From: Quanah Gibson-Mount Date: Thu, 29 Nov 2007 23:51:25 +0000 (+0000) Subject: Documentation updates. X-Git-Tag: OPENLDAP_REL_ENG_2_4_7~31 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=e8b2553ab6b5ac9d79fd0e4e1c6a1ae268080199;p=openldap Documentation updates. --- diff --git a/doc/guide/admin/Makefile b/doc/guide/admin/Makefile index d4ee50883a..701fdda4b4 100644 --- a/doc/guide/admin/Makefile +++ b/doc/guide/admin/Makefile @@ -62,6 +62,7 @@ sdf-img: \ config_local.png \ config_ref.png \ config_repl.gif \ + dual_dc.png \ intro_dctree.png \ intro_tree.png \ refint.png diff --git a/doc/guide/admin/aspell.en.pws b/doc/guide/admin/aspell.en.pws index 13db2b8acd..3c201dd2a8 100644 --- a/doc/guide/admin/aspell.en.pws +++ b/doc/guide/admin/aspell.en.pws @@ -1,4 +1,4 @@ -personal_ws-1.1 en 1483 +personal_ws-1.1 en 1491 nattrsets inappropriateAuthentication api @@ -144,23 +144,23 @@ dbcache mkversion objectClasses objectclasses -searchResultReference adminLimitExceeded +searchResultReference fmt qdescrs olcSuffix objectClassModsProhibited +unavailableCriticalExtension supportedControl GHz -unavailableCriticalExtension libpath INADDR compareDN sizelimit unixODBC +notAllowedOnNonLeaf APIs blen -notAllowedOnNonLeaf attrsOnly attrsonly slappasswd @@ -171,8 +171,8 @@ wBDARESEhgVG syncIdSet olcTLSCipherSuite username -sizeLimitExceeded aliasProblem +sizeLimitExceeded subst idl chroot @@ -207,8 +207,8 @@ attrpair balancer entryAlreadyExists BerkeleyDB's -singleLevel notAllowedOnRDN +singleLevel entryDN dSAOperation includedir @@ -268,6 +268,7 @@ len perl dynlist browseable +posixGroup attrvalue pers retcode @@ -412,6 +413,7 @@ libdir unindexed ObjectClassDescription attrdesc +jsmith efgh exopPasswdDN ranlib @@ -584,9 +586,9 @@ oldPasswd sys pwdPolicy slapd +affectsMultipleDSAs sasl slapauth -affectsMultipleDSAs MANCOMPRESS octetStringOrderingStringMatch updatedn @@ -683,6 +685,7 @@ olcReplicationInterval fG gidNumber fi +Instanstantiation eq FIPS dx @@ -727,8 +730,8 @@ oc invalidAttributeSyntax errOp pwdMaxAge -truelies insufficientAccessRights +truelies NL mr reindex @@ -751,8 +754,8 @@ NOSYNC slapover RL sockname -MANCOMPRESSSUFFIX noSuchAttribute +MANCOMPRESSSUFFIX makeinfo coltags ro @@ -786,6 +789,7 @@ Za Vu idlecachesize objectClassViolation +allusers ws errSleepTime INSTALLFLAGS @@ -885,6 +889,7 @@ serverID memberOf memberof pseudorootpw +allmail CFLAGS operationsError substr @@ -907,6 +912,7 @@ olcRootDN octetString SampleLDAP expr +allusersgroup PostgreSQL bvstr filesystem @@ -1195,6 +1201,7 @@ matchingRule matchingrule SmVuc MSSQL +nisMailAlias hostnames ctrlp lltdl @@ -1333,6 +1340,7 @@ attributetype attributeType auditModRDN cacert +memberUid freebuf IDSET pwdGraceAuthnLimit diff --git a/doc/guide/admin/dual_dc.png b/doc/guide/admin/dual_dc.png new file mode 100644 index 0000000000..367310f4ba Binary files /dev/null and b/doc/guide/admin/dual_dc.png differ diff --git a/doc/guide/admin/replication.sdf b/doc/guide/admin/replication.sdf index 5d38627fde..6bd3a9cf5c 100644 --- a/doc/guide/admin/replication.sdf +++ b/doc/guide/admin/replication.sdf @@ -151,10 +151,34 @@ H3: delta-syncrepl replication H3: N-Way Multi-Master replication -http://www.connexitor.com/blog/pivot/entry.php?id=105#body -http://www.openldap.org/lists/openldap-software/200702/msg00006.html -http://www.openldap.org/lists/openldap-software/200602/msg00064.html +Multi-Master replication is a replication technique using Syncrepl to replicate +data to multiple Master Directory servers. +* Advantages of Multi-Master replication: + +- If any master fails, other masters will continue to accept updates +- Avoids a single point of failure +- Masters can be located in several physical sites i.e. distributed across the +network/globe. +- Good for Automatic failover/High Availability + +* Disadvantages of Multi-Master replication: + +- It has {{B:NOTHING}} to do with load balancing +- {{URL:http://www.openldap.org/faq/data/cache/1240.html}} +- If connectivity with a master is lost because of a network partition, then +"automatic failover" can just compound the problem +- Typically, a particular machine cannot distinguish between losing contact + with a peer because that peer crashed, or because the network link has failed +- If a network is partitioned and multiple clients start writing to each of the +"masters" then reconciliation will be a pain; it may be best to simply deny +writes to the clients that are partitioned from the single master +- Masters {{B:must}} propagate writes to {{B:all}} the other servers, which +means the network traffic and write load is constant and spreads across all +of the servers + + +This is discussed in full in the {{SECT:N-Way Multi-Master}} section below H3: MirrorMode replication @@ -575,6 +599,9 @@ cookie stored in the consumer replica database. H2: N-Way Multi-Master +Import and expand from link: + +{{URL:http://blog.suretecsystems.com/archives/40-OpenLDAP-Weekly-News-Issue-5.html#extended}} H2: MirrorMode @@ -616,7 +643,7 @@ slapd syncrepl provider, then the only change is the following two directives: > mirrormode on > serverID 1 -Note: You need to make sure that the {{sererID}} of each mirror node pair is +Note: You need to make sure that the {{serverID}} of each mirror node pair is different and that the {{provider}} syncrepl directive points to the opposite mirror node. @@ -671,6 +698,8 @@ dedicated proxy software, 2. using a Back-LDAP proxy as a syncrepl provider A typical enterprise example might be: +!import "dual_dc.png"; align="center"; title="MirrorMode Enterprise Configuration" +FT[align="Center"] Figure X.Y: MirrorMode in a Dual Data Center Configuration H4: Normal Consumer Configuration diff --git a/doc/guide/images/src/dual_dc.svg b/doc/guide/images/src/dual_dc.svg new file mode 100755 index 0000000000..466bccf571 --- /dev/null +++ b/doc/guide/images/src/dual_dc.svg @@ -0,0 +1,6810 @@ + + + + + + + Firewall2 + + + + wall + brick + computer + networksym + + + + + Open Clip Art Library + + + + + HASH(0x89c79d4) + + + + + HASH(0x89c79d4) + + + + image/svg+xml + + + en + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Load Balancer Data Center A Data Center B Load Balancer + Replica Pool Replica Pool + + + + + + + + + + + + + + + Load Balancer + + + + + + MirrorMode 1 MirrorMode 2 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Load Balancer + + + Chaining Overlay 50% of total writes (DC A + DC B) are always off-site Clients Clients Each LB points tothe same MirrorModeNode at any time. +