[389-users] openldap client HA for multimaster replication

Christopher Wood christopher_wood at pobox.com
Fri Jul 6 18:34:33 UTC 2012 

On Fri, Jul 06, 2012 at 06:27:31PM +0000, Ryan Palamara wrote:
>    I am using a mix of CentOS 5 and 6 servers using openldap for client ldap.
>    I have 2 289 Directory servers that are using multi-master replication.
> 
>     
> 
>    When dirsrv stops working on the first server listed under URI,
>    authentication picks up seamlessly on the second LDAP server listed.
> 
>    However if the first server is down completely, it then takes a long time
>    for authentication for go to the second server.
> 
>     
> 
>    Any suggestions on what can be done with openldap, to allow the seamless
>    failover to the second server when the first one is down completely?

Depending on how expensive this slow authentication is, you could do anything from a shared IP via haproxy to buy a BigIP pair from F5 and have your load balancer check that the backend ldap daemons are up. Then the frontend will stop using a non-functioning backend for ldap.


 
>     
> 
>     
> 
>    Thank you,
> 
>     
> 
>    Ryan Palamara
> 
>    ZAIS Group, LLC
> 
>    2 Bridge Avenue, Suite 322
> 
>    Red Bank, New Jersey 07701
> 
>    Phone: (732) 450-7444
> 
>    [1]Ryan.palamara at zaisgroup.com
> 
>     
> 
>    --------------------------------------------------------------------------
> 
>       This e-mail message is intended only for the named recipient(s) above.
>       It may contain confidential information. If you are not the intended
>       recipient you are hereby notified that any dissemination, distribution
>       or copying of this e-mail and any attachment(s) is strictly prohibited.
>       If you have received this e-mail in error, please immediately notify
>       the sender by replying to this e-mail and delete the message and any
>       attachment(s) from your system. Thank you.
> 
>       This is not an offer (or solicitation of an offer) to buy/sell the
>       securities/instruments mentioned or an official confirmation. This is
>       not research and is not from ZAIS Group but it may refer to a research
>       analyst/research report. Unless indicated, these views are the author's
>       and may differ from those of ZAIS Group research or others in the Firm.
>       We do not represent this is accurate or complete and we may not update
>       this. Past performance is not indicative of future returns.
> 
>       IRS CIRCULAR 230 NOTICE:.
> 
>       To comply with requirements imposed by the IRS, we inform you that any
>       U.S. federal tax advice contained herein (including any attachments),
>       unless specifically stated otherwise, is not intended or written to be
>       used, and cannot be used, for the purpose of (i) avoiding penalties
>       under the Internal Revenue Code or (ii) promoting, marketing or
>       recommending any transaction or matter addressed herein to another
>       party. Each taxpayer should seek advice based on the taxpayer's
>       particular circumstances from an independent tax advisor.
> 
>       "ZAIS", "ZAIS Group" and "ZAIS Solutions" are trademarks of ZAIS Group,
>       LLC.
> 
> References
> 
>    Visible links
>    1. mailto:Ryan.palamara at zaisgroup.com

> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users

More information about the 389-users mailing list