Just curious, why would you do "mirror mode" MMR vs just plain MMR? Do
you feel you have a specific
requirement that only one master ever receive the write traffic?
No specific requirement but the documentation made various points that suggested "mirror mode" MMR would be easier to support ... For example, for plain MMR, the arguments against included:
If connectivity with a provider is lost because of a network partition, then "automatic failover" can just compound the problem
Typically, a particular machine cannot distinguish between losing contact with a peer because that peer crashed, or because the network link has failed
If a network is partitioned and multiple clients start writing to each of the "masters" then reconciliation will be a pain; it may be best to simply deny writes to the clients that are partitioned from the single provider
but the arguments against mirror mode were more semantics (e.g. "MirrorMode is not what is termed as a Multi-Master solution" and "MirrorMode can be termed as Active-Active Hot-Standby") rather than any real negatives.
I'm essentially looking to have two LDAP servers and keep them in sync. LDAP consumers will be configured to query both and the web interfaces would be configured to talk to their "local" instance with DNS pointing at a preferred instance.
For me, the biggest concern I have about implementing MMR - plain or mirror mode - is the challenge of recovering from a problem. Mirror mode seems to be simpler in that respect because only one node has the writes and therefore reconciliation should be straightforward.
Philip
On 2 July 2013 16:27, Quanah Gibson-Mount quanah@zimbra.com wrote:
--On Tuesday, July 02, 2013 10:25 AM +0100 Philip Colmer < philip.colmer@linaro.org> wrote:
At the moment, we have a single LDAP server which we are using with LDAP Account Manager for web-based object management and Atlassian Crowd for authentication. The LDAP server is queried directly by other servers for UNIX-level authentication, i.e. SSH and group membership.
I'm looking at introducing a second LDAP server and I'm leaning towards choosing mirror mode as the replication methodology. Since the only writes to LDAP come via LAM or Crowd, and these are both web-based, I think I could set up an almost identical server to the one I have at the moment and use a system like Amazon's Route 53 DNS service with health checks to allow me to redirect users off to the second server if the first server fails.
Just curious, why would you do "mirror mode" MMR vs just plain MMR? Do you feel you have a specific requirement that only one master ever receive the write traffic?
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
openldap-technical@openldap.org