These classnotes are depreciated. As of 2005, I no longer teach the classes. Notes will remain online for legacy purposes

LDAP01/Replication

Classnotes | LDAP01 | RecentChanges | Preferences

The feature of directory replication has not yet been standardized. Thus, while the concepts and principles apply universally, what we present by way of implimentation in this section is applicable to OpenLDAP only.

Because of this, it is not possible at this moment to replicate data across vendor-specific LDAP servers (that's not entirely true, it is possible to use the shell backend with OpenLDAP to construct scripts which allow it to replicate from some other LDAP, however something like that would be hard to do and it would be simpler just to get rid of all non-OpenLDAP servers.)

A frequently asked question is "When should I install a replica for all or part of my directory?" The answer depends heavily on your particular environment, but here are some symptoms that indicate a need for directory replication:

  • If one application makes heavy use of the directory and slows down the server response to other clients.

  • If the directory server does not have enough CPU or I/O capacity to handle the requests it is receiving.

  • If a group of clients located on the other side of a slow network link, a firewall, or some other network obstruction need access to the directory.

  • If the directory server cannot be taken offline for backups or updates.

  • For failover or redundancy.

So "How" does OpenLDAP replicate itself? The answer is another server daemon called slurpd. Figure 5-1 on page 80 shows the relationship between slapd and slurpd on the master directory server and the replica.

slurpd provides replication services "in band". That is, it uses the LDAP protocol to update a slave database from the master. Perhaps the easiest way to illustrate this is with an example. In this example, we trace the propagation of an LDAP modify operation from its initiation by the LDAP client to its distribution to the slave slapd instance.

Sample replication scenario:

  1. The LDAP client submits an LDAP modify operation to the slave slapd.
  2. The slave slapd returns a referral to the LDAP client referring the client to the master slapd.
  3. The LDAP client submits the LDAP modify operation to the master slapd.
  4. The master slapd performs the modify operation, writes out the change to its replication log file and returns a success code to the client.
  5. The slurpd process notices that a new entry has been appended to the replication log file, reads the replication log entry, and sends the change to the slave slapd via LDAP.
  6. The slave slapd performs the modify operation and returns a success code to the slurpd process.


Classnotes | LDAP01 | RecentChanges | Preferences
This page is read-only | View other revisions
Last edited September 24, 2003 11:47 pm (diff)
Search:
(C) Copyright 2003 Samuel Hart
Creative Commons License
This work is licensed under a Creative Commons License.