> Just curious, why would you do "mirror mode" MMR vs just plain MMR?  Do you feel you have a specific 
> requirement that only one master ever receive the write traffic?

No specific requirement but the documentation made various points that suggested "mirror mode" MMR would be easier to support ... For example, for plain MMR, the arguments against included:

If connectivity with a provider is lost because of a network partition, then "automatic failover" can just compound the problem

Typically, a particular machine cannot distinguish between losing contact with a peer because that peer crashed, or because the network link has failed

If a network is partitioned and multiple clients start writing to each of the "masters" then reconciliation will be a pain; it may be best to simply deny writes to the clients that are partitioned from the single provider

but the arguments against mirror mode were more semantics (e.g. "MirrorMode is not what is termed as a Multi-Master solution" and "MirrorMode can be termed as Active-Active Hot-Standby") rather than any real negatives.

I'm essentially looking to have two LDAP servers and keep them in sync. LDAP consumers will be configured to query both and the web interfaces would be configured to talk to their "local" instance with DNS pointing at a preferred instance.

For me, the biggest concern I have about implementing MMR - plain or mirror mode - is the challenge of recovering from a problem. Mirror mode seems to be simpler in that respect because only one node has the writes and therefore reconciliation should be straightforward.

Philip



On 2 July 2013 16:27, Quanah Gibson-Mount <quanah@zimbra.com> wrote:
--On Tuesday, July 02, 2013 10:25 AM +0100 Philip Colmer <philip.colmer@linaro.org> wrote:


At the moment, we have a single LDAP server which we are using with LDAP
Account Manager for web-based object management and Atlassian Crowd for
authentication. The LDAP server is queried directly by other servers for
UNIX-level authentication, i.e. SSH and group membership.


I'm looking at introducing a second LDAP server and I'm leaning towards
choosing mirror mode as the replication methodology. Since the only
writes to LDAP come via LAM or Crowd, and these are both web-based, I
think I could set up an almost identical server to the one I have at the
moment and use a system like Amazon's Route 53 DNS service with health
checks to allow me to redirect users off to the second server if the
first server fails.

Just curious, why would you do "mirror mode" MMR vs just plain MMR?  Do you feel you have a specific requirement that only one master ever receive the write traffic?

--Quanah



--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration