directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Karasulu <aok...@bellsouth.net>
Subject Re: [replication] Master slave replication will not suffice
Date Thu, 24 Feb 2005 02:55:30 GMT
Trustin Lee wrote:

>On Wed, 23 Feb 2005 20:15:46 -0500, Alex Karasulu <aok123@bellsouth.net> wrote:
>  
>
>>I was thinking about replication earlier today.  I was hoping we can
>>quickly implement master slave replication by piggy backing on a JMS
>>implementation like ActiveMQ.  It quickly occured to me however that
>>there is no way we can utilize a master slave rep. configuration without
>>loosing all the benefits of having embedded services like Kerberos, DNS,
>>DHCP etc.
>>
>>The reasoning behind this has to do with the way master-slave rep.
>>works.  Basically there is one master and all other servers are slaves
>>a.k.a. replicas.  A request to modify a replica returns an error
>>indicating the replica is not writable along with a referral to the
>>master.  I forget the exact LDAP result code returned.  The client would
>>then contact the master for the alteration what ever it may be.  The
>>master makes the change and propagates it to the replicas usually using
>>a special replication user that bypasses certain checks.
>>
>>Here's the problem: with a master slave setup an embedded inet service
>>like Kerberos will have to contact the master of the system to make
>>alterations on all replicas for any alterations to the DIT!  This
>>defeats the entire purpose of embedding the service in the first place
>>and limits the HA yeild from replication.
>>    
>>
>
>Doesn't Kerberos service use JNDI to access ApacheDS backend storage? 
>So, how about modifying JNDI provider to request the alteration to the
>master behind the scene?
>
>  
>
What's the point of embedding Kerberos with LDAP if communication has to 
be made to another LDAP server besides the one that is embedded?

>>So what we need is multimaster replication.  This is an order of
>>magnitude more complex than master slave replication.
>>
>>    -Alex
>>
>>    
>>
>
>- Trustin
>  
>


Mime
View raw message