snip
Syncrepl supports both partial and sparse replications. The shadow DIT
fragment is defined by a general search criteria consisting of base,
scope, filter, and attribute list. The replica content is also subject
to the access privileges of the bind identity of the syncrepl
replication connection.
snip
Taken from: http://www.bind9.net/manual/openldap/2.3/syncrepl.html
So partial dataset: No problems; you can specify accessible attributes
in the ACL for the syncrepl user on the provider, or the attributes to
replicate via the filter on the consumer.
As for the rest of the tree; since you have specified a leaf of the DIT
on the consumer to be replicated from a provider (with a scope), it will
ignore everything above it (and outside the scope) and just replicate
the provider into this leaf of the consumer DIT. So no problems here.
The thing I have NOT seen is replicating a section of a DIT to another
dn:
i.e.
Provider DN: o=grid,ou=luxy - Containing the entry: uid=hotness
Consumer DN: o=grid,c=taiwan,ou=luxy
Is suspect this is not possible but I have not looked into it enough,
and never had cause to test it.
> >
> > Also do you know where I can find pre build rpms for RHL5 and RHL4?
Always had luck with this guys work: /etc/yum.repos.d/OpenLDAP.repo # # OpenLDAP RPMs provided by Buchan Milne. No warranty or support provided on # these packages. # # 1)Save as /etc/yum.repos.d/OpenLDAP.repo # wget http://staff.telkomsa.net/packages/OpenLDAP.repo
-O /etc/yum.repos.d/OpenLDAP.repo
# 2)
# RHEL5:
# yum upgrade openldap-servers
# or
# yum install openldap2.4-servers
# RHEL4 and older:
# yum install openldap2.3-servers
# or
# yum install openldap2.4-servers
# Install libhoard or lib64hoard for a better memory allocator
[OpenLDAP - Buchan Milne]
name=OpenLDAP-$releasever
baseurl=http://staff.telkomsa.net/packages/rhel
$releasever/openldap/$basearch
gpgcheck=1
gpgkey=http://staff.telkomsa.net/packages/bgmilne.asc
enabled=1
> >
> > The other thing that we do in the top level BDII is to use the FCR
> > mechanism to delete come attributes. Is there any way to do this with
> > the sync repel method. Sync the DB but with one or two attributes do
> > something different?
As above the filter on the consumer or the ACL on the provider should take care of what gets replicated. Just one question, what is FCR?? FYI Laurence Field <Laurence.Field@cern.ch> writes: > > Hi,
> >
> > I am investigating the use of syncrepl to improve the efficiency of
> > the transport mechanism that we are currently using in a world-wide
> > distributed OpenLDAP deployment.
> >
> > If LDAP server A has information under
> > "cn=my_resource,dc=example,dc=com" is it possible to replicate this
> > information to LDAP server B but slightly modify the DN so that this
> > becomes a sub tree of a larger tree eg.
> > "cn=my_resource,cn=my_group,dc=example,dc=com"?
> >
> > Alternative suggestions are welcome and I would be happy to explain
> > what we are trying to do in more detail if anyone is interested.
In principle this is possible, but needs some redesign of your consumer hosts. There are several options, i.e. slapd-ldap(5), slapd-relay(5), slapo-rwm(5). -Dieter Hi Dieter >> >> Does anyone have an example of how to do a syncrepl where a single
>> >> slapd instance can act as both the consumer and producer?
>> >>
> >
> > have a look at tests/scripts/test019
> >
I took a look at test019 and it seams that the master and slave run on different ports and use different slapd.conf files. Will go through slapd.conf examples in detail to see if I can find any magic tricks that will help me get it working on the same port and in a single slapd.conf file. >> >> Also, has anyone done any scalability/reliability tests with syncrepl?
>> >>
> >
> > Yes I did, cascading databases up to 66 servers and multimaster
> > replication up to 14 hosts and up to 5 M entries. Hardware was Sun
> > Ultrasparc single core 8 GB, rackmounts.
> >
This is good to know, I am currently testing the replication of a database with 70K entries between CERN in Geneva and the University of Melbourne. After this I will do some more tests with multiple masters. -- LaurenceField - 16 Dec 2008
So partial dataset: No problems; you can specify accessible attributes
in the ACL for the syncrepl user on the provider, or the attributes to
replicate via the filter on the consumer.
As for the rest of the tree; since you have specified a leaf of the DIT
on the consumer to be replicated from a provider (with a scope), it will
ignore everything above it (and outside the scope) and just replicate
the provider into this leaf of the consumer DIT. So no problems here.
The thing I have NOT seen is replicating a section of a DIT to another
dn:
i.e.
Provider DN: o=grid,ou=luxy - Containing the entry: uid=hotness
Consumer DN: o=grid,c=taiwan,ou=luxy
Is suspect this is not possible but I have not looked into it enough,
and never had cause to test it.
> > > > Also do you know where I can find pre build rpms for RHL5 and RHL4?
Always had luck with this guys work: /etc/yum.repos.d/OpenLDAP.repo # # OpenLDAP RPMs provided by Buchan Milne. No warranty or support provided on # these packages. # # 1)Save as /etc/yum.repos.d/OpenLDAP.repo # wget http://staff.telkomsa.net/packages/OpenLDAP.repo
-O /etc/yum.repos.d/OpenLDAP.repo
# 2)
# RHEL5:
# yum upgrade openldap-servers
# or
# yum install openldap2.4-servers
# RHEL4 and older:
# yum install openldap2.3-servers
# or
# yum install openldap2.4-servers
# Install libhoard or lib64hoard for a better memory allocator
[OpenLDAP - Buchan Milne]
name=OpenLDAP-$releasever
baseurl=http://staff.telkomsa.net/packages/rhel
$releasever/openldap/$basearch
gpgcheck=1
gpgkey=http://staff.telkomsa.net/packages/bgmilne.asc
enabled=1
> > > > The other thing that we do in the top level BDII is to use the FCR
> > mechanism to delete come attributes. Is there any way to do this with
> > the sync repel method. Sync the DB but with one or two attributes do
> > something different?
As above the filter on the consumer or the ACL on the provider should take care of what gets replicated. Just one question, what is FCR?? FYI Laurence Field <Laurence.Field@cern.ch> writes: > > Hi,
> >
> > I am investigating the use of syncrepl to improve the efficiency of
> > the transport mechanism that we are currently using in a world-wide
> > distributed OpenLDAP deployment.
> >
> > If LDAP server A has information under
> > "cn=my_resource,dc=example,dc=com" is it possible to replicate this
> > information to LDAP server B but slightly modify the DN so that this
> > becomes a sub tree of a larger tree eg.
> > "cn=my_resource,cn=my_group,dc=example,dc=com"?
> >
> > Alternative suggestions are welcome and I would be happy to explain
> > what we are trying to do in more detail if anyone is interested.
In principle this is possible, but needs some redesign of your consumer hosts. There are several options, i.e. slapd-ldap(5), slapd-relay(5), slapo-rwm(5). -Dieter Hi Dieter >> >> Does anyone have an example of how to do a syncrepl where a single
>> >> slapd instance can act as both the consumer and producer?
>> >>
> >
> > have a look at tests/scripts/test019
> >
I took a look at test019 and it seams that the master and slave run on different ports and use different slapd.conf files. Will go through slapd.conf examples in detail to see if I can find any magic tricks that will help me get it working on the same port and in a single slapd.conf file. >> >> Also, has anyone done any scalability/reliability tests with syncrepl?
>> >>
> >
> > Yes I did, cascading databases up to 66 servers and multimaster
> > replication up to 14 hosts and up to 5 M entries. Hardware was Sun
> > Ultrasparc single core 8 GB, rackmounts.
> >
This is good to know, I am currently testing the replication of a database with 70K entries between CERN in Geneva and the University of Melbourne. After this I will do some more tests with multiple masters. -- LaurenceField - 16 Dec 2008
Edit | Attach | Topic revision: r2 - 2009-09-07 - LaurenceField
- EGEE Web
- EGEE Web Home
- gLite
- ProductTeams
- SA3
- JRA1
- TMB
- EMT
- SA1
- SA2
- NA2
- NA4
- EGEE-UIG
- List of registered projects
- List of EGEE-RP interactions
- Changes
- Index
- Search
Main.WebList
 |
|
Copyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Ask a support question or Send feedback