Tx! We'plan to upgrade the system, so we'll use openldap2.4.x. We have more than 1500 server and about 50% of them are linux, we must use rhel rpms (due to our datacenter roles, all the servers should be identical). The worst thing was that testing with the same db without the index files, all the results of the query are almost immediate. I'm unable to reproduce the problem in test environment. Regards Michele MAsè
On Tue, May 15, 2012 at 6:24 PM, Quanah Gibson-Mount quanah@zimbra.comwrote:
On Wednesday, 16 May 2012 15:12:15 Michele Mase' wrote:
Unless you have other rules which you haven't documented, there is no reason why you should not be able to deploy *additional* RPMs. Surely you deploy other non-RHEL software? I would hope it is also deployed by RPM ... unless you're stuck with 'Enterprise software' (e.g. a Java dependency-deficient mess).
Regards, Buchan
We have to maintain 500+ custom apps and the skill is not so high, so it's better if we don't touch system related packages. Michele Masè
On Wed, May 16, 2012 at 5:00 PM, Buchan Milne bgmilne@staff.telkomsa.netwrote:
On 16/5/2012 11:48 μμ, Michele Mase' wrote:
We have to maintain 500+ custom apps and the skill is not so high, so it's better if we don't touch system related packages.
It would not be really feasible to advise anything without *good* knowledge of your environment, but I guess that you have an internal repo that feeds your servers and a mechanism to submit mass commands (e.g. by mass-uploading cron jobs to all servers). (As a side note, it would be interesting to know some basic details on your workflow.)
RHEL/CentOS 5 OS has, AFAIK, tight integration with the standard 2.3 package so the base package, in all cases I know, is never replaced/upgraded. Rather, a new package is installed and used using non default system paths. This is the approach followed by Buchan's, Symas' and LTB RPMs for CentOS / RHEL 5. (We are using the LTB packages on all - a small number, compared to yours - our servers, now with v2.4.31.)
So, if you want to use OpenLDAP 2.4.x, plan the change well and take care that your system path uses the new ldap* client executables (for LTB you can see: http://tools.ltb-project.org/issues/408), and there is no problem with leaving system files alone (there is no conflict in having installed even all of the above packages at the same time; it's your decision to decide what will be running/used at any one time!).
Yet, despite the effort to migrate, I can assure you that you are going to see enormous OpenLDAP stability improvement moving from 2.3 to 2.4
I am not a real expert, but I am trying to help based on my experiences. Just 2c.
Good luck, Nick
Tx for the suggestion! We plan to migrate where possible to rhel6, that has included the 2.4.x openldap (and the possibility of hot adding ram and cpu in VM env). We have already tested a multi-master conf. that works fine. Tx Michele Masè
On Fri, May 18, 2012 at 12:48 PM, Nick Milas nick@eurobjects.com wrote:
--On Sunday, May 20, 2012 2:13 PM +0200 Michele Mase' michele.mase@gmail.com wrote:
Using the OpenLDAP included with RHEL6 is a terrible idea. If you want to use OpenLDAP as a server, then build it yourself, or use packages from any of the numerous other sites that will build it out for you, so that you can stay current. Distro packages are in general only for using the client libraries.
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
openldap-technical@openldap.org