Hi,
We are running 2 replicas one local and the other is remote. When there is a network interruption replication fails and I have to delete the entire database in the remote replica, and let it re-synch again. Is there a way to make the remote continue its replication after the network connection is established without having to delete the database or restart the services?
Thank you,
On Wed, 13 Nov 2013, Darouichi, Aziz wrote:
Hi,
We are running 2 replicas one local and the other is remote. When there is a network interruption replication fails and I have to delete the entire database in the remote replica, and let it re-synch again.
Is there a way to make the remote continue its replication after the network connection is established without having to delete the database or restart the services?
See slapd.conf(5) for the "keepalive" parameter to the "syncrepl" directive.
Hi Aaron,
I do have keep alive in the slapd.conf:
syncrepl rid=006 provider=ldap://192.168.19.43 tls_cert=/etc/pki/tls/certs/ldap-tls.curry.edu.cert.pem tls_key=/etc/pki/tls/private/ldap-tls.curry.edu.key.pem tls_cacert=/etc/pki/tls/certs/cacert.pem tls_reqcert=demand searchbase="dc=curry,dc=edu" schemachecking=on timelimit=unlimited sizelimit=unlimited type=refreshAndPersist retry="60 +" keepalive=240:10:30
-----Original Message----- From: Aaron Richton [mailto:richton@nbcs.rutgers.edu] Sent: Wednesday, November 13, 2013 10:08 AM To: Darouichi, Aziz Cc: openldap-technical@openldap.org Subject: Re: Replication fails after network outage
On Wed, 13 Nov 2013, Darouichi, Aziz wrote:
Hi,
We are running 2 replicas one local and the other is remote. When there is a network interruption replication fails and I have to delete the entire database in the remote replica, and let it re-synch again.
Is there a way to make the remote continue its replication after the network connection is established without having to delete the database or restart the services?
See slapd.conf(5) for the "keepalive" parameter to the "syncrepl" directive.
--On Wednesday, November 13, 2013 10:09 AM -0500 "Darouichi, Aziz" adarouic@post03.curry.edu wrote:
Hi Aaron,
I do have keep alive in the slapd.conf:
syncrepl rid=006 provider=ldap://192.168.19.43 tls_cert=/etc/pki/tls/certs/ldap-tls.curry.edu.cert.pem tls_key=/etc/pki/tls/private/ldap-tls.curry.edu.key.pem tls_cacert=/etc/pki/tls/certs/cacert.pem tls_reqcert=demand searchbase="dc=curry,dc=edu" schemachecking=on timelimit=unlimited sizelimit=unlimited type=refreshAndPersist retry="60 +" keepalive=240:10:30
Always supply what OpenLDAP version you are running.
--Quanah
--
Quanah Gibson-Mount Architect - Server Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
Sorry if I neglected to include that info in my original email.
Local Openldap is running 2.4.23 Remote is running 2.4.33
-----Original Message----- From: Quanah Gibson-Mount [mailto:quanah@zimbra.com] Sent: Wednesday, November 13, 2013 11:07 AM To: Darouichi, Aziz; Aaron Richton Cc: openldap-technical@openldap.org Subject: RE: Replication fails after network outage
--On Wednesday, November 13, 2013 10:09 AM -0500 "Darouichi, Aziz" adarouic@post03.curry.edu wrote:
Hi Aaron,
I do have keep alive in the slapd.conf:
syncrepl rid=006 provider=ldap://192.168.19.43 tls_cert=/etc/pki/tls/certs/ldap-tls.curry.edu.cert.pem tls_key=/etc/pki/tls/private/ldap-tls.curry.edu.key.pem tls_cacert=/etc/pki/tls/certs/cacert.pem tls_reqcert=demand searchbase="dc=curry,dc=edu" schemachecking=on timelimit=unlimited sizelimit=unlimited type=refreshAndPersist retry="60 +" keepalive=240:10:30
Always supply what OpenLDAP version you are running.
--Quanah
--
Quanah Gibson-Mount Architect - Server Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
--On Wednesday, November 13, 2013 11:33 AM -0500 "Darouichi, Aziz" adarouic@post03.curry.edu wrote:
Sorry if I neglected to include that info in my original email.
Local Openldap is running 2.4.23 Remote is running 2.4.33
Upgrade your local openldap first.
--Quanah
--
Quanah Gibson-Mount Architect - Server Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
Is it necessary to upgrade? I have to take my case to Management...!!!!
-----Original Message----- From: Quanah Gibson-Mount [mailto:quanah@zimbra.com] Sent: Wednesday, November 13, 2013 12:06 PM To: Darouichi, Aziz; Aaron Richton Cc: openldap-technical@openldap.org Subject: RE: Replication fails after network outage
--On Wednesday, November 13, 2013 11:33 AM -0500 "Darouichi, Aziz" adarouic@post03.curry.edu wrote:
Sorry if I neglected to include that info in my original email.
Local Openldap is running 2.4.23 Remote is running 2.4.33
Upgrade your local openldap first.
--Quanah
--
Quanah Gibson-Mount Architect - Server Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
--On Wednesday, November 13, 2013 1:02 PM -0500 "Darouichi, Aziz" adarouic@post03.curry.edu wrote:
Is it necessary to upgrade? I have to take my case to Management...!!!!
Well, that depends. Do you want syncrepl to work, or do you want it to not work? I strongly advise you to read the changelog for OpenLDAP so you can see the numerous fixes to syncrepl replication since 2.4.23 was released.
--Quanah
--
Quanah Gibson-Mount Architect - Server Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
Quanah Gibson-Mount quanah@zimbra.com schrieb am 13.11.2013 um 19:07 in
Nachricht <58534BED9C430B31FE4F6B5E@[192.168.1.93]>:
--On Wednesday, November 13, 2013 1:02 PM -0500 "Darouichi, Aziz" adarouic@post03.curry.edu wrote:
Is it necessary to upgrade? I have to take my case to Management...!!!!
Well, that depends. Do you want syncrepl to work, or do you want it to not work? I strongly advise you to read the changelog for OpenLDAP so you can see the numerous fixes to syncrepl replication since 2.4.23 was released.
Let me comment that I run a multi-master configuration with openldap2-2.4.26-0.16.1 (SLES11 SP2) sucessfully. I haven tested network outages, but I restarted individual servers, and there were no problems. For the update: I contacted support, and they told me I'll have to demonstrate them how many $$ we would gain by using a later version. At that point I stopped arguing.
olcSyncrepl: {0}rid=1 provider="ldap://server.de/" searchbase="cn=config" type="refreshAndPersist" retry="120 +" starttls=critical tls_reqcert=demand bindmethod="simple" binddn="uid=syncrepl,ou=system,dc=server,dc=de" credentials="youdontexpectittobehere,right?"
Regards, Ulrich
--Quanah
--
Quanah Gibson-Mount Architect - Server Zimbra, Inc.
Zimbra :: the leader in open source messaging and collaboration
Hi,
On Thu, 14 Nov 2013, Ulrich Windl wrote:
Quanah Gibson-Mount quanah@zimbra.com schrieb am 13.11.2013 um 19:07 in
Nachricht <58534BED9C430B31FE4F6B5E@[192.168.1.93]>:
--On Wednesday, November 13, 2013 1:02 PM -0500 "Darouichi, Aziz" adarouic@post03.curry.edu wrote:
Is it necessary to upgrade? I have to take my case to Management...!!!!
Well, that depends. Do you want syncrepl to work, or do you want it to not work? I strongly advise you to read the changelog for OpenLDAP so you can see the numerous fixes to syncrepl replication since 2.4.23 was released.
Let me comment that I run a multi-master configuration with openldap2-2.4.26-0.16.1 (SLES11 SP2) sucessfully. I haven tested network outages, but I restarted individual servers, and there were no problems. For the update: I contacted support, and they told me I'll have to demonstrate them how many $$ we would gain by using a later version. At that point I stopped arguing.
I usually find it quite amusing asking what their compliance requirements say to running unsupported software.
If they reply that they have support from their enterprise linux distribution of choice I would be equally interested in what commitments that vendor has in supporting third party packaged software that they bundle with their distro.
If they have still not heard the bubble burst I would assume that the software in question is not mission critical and needs no sla.
Greetings Christian
Am Wed, 13 Nov 2013 13:02:22 -0500 schrieb "Darouichi, Aziz" adarouic@post03.curry.edu:
Is it necessary to upgrade? I have to take my case to Management...!!!!
[...] Read the Release Changes http://www.openldap.org/software/release/changes.html
-Dieter
openldap-technical@openldap.org
-
Aaron Richton -
Christian Kratzer -
Darouichi, Aziz -
Dieter Klünter -
Quanah Gibson-Mount -
Ulrich Windl