Re: Adding read-only consumers to a Mirror Mode Replication setup?
* Quanah Gibson-Mount <quanah(a)symas.com> [20181018 09:26]:
--On Thursday, October 18, 2018 11:10 AM +0200 Michael Ströder
<michael(a)stroeder.com> wrote:
>On 10/18/18 1:41 AM, Quanah Gibson-Mount wrote:
>>I've had setups with 2-node MMR on the front, and read only consumers.
>>It works just fine, as long as any given consumer only points to one
>>master. Theoretically, it's supposed to work so that consumers can point
>>to more than one master in an MMR setup, but my experience didn't match
>>that (<http://www.openldap.org/its/index.cgi/?findid=8373>).
>
>There's no config in ITS#8373.
>But you mention accesslog DB.
>Does that mean your setup used delta-syncrepl?
Yes. It was simply a standard Zimbra MMR deployment.
>If yes, does that issue also apply to normal syncrepl?
No idea. I generally consider "normal" syncrepl unsafe as using it
can lead to data loss. I use delta-syncrepl exclusively because of
this, with a focus on eliminating all scnearios in which it might
fall back to "normal" syncrepl. (See
<http://www.openldap.org/its/index.cgi/?findid=8125> for example).
--Quanah
I'd like to follow up on this discussion, sorry if I've taken so long to reply.
First, I'd like to thank all that have commented so far, much appreciated.
I have a few more questions because some sort of un-easiness about my setup has
crept up in view of the different comments that have been written so far.
Right now I have 2 Debian Stretch 9.5 servers running 2.4.46 from the stretch
backports. Servers are in a MMR setup, using syncrepl for replication (NOT
delta-syncrepl), with a LMDB backend.
The intent is to use the directory as a users authentication repository for a
100+ workstations-- with what I said above, would such a setup considered safe?
Am I asking for trouble down the road with version 2.4.46?
Finally, should I rather consider the LTB project for Debian OpenLDAP as been
mentioned in some other threads rather than using the Debian backports? I'm a
bit reluctant to roll my own packaging from source.
Sorry for the very naive questions, I'm still fairly new to OpenLDAP!
thanks!
jf
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
--
Jean-François Malouin | IT Operations and Infrastructure
McConnell Brain Imaging Centre | Montreal Neurological Institute
McGill University | 3801 University St., Room NW119
Montréal QC, H3A 2B4 | 514.398.8924