Am Fri, 13 Dec 2013 18:40:02 +0100 (CET) schrieb Christian Kratzer ck-lists@cksoft.de:
Hi,
I have been thinking about a scalable multi site deployment architecture for openldap where I would like to:
- Have a small number of master servers centrally in the enterprise
with MMR.
All account provisioning would be at the central sites.
Have multiple edge sites replicate of those masters in a star
toplogy with MMR.
- Allow writes to those edge sites for the purpososes of
slapo_ppolicy, slapo_lastbind and password changes.
I would like to avoid fully meshing all servers for MMR and would prefer a star topology where each edge site only replicates with the central site.
I would also like to avoid chaining. See my previous posts why.
Before I set this up in my lab I would like a second opinion. The customer is asking for best practice in large deployments.
Michael is quite correct in his comments regarding slapo_policy, but in priciple i have realised this design in a cascading directory with more than 100 slaves.
-Dieter