Hi,
Is there a "best" way to check to see if OpenLDAP replication is working?
I have one script that checks the ContextCSN of the root of the database, which works to a certain degree. However, even when that matches it seems that sometimes a "deep inspection" (actually traversing the whole database and comparing each entry individually) of the directory shows differences even when the ContextCSN of the directory root matches.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tim Gustafson tjg@soe.ucsc.edu Baskin School of Engineering 831-459-5354 UC Santa Cruz Baskin Engineering 317B -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
On 2011-05-31 at 09:16, Tim Gustafson ( tjg@soe.ucsc.edu ) said:
Hi,
Is there a "best" way to check to see if OpenLDAP replication is working?
I have one script that checks the ContextCSN of the root of the database, which works to a certain degree. However, even when that matches it seems that sometimes a "deep inspection" (actually traversing the whole database and comparing each entry individually) of the directory shows differences even when the ContextCSN of the directory root matches.
That's all our nagios check script does. If you're finding that there are still differences in the contents of the directory even when contextCSN matches, then there's likely something else going on. At least, I've never seen the situation you describe in our production openldap cluster.
--andy
That's all our nagios check script does. If you're finding that there are still differences in the contents of the directory even when contextCSN matches, then there's likely something else going on. At least, I've never seen the situation you describe in our production openldap cluster.
I think that a lot of our replication woes are the result of running some pretty ancient versions of OpenLDAP. I'm in the process right now of upgrading our LDAP infrastructure to use all new 2.4.25 installations (rather than the 2.3.43 version that's bundled with CentOS) and I'm thinking that a lot of our replication issues might vanish once that upgrade is complete.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tim Gustafson tjg@soe.ucsc.edu Baskin School of Engineering 831-459-5354 UC Santa Cruz Baskin Engineering 317B -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
I can attest to that. :)
Reloading a server used to be required at least once a month or so before we updated from 2.3 to 2.4.23 openldap (5 servers, including the single master) due to being out of sync.
- chris
Chris Jacobs, Systems Administrator, Technology Services Group Apollo Group | Apollo Marketing & Product Development | Aptimus, Inc. 2001 6th Ave | Ste 3200 | Seattle, WA 98121 phone: 206.839-8245 | cell: 206.601.3256 | Fax: 208.441.9661 email: chris.jacobs@apollogrp.edu
----- Original Message ----- From: openldap-technical-bounces@OpenLDAP.org openldap-technical-bounces@OpenLDAP.org To: phalenor@gmail.com phalenor@gmail.com Cc: openldap-technical@openldap.org openldap-technical@openldap.org Sent: Tue May 31 15:31:49 2011 Subject: Re: "best" way to check if OpenLDAP replication is working
That's all our nagios check script does. If you're finding that there are still differences in the contents of the directory even when contextCSN matches, then there's likely something else going on. At least, I've never seen the situation you describe in our production openldap cluster.
I think that a lot of our replication woes are the result of running some pretty ancient versions of OpenLDAP. I'm in the process right now of upgrading our LDAP infrastructure to use all new 2.4.25 installations (rather than the 2.3.43 version that's bundled with CentOS) and I'm thinking that a lot of our replication issues might vanish once that upgrade is complete.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tim Gustafson tjg@soe.ucsc.edu Baskin School of Engineering 831-459-5354 UC Santa Cruz Baskin Engineering 317B -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.
On 1/6/2011 1:31 πμ, Tim Gustafson wrote:
I think that a lot of our replication woes are the result of running some pretty ancient versions of OpenLDAP. I'm in the process right now of upgrading our LDAP infrastructure to use all new 2.4.25 installations (rather than the 2.3.43 version that's bundled with CentOS) and I'm thinking that a lot of our replication issues might vanish once that upgrade is complete.
Hi Tim,
Are you compiling from source or you are using CentOS RPMs (e.g. Symas or LTB)?
Nick
Are you compiling from source or you are using CentOS RPMs (e.g. Symas or LTB)?
We were using the CentOS RPMs - the stock ones, not an add-on repository.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tim Gustafson tjg@soe.ucsc.edu Baskin School of Engineering 831-459-5354 UC Santa Cruz Baskin Engineering 317B -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Jzst a small note that the check_ldap_syncrepl_stats.pl script has a problem when your CSN use numbers larger than 9
http://tools.lsc-project.org/issues/324
André
Am 01.06.2011 17:03, schrieb Tim Gustafson:
Are you compiling from source or you are using CentOS RPMs (e.g. Symas or LTB)?
We were using the CentOS RPMs - the stock ones, not an add-on repository.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tim Gustafson tjg@soe.ucsc.edu Baskin School of Engineering 831-459-5354 UC Santa Cruz Baskin Engineering 317B -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
On 31 May 2011, at 18:27, Andy Cobaugh wrote:
On 2011-05-31 at 09:16, Tim Gustafson ( tjg@soe.ucsc.edu ) said:
Hi,
Is there a "best" way to check to see if OpenLDAP replication is working?
I have one script that checks the ContextCSN of the root of the database, which works to a certain degree. However, even when that matches it seems that sometimes a "deep inspection" (actually traversing the whole database and comparing each entry individually) of the directory shows differences even when the ContextCSN of the directory root matches.
That's all our nagios check script does. If you're finding that there are still differences in the contents of the directory even when contextCSN matches, then there's likely something else going on. At least, I've never seen the situation you describe in our production openldap cluster.
--andy
Andy,
Just out of interest (I'm just beginning to sort out nagios monitoring for this very thing) is this the same plugin as on http://ltb-project.org/wiki/documentation/nagios-plugins/check_ldap_syncrepl... or is it a script you've created yourselves?
Cheers Alister
-- Alister Forbes TACSUNS _.|._.|._ Cisco Systems
Please avoid sending me Word or PowerPoint attachments. See - http://www.gnu.org/philosophy/no-word-attachments.html
On 2011-06-01 at 08:45, Alister Forbes ( a@cisco.com ) said:
On 31 May 2011, at 18:27, Andy Cobaugh wrote:
On 2011-05-31 at 09:16, Tim Gustafson ( tjg@soe.ucsc.edu ) said:
Hi,
Is there a "best" way to check to see if OpenLDAP replication is working?
I have one script that checks the ContextCSN of the root of the database, which works to a certain degree. However, even when that matches it seems that sometimes a "deep inspection" (actually traversing the whole database and comparing each entry individually) of the directory shows differences even when the ContextCSN of the directory root matches.
That's all our nagios check script does. If you're finding that there are still differences in the contents of the directory even when contextCSN matches, then there's likely something else going on. At least, I've never seen the situation you describe in our production openldap cluster.
--andy
Andy,
Just out of interest (I'm just beginning to sort out nagios monitoring for this very thing) is this the same plugin as on http://ltb-project.org/wiki/documentation/nagios-plugins/check_ldap_syncrepl... or is it a script you've created yourselves?
I'm using just a simple shell script that I wrote a couple years ago. Our nagios runs on Solaris SPARC, so I have to keep dependencies to a minimum.
I was completely unaware of the existence of LTB. I would check it out, but it looks like redmine is currently having issues when you try to download anything.
Those cacti plugins look interesting.
--andy
2011/6/1 Andy Cobaugh phalenor@gmail.com:
On 2011-06-01 at 08:45, Alister Forbes ( a@cisco.com ) said:
On 31 May 2011, at 18:27, Andy Cobaugh wrote:
On 2011-05-31 at 09:16, Tim Gustafson ( tjg@soe.ucsc.edu ) said:
Hi,
Is there a "best" way to check to see if OpenLDAP replication is working?
I have one script that checks the ContextCSN of the root of the database, which works to a certain degree. However, even when that matches it seems that sometimes a "deep inspection" (actually traversing the whole database and comparing each entry individually) of the directory shows differences even when the ContextCSN of the directory root matches.
That's all our nagios check script does. If you're finding that there are still differences in the contents of the directory even when contextCSN matches, then there's likely something else going on. At least, I've never seen the situation you describe in our production openldap cluster.
--andy
Andy,
Just out of interest (I'm just beginning to sort out nagios monitoring for this very thing) is this the same plugin as on http://ltb-project.org/wiki/documentation/nagios-plugins/check_ldap_syncrepl... or is it a script you've created yourselves?
I'm using just a simple shell script that I wrote a couple years ago. Our nagios runs on Solaris SPARC, so I have to keep dependencies to a minimum.
I was completely unaware of the existence of LTB. I would check it out, but it looks like redmine is currently having issues when you try to download anything.
Those cacti plugins look interesting.
Hi,
our redmine server experience some issues, we are working on it, I will let you know when all will be running.
Clément.
Le 1 juin 2011 10:19, Clément OUDOT clem.oudot@gmail.com a écrit :
2011/6/1 Andy Cobaugh phalenor@gmail.com:
On 2011-06-01 at 08:45, Alister Forbes ( a@cisco.com ) said:
On 31 May 2011, at 18:27, Andy Cobaugh wrote:
On 2011-05-31 at 09:16, Tim Gustafson ( tjg@soe.ucsc.edu ) said:
Hi,
Is there a "best" way to check to see if OpenLDAP replication is working?
I have one script that checks the ContextCSN of the root of the database, which works to a certain degree. However, even when that matches it seems that sometimes a "deep inspection" (actually traversing the whole database and comparing each entry individually) of the directory shows differences even when the ContextCSN of the directory root matches.
That's all our nagios check script does. If you're finding that there are still differences in the contents of the directory even when contextCSN matches, then there's likely something else going on. At least, I've never seen the situation you describe in our production openldap cluster.
--andy
Andy,
Just out of interest (I'm just beginning to sort out nagios monitoring for this very thing) is this the same plugin as on http://ltb-project.org/wiki/documentation/nagios-plugins/check_ldap_syncrepl... or is it a script you've created yourselves?
I'm using just a simple shell script that I wrote a couple years ago. Our nagios runs on Solaris SPARC, so I have to keep dependencies to a minimum.
I was completely unaware of the existence of LTB. I would check it out, but it looks like redmine is currently having issues when you try to download anything.
Those cacti plugins look interesting.
Hi,
our redmine server experience some issues, we are working on it, I will let you know when all will be running.
All seems ok now. Feel free to contact LTB community if you want more information on the scripts : http://ltb-project.org/wiki/community
Clément.
Hi,
The LTB redmine have been fixed.
Regards,
2011/6/1 Andy Cobaugh phalenor@gmail.com
On 2011-06-01 at 08:45, Alister Forbes ( a@cisco.com ) said:
On 31 May 2011, at 18:27, Andy Cobaugh wrote:
On 2011-05-31 at 09:16, Tim Gustafson ( tjg@soe.ucsc.edu ) said:
Hi,
Is there a "best" way to check to see if OpenLDAP replication is working?
I have one script that checks the ContextCSN of the root of the database, which works to a certain degree. However, even when that matches it seems that sometimes a "deep inspection" (actually traversing the whole database and comparing each entry individually) of the directory shows differences even when the ContextCSN of the directory root matches.
That's all our nagios check script does. If you're finding that there are still differences in the contents of the directory even when contextCSN matches, then there's likely something else going on. At least, I've never seen the situation you describe in our production openldap cluster.
--andy
Andy,
Just out of interest (I'm just beginning to sort out nagios monitoring for this very thing) is this the same plugin as on http://ltb-project.org/wiki/documentation/nagios-plugins/check_ldap_syncrepl... is it a script you've created yourselves?
I'm using just a simple shell script that I wrote a couple years ago. Our nagios runs on Solaris SPARC, so I have to keep dependencies to a minimum.
I was completely unaware of the existence of LTB. I would check it out, but it looks like redmine is currently having issues when you try to download anything.
Those cacti plugins look interesting.
--andy
openldap-technical@openldap.org
-
Alister Forbes -
André Schild -
Andy Cobaugh -
Chris Jacobs -
Clément OUDOT -
Nick Milas -
Sébastien Bahloul -
Tim Gustafson