25 Apr
2013
25 Apr
'13
8:15 a.m.
Brian Gold wrote:
I'm currently running a pair of rhel6 servers (hostnames: ldap1 & ldap2) w/ openldap-2.4.23 in multi-master.
I would not use 2.4.23 in a MMR setup. There have been many syncrepl fixes since then.
=> upgrade OpenLDAP
I also have a pair of rhel6 servers running keepalived & haproxy to act as loadbalancers (floating ip resolves to hostname: ldap) to direct ldap queries from some of our less documented/older services from the days before we had 2 ldap servers or from services that can’t natively handle failover ldap providers.
Note that with such a HA/LB setup there is a possible issue with LDAP clients doing read-after-write.
Ciao, Michael.