I plan few OpenLDAP servers: N readonly secondaries and single writable main.
In my case OpenLDAP is critical as readonly database, and changes are allowed to fail. But I need all readonly replicas contain the same data same time, and I have possibilities to temporarily disconnect readonly secondaries from master.
Is there a some kind of operational\replication mode when: - Transactional changes over all servers: Writable main fails writing to database and propagating them to secondaries in case any of secondaries can not receive same changes - Secondary server may start "empty" and self-register as secondary server on writeable main, then get in sync. Until sync complete, secondary server will not satisfy any requests from clients.
How do you sync a "readonly database"? If all secondaries must contain the same data you must down them during update, obviously. So if one fails to update, all will remain down. Is that what you want? Maybe describe the scenario and requirements.
Kind regards, Ulrich Windl
-----Original Message----- From: alexey@filimonic.net alexey@filimonic.net Sent: Wednesday, February 12, 2025 12:37 PM To: openldap-technical@openldap.org Subject: [EXT] Few questions about replica (mirror mode?)
I plan few OpenLDAP servers: N readonly secondaries and single writable main.
In my case OpenLDAP is critical as readonly database, and changes are allowed to fail. But I need all readonly replicas contain the same data same time, and I have possibilities to temporarily disconnect readonly secondaries from master.
Is there a some kind of operational\replication mode when:
- Transactional changes over all servers:
Writable main fails writing to database and propagating them to secondaries in case any of secondaries can not receive same changes
- Secondary server may start "empty" and self-register as secondary server
on writeable main, then get in sync. Until sync complete, secondary server will not satisfy any requests from clients.
On Wed, Feb 12, 2025 at 11:37:10AM -0000, alexey@filimonic.net wrote:
I plan few OpenLDAP servers: N readonly secondaries and single writable main.
In my case OpenLDAP is critical as readonly database, and changes are allowed to fail. But I need all readonly replicas contain the same data same time, and I have possibilities to temporarily disconnect readonly secondaries from master.
Is there a some kind of operational\replication mode when:
- Transactional changes over all servers:
Writable main fails writing to database and propagating them to secondaries in case any of secondaries can not receive same changes
- Secondary server may start "empty" and self-register as secondary
server on writeable main, then get in sync. Until sync complete, secondary server will not satisfy any requests from clients.
Hi Alexey, my advice to these sorts of requirements tends to be: - set up some sort of proxy/load balancer in front of the replicas - establish a system for replication monitoring, let this system be in charge of which replicas are exposed through the balancer(s) adding/removing them according to whether they are considered reasonably up-to-date
lloadd or haproxy might be your traffic forwarders (lloadd can certainly be managed online in this way). As a quick and dirty (yet surprisingly robust) solution, you can start with synccheck[0] in a cron-like setup to decide which replicas should be included, this is how I've done it before.
But if you're interested in a more responsive system, synccheck is built on top of a much more powerful (WIP) Python library that you can use for real-time replication monitoring, happy to cooperate if you are interested in developing the coordination layer as it has been on my radar for a while.
[0]. https://git.openldap.org/openldap/syncmonitor
Regards,
openldap-technical@openldap.org
-
alexey@filimonic.net -
Ondřej Kuzník -
Windl, Ulrich