best solution (but maybe I am totally wrong on this point)
The backup site must be in sync with the main site.
Here are my two ideas:
- Configure a syncrepl client to main cluster on each node of the backup
cluster. Question is: will not be conflicts as each node of the backup cluster is already synced with the other backup node?
- Configure a LDAP proxy (back-ldap) to backup cluster, with syncrepl client
to main cluster. But would back-ldap be able to write operational attributes to backup cluster?
I imagine that some of you already have such needs, could you share your experience?
Thanks,
Clément.