Hi,
I am new to ldap. We have 4 ldap servers, 2 of them are in mirror-mode providers, 2 of them are just consumers/replicas. I am working on loadbalancer for these 4 ldap servers using ldap/meta backend. I want to the ldap proxy/loadbalancer to, redirect write requests to one of the 2 mirror-mode providers. redirect read requests to any of the 2 replicas/consumers.
I know ldap backend has uri list which can be used to redirect to mirror-mode providers. But I want to redirect only the write requests.
Regards, Nagamani Chinnapaiyan
--On Monday, June 20, 2022 12:33 PM +0000 nagamani.chinnapaiyan@viasat.com wrote:
Hi,
I am new to ldap. We have 4 ldap servers, 2 of them are in mirror-mode providers, 2 of them are just consumers/replicas. I am working on loadbalancer for these 4 ldap servers using ldap/meta backend. I want to the ldap proxy/loadbalancer to, redirect write requests to one of the 2 mirror-mode providers. redirect read requests to any of the 2 replicas/consumers.
I know ldap backend has uri list which can be used to redirect to mirror-mode providers. But I want to redirect only the write requests.
Or just configure back-ldap+chain on the consumers so they forward any write requests to the master nodes.
I would note you generally want to ensure write ops only go to an "active" master in the pair to avoid collisions.
--Quanah
ok. Thank you. yes I want to ensure write goes only to one node unless it fails.
nagamani.chinnapaiyan@viasat.com schrieb am 20.06.2022 um 13:33 in Nachricht
20220620113345.5262.56682@hypatia.openldap.org:
Hi,
I am new to ldap. We have 4 ldap servers, 2 of them are in mirror-mode providers, 2 of them are just consumers/replicas. I am working on loadbalancer for these 4 ldap servers using ldap/meta backend. I want to the ldap proxy/loadbalancer to, redirect write requests to one of the 2 mirror-mode providers. redirect read requests to any of the 2 replicas/consumers.
I know ldap backend has uri list which can be used to redirect to mirror-mode providers. But I want to redirect only the write requests.
Ignoring the loadbalancer issues, I think you add a race condition when reading possibly older data from your consumers and maybe write them back where newer data may exist already (i.e.: providers). BTW: Is a modify operation a read, or is it a write?
Regards, Ulrich
Regards, Nagamani Chinnapaiyan
--On Wednesday, June 22, 2022 9:03 AM +0200 Ulrich Windl Ulrich.Windl@rz.uni-regensburg.de wrote:
Ignoring the loadbalancer issues, I think you add a race condition when reading possibly older data from your consumers and maybe write them back where newer data may exist already (i.e.: providers). BTW: Is a modify operation a read, or is it a write?
modify ops are always a write operation, since they are doing a modification.
And yes, read-after-write can be a tricky issue to handle.
--Quanah
On Wed, Jun 22, 2022 at 08:29:05AM -0700, Quanah Gibson-Mount wrote:
Ignoring the loadbalancer issues, I think you add a race condition when reading possibly older data from your consumers and maybe write them back where newer data may exist already (i.e.: providers). BTW: Is a modify operation a read, or is it a write?
modify ops are always a write operation, since they are doing a modification.
And yes, read-after-write can be a tricky issue to handle.
In "load-balanced" setups, I usually suggest that people maintain two separate endpoints, one for clients that only ever issue reads and the other one for clients that might issue a write operation (potentially mixed in with read traffic).
Regards,
Quanah Gibson-Mount quanah@fast-mail.org schrieb am 22.06.2022 um 17:29
in Nachricht <DAC521212CF4E0B84C0B2E7B@[192.168.1.17]>:
‑‑On Wednesday, June 22, 2022 9:03 AM +0200 Ulrich Windl <Ulrich.Windl@rz.uni‑regensburg.de> wrote:
Ignoring the loadbalancer issues, I think you add a race condition when reading possibly older data from your consumers and maybe write them back where newer data may exist already (i.e.: providers). BTW: Is a modify operation a read, or is it a write?
modify ops are always a write operation, since they are doing a modification.
Sorry, I was not precise enough: What I wanted to ask was: Is the "modify" the user was talking about a LDIF-like modify, or is it a user-level modify like reading data from one source, manipulating the data and then write that data to a possibly different destination. The latter case is probably opening a can of worms, so to say.
And yes, read‑after‑write can be a tricky issue to handle.
‑‑Quanah
yes. it is user level modify. reading data from any of the mirror mode providers, modifying the data and then write back to any of the mirror mode providers.
I can now understand this model can cause inconsistency problem when the data is not in sync between the providers. This means we can not use Loadbalancers in-front of write endpoints? Or it suggests there is no way we can have multiple providers in a ldap cluster without the possibility of corrupting the data.
Better solution from the suggestions is to use two LBs. one for read only operation which uses round robin to select any of the servers(good option for this is HA Proxy). another LB for read+write operations, which uses ldap-backend to select one of the mirror mode provider until it fails.
--On Tuesday, July 12, 2022 5:15 PM +0000 Nagamani Chinnapaiyan nagamani.chinnapaiyan@viasat.com wrote:
Better solution from the suggestions is to use two LBs. one for read only operation which uses round robin to select any of the servers(good option for this is HA Proxy). another LB for read+write operations, which uses ldap-backend to select one of the mirror mode provider until it fails.
Yes, this is essentially general best practice. An LB for read nodes, using whatever strategy desired for those, and an LB for the write nodes that is sticky to a specific provider.
--Quanah
openldap-technical@openldap.org
-
Nagamani Chinnapaiyan -
nagamani.chinnapaiyan@viasat.com
-
Ondřej Kuzník -
Quanah Gibson-Mount -
Ulrich Windl