On 12/11/2009 12:04, Peter Mogensen wrote:
Hi,
I'm moving more and more towards loading new databases via ldapadd to cn=config. All databases are replicated between two mirrormode servers - including cn=config.
From my unserstanding I need to syncrepl directives for each database. For cn=config it could be:
syncrepl rid=1 provider=ldaps://<SERVER1>/ searchbase="cn=config" type=refreshAndPersist retry="60 +" scope=sub schemachecking=on bindmethod=sasl binddn="cn=config" saslmech="EXTERNAL" tls_cert=/etc/ldap/ssl/config.crt tls_key=/etc/ldap/ssl/config.nopass.key tls_cacert=/etc/ldap/ssl/ca.crt tls_cipher_suite="NULL-SHA"
syncrepl rid=2 provider=ldaps://<SERVER2>/ searchbase="cn=config" type=refreshAndPersist retry="60 +" scope=sub schemachecking=on bindmethod=sasl binddn="cn=config" saslmech="EXTERNAL" tls_cert=/etc/ldap/ssl/config.crt tls_key=/etc/ldap/ssl/config.nopass.key tls_cacert=/etc/ldap/ssl/ca.crt tls_cipher_suite="NULL-SHA"
The two directives are needed since the configuration will be replicated and the two servers have to contain the same configuration. As long as Server-2 can recognize it self as <SERVER2> it will ignore the directive pointing to it self - correct?
Yes.
So cn=config will use RID 1 and RID 2.
When I add a new database it will also have to have 2 syncrepl directives, but will have to use RID 3 and RID 4 - correct?
Yes.
Now, I would like not to have to specify the RID in the LDIF loaded to create a new database. In principle I would not know how many other replications were in place on the server I load it into, so it would be a bad thing to hardwire the RID into the LDIF for the new database.
Are there any mechanism/best practice to do chose new RIDs automatically?
The mechanism we use is a script to search under cn=config for all entries with attribute "olcSyncrepl", and parse them to work out the current max RID, then use that +1.
Regards, Jonathan