Thanks for the reply,
gnutls is a pain but we've been able to make it work and the boss hates it when we use source so I'm kind of stuck with it as it is unless I can make a better case than ssl.
So mirror mode is really defined by the load balancer in front? I guess this is a bit confusing in the documentation because multi-master has a more complex configuration.
As of right now then we are really using multi-master with two servers and the very simple example configuration that's laid out under mirror mode at http://www.openldap.org/doc/admin24/replication.html. But the plan is to upgrade and put load balancing in front. And then we want to use a couple of slaves with limited directories in front of those for constant lookups from services like mail. We are trying to get he benefits of load balancing for heavy writing without having one point of failure for critical services that need a lot of lookups but no writes.
I'm testing a setup with the load balancer right now. Can schema changes in cn=config be sent to the the load balancer and slaves as well?
On Mon, Mar 4, 2013 at 4:00 PM, Quanah Gibson-Mount quanah@zimbra.comwrote:
--On Monday, March 04, 2013 3:39 PM -0500 John Baker johnnyb@marlboro.edu wrote:
Hi,
We have been using mirror mode for some time as a simple way for us to have an up to date copy in case of a crash and load balancing. We have been using the older slapd.conf configuration in Ubntu Hardy and are now moving up to 2.4.28 in Ubuntu Precise.
a) Don't use builds provided by Debian/Ubuntu. Build something sane linked to OpenSSL. b) Use a current release (2.4.34) c) There is no difference in configuration between "Mirror Mode" and MMR. They are the exact same thing configuration wise. The *only* difference is that with "mirror mode" you use some sort of balancer so that only a single server is available for writes at a given time.
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
--On Monday, March 04, 2013 4:45 PM -0500 John Baker johnnyb@marlboro.edu wrote:
Thanks for the reply,
gnutls is a pain but we've been able to make it work and the boss hates it when we use source so I'm kind of stuck with it as it is unless I can make a better case than ssl.
You need to use a current release, regardless of whether or not you avoid using GnuTLS (although from a security standpoint, it should be avoided). You really should read over https://www.openldap.org/software/release/changes.html as well.
There's no point in configuring MMR or answering any questions about it until you get to a current build, given all the MMR related fixes since 2.4.28.
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
--On Monday, March 04, 2013 2:03 PM -0800 Quanah Gibson-Mount quanah@zimbra.com wrote:
--On Monday, March 04, 2013 4:45 PM -0500 John Baker johnnyb@marlboro.edu wrote:
Thanks for the reply,
gnutls is a pain but we've been able to make it work and the boss hates it when we use source so I'm kind of stuck with it as it is unless I can make a better case than ssl.
You need to use a current release, regardless of whether or not you avoid using GnuTLS (although from a security standpoint, it should be avoided). You really should read over https://www.openldap.org/software/release/changes.html as well.
There's no point in configuring MMR or answering any questions about it until you get to a current build, given all the MMR related fixes since 2.4.28.
One final note -- If you switch to using back-mdb instead of the back-hdb/bdb databases, I wouldn't particularly worry about write load either.
http://wiki.zimbra.com/wiki/OpenLDAP_MDB_vs_HDB_performance. back-mdb is massively faster for writes than back-hdb/bdb ever were. It is also massively faster for reads in the concurrent read tests (I'm working on getting those posted, the wiki is under constant updating atm. ;) ).
Finally, if you are going to roll out MMR, I strongly advise delta-syncrepl MMR for the primary database. I personally do not replicate cn=config, so can't really speak to configuring it for replication.
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
openldap-technical@openldap.org