Mark Cairney wrote:
Hi,
Has anyone experienced problems with the cn=config directory syncing the same change across all nodes and breaking the configuration?
In the past I've had problems where the syncrepl parameters are synced
across all nodes, including that node itself, which results in the servers then trying to sync with themselves.
The most recent problem however was that the olcSaslHost value was synced to
be one particular server on all 3 nodes. As I was using GSSAPI to do the replication this broke it completely and it meant that I could only bind via GSSAPI to one of the 3 servers.
In the meantime I've set the servers not to syncrepl cn=config but this isn't ideal.
Anyone else on the list had similar problems?
The potential for royally screwing things up has been discussed on the -devel list from time to time. The use of serverIDs and explicit URL matching was introduced to prevent consumers pointing at themselves, that's already documented.
For other settings, it's probably best to add some excluded attributes to your consumer configs.
And of course, turning off multimaster replication of cn=config is always a good possibility. Nobody said you *had* to do it. We only document it to show that you *can* do it if you need it, that doesn't mean it's a recommended scenario.
Kind regards,
Mark
/********************************* Mark Cairney ITI UNIX Section Information Services University of Edinburgh
Tel: 0131 650 6565 Email: mark.cairney@ed.ac.uk
*********************************/