[Linux-cluster] LDAP as a service
Rick Stevens
ricks at alldigital.com
Thu Jan 24 22:49:45 UTC 2013
On 01/24/2013 01:57 PM, Dryden, Tom issued this missive:
>
> Good Afternoon,
>
> There are a couple of reasons to implement LDAP on a cluster.
> 1. I have a cluster with GFS partitions available.
Good.
> 2. Want to avoid the cost putting up 2 more machines for master -
> master LDAP operation.
Master-master LDAP replication is not hard to do and you're still going
to have two machines running LDAP. Perhaps not simultaneously, but you
will still have two machines.
> 3. Want to avoid the timeout the client experiences when the primary is
> unavailable.
This is what the TIMEOUT and SIZELIMIT and NETWORK_TIMEOUT variables in
the various incarnations of the ldap.conf file are for. The defaults do
make things sluggish if a primary goes down, but you can tweak that.
> My thought is to have the LADP data stored on a GFS partition while the
> LDAP server process and IP address are managed as a service. In this
> configuration the process can move between nodes with no impact to the
> clients.
Personally, I think you're over complicating things and unless you have
a ridiculously big LDAP database that you don't want to replicate, I
don't think you're really buying anything here. We run several master-
master LDAP clusters here--even with one replicating across the country
(California <--> Florida). Works fine.
That being said, as with most FOSS stuff, there's more than one way to
skin a mule. Do as you wish.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, AllDigital ricks at alldigital.com -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- All generalizations are false. -
----------------------------------------------------------------------
More information about the Linux-cluster
mailing list