SlideShare uma empresa Scribd logo

OpenLDAP Replication Strategies

Gavin Henry
Gavin Henry

OpenLDAP has been replacing proprietary directory server offerings in the private sector, public sector and the financial sector at an increasing pace. This is largely due to its performance and scalability, dynamic configuration capabilities and flexible extensibility via bundled modules. OpenLDAP would not have earned its place in these sectors without enterprise grade replication options. In this talk, an overview of the latest production ready OpenLDAP 2.4 replication features will be discussed and the numerous best practice strategies will be presented covering the most common deployment configurations found in the wild.

Tecnologia
1 de 33
Baixar para ler offline
OpenLDAP Replication Strategies Gavin Henry Managing Director, Suretec Systems Ltd. - ghenry@suretecsystems.com Documentation Developer, OpenLDAP Project - ghenry@openldap.org
Agenda Overview ● The History of Replication ● Replication Technology ● Deployment Alternatives ● Replication Best Practices ● Questions and Answers ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 2
Overview OpenLDAP is an open source code project ● Founded 1998 ● Three core team members ● A dozen or so contributors (engineering team) ● Feature releases every 12-18 months ● Maintenance releases roughly monthly ●
Overview Replicated directories are a fundamental requirement ● for delivering a resilient enterprise deployment. Slurpd is now completely removed from 2.4 ● There's new terminology – Provider/Consumer ● MirrorMode and Multi-Master now available ● Replication needs to support complex environments ● Wonderful things can be done with the “Dynamic ● Configuration Backend” http://creativecommons.org/licenses/by/3.0/ 02/04/09 4
The History of Replication Slurpd was the first form of replication ● Slurpd was a standalone daemon plagued with ● problems (in brief): slurpd never rerouted requests – It was not reliable – It was extremely sensitive to the ordering of records in – the replog more.... – http://creativecommons.org/licenses/by/3.0/ 02/04/09 5
The History of Replication It could easily go out of sync, at which point manual – intervention was required It wasn't very tolerant of unavailable servers. – It only worked in push mode – It required stopping and restarting the master to add new – slaves It only supported single master replication – Slurpd is no longer part of OpenLDAP 2.4 ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 6
The History of Replication Syncrepl has none of those weaknesses ● Syncrepl was born on April Fools Day 2003 and ● is documented in the Admin Guide and RFC 4533 - “LDAP Content Synchronization Operation” It is extremely flexible and “JGOWI” ● Push Based, Pull based, Proxies..... ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 7
The History of Replication OpenLDAP 2.4 adds: ● MirrorMode (Active-Active Hot-standby) – N-Way Multimaster Replication – More sophisticated Syncrepl configurations – Replicating slapd Configuration (syncrepl and cn=config) – http://creativecommons.org/licenses/by/3.0/ 02/04/09 8
Deployment Alternatives Syncrepl ● Delta-syncrepl ● N-Way Multi-Master ● MirrorMode ● Syncrepl Proxy Mode ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 9
LDAP Content Synchronization Protocol (LDAP Sync) RFC 4533 - LDAP Content Synchronization ● Operation - June 2006 refreshOnly and refreshAndPersist ● Eventually-convergent content synchronization ● Client can be notified that a complete reload is ● needed (used in Delta-syncrepl) Copy of “DIT Fragment” ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 10
LDAP Content Synchronization Protocol (LDAP Sync) Inconsistencies resolved on subsequent syncs ● Not good for bandwidth challenged ● apps/deployments Not for use with apps that need “transactional ● data consistency” Example of refreshOnly and refreshAndPresist ● to follow http://creativecommons.org/licenses/by/3.0/ 02/04/09 11
http://creativecommons.org/licenses/by/3.0/ 02/04/09 12
http://creativecommons.org/licenses/by/3.0/ 02/04/09 13
LDAP Sync Replication (Syncrepl) LDAP Sync Replication engine, syncrepl for short ● Consumer-side replication engine ● Resides at the consumer and executes as one of the ● slapd(8) threads. Uses the LDAP Content Synchronization protocol (or ● LDAP Sync for short) - RFC4533 LDAP Sync provides a stateful replication which supports ● both pull-based and push-based synchronization and does not mandate the use of a history store. http://creativecommons.org/licenses/by/3.0/ 02/04/09 14
LDAP Sync Replication (Syncrepl) Pull-based replication - periodically polls the provider for ● updates. Push-based replication - consumer listens for updates that are ● sent in realtime Syncrepl tracks status of the replication content by maintaining ● and exchanging synchronization cookies Consumer replica can be constructed from a consumer-side or ● a provider-side backup at any synchronization status. Syncrepl can automatically resynchronize the consumer replica ● up-to-date with the current provider content. http://creativecommons.org/licenses/by/3.0/ 02/04/09 15
LDAP Sync Replication (Syncrepl) Session log can be used in the provider which stores the ● entryUUIDs of a finite number of entries deleted from a database in order to use the delete phase LDAP Sync provider maintains a contextCSN in the suffix ● entry (change sequence number = CSN) It is the largest entryCSN in the provider context ● (depending on outstanding transactions) contextCSN maintained primarily in memory and written at ● shutdown, but can be checkpointed. http://creativecommons.org/licenses/by/3.0/ 02/04/09 16
LDAP Sync Replication (Syncrepl) Whole database scanned if contextCSN not found and ● new one generated Consumer also stores its replica state, which is the ● provider's contextCSN received as a synchronization cookie New Consumer doesn't change provider config ● No provider restarts needed ● Consumer replication can stop without the need for ● provider-side changes and restart. http://creativecommons.org/licenses/by/3.0/ 02/04/09 17
Delta-syncrepl Disadvantages of LDAP Sync ● LDAP Sync replication is an object-based ● replication Both the changed and unchanged attribute values ● are processed Excess traffic generated for small changes ● changelog-based variant of syncrepl ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 18
Delta-syncrepl Maintains a changelog on the provider ● Consumer checks the changelog for the ● changes it needs If a replica is too far out of sync, switches to ● conventional syncrepl Switches back to the delta-syncrepl mode when ● fully sync'd http://creativecommons.org/licenses/by/3.0/ 02/04/09 19
http://creativecommons.org/licenses/by/3.0/ 02/04/09 20
N-Way Multi-Master Uses Syncrepl to replicate data to multiple provider ● (quot;Masterquot;) Directory servers. Avoids a single point of failure ● Supports complex topologies ● Providers can be located in several physical sites ● Good for Automatic failover/High Availability ● Requires synchronised time source - ntp ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 21
N-Way Multi-Master It has NOTHING to do with load balancing ● Providers must propagate writes to all the other servers ● Network traffic and write load spreads across all of the ● servers the same as for single-master. Server utilization and performance are at best identical for ● Multi-Master and Single-Master replication Single-Master is superior because indexing can be tuned ● differently to optimize for the different usage patterns between the provider and the consumers. http://creativecommons.org/licenses/by/3.0/ 02/04/09 22
N-Way Multi-Master Breaks the data consistency guarantees of the ● directory model Crashed, or network link has failed??? ● More: ● http://www.watersprings.org/pub/id/draft-zeilenga-ldup-harmful-02.txt ● http://www.openldap.org/faq/data/cache/1240.html ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 23
http://creativecommons.org/licenses/by/3.0/ 02/04/09 24
MirrorMode Is a Active-Active Hot-Standby solution ● External front end needed ● Not a Multi-Master solution ● Syncrepl also allows the provider nodes to re- ● synchronize after any downtime Delta-Syncrepl is not yet supported ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 25
MirrorMode Two providers are set up to replicate from each ● other An external frontend is employed to direct all ● writes to only one of the two servers. The second provider will only be used for writes ● if the first provider crashes automatically catch up to any changes on the ● running provider and resync. http://creativecommons.org/licenses/by/3.0/ 02/04/09 26
MirrorMode http://creativecommons.org/licenses/by/3.0/ 02/04/09 27
Syncrepl Proxy Mode refreshAndPersist must still ● be initiated from the consumer Firewalls may need provider ● initiated push-mode replication slapd-ldap proxy is set up ● near or with the provider that points to the consumer syncrepl engine runs on the ● proxy and points to provider http://creativecommons.org/licenses/by/3.0/ 02/04/09 28
Syncrepl Proxy Mode http://creativecommons.org/licenses/by/3.0/ 02/04/09 29
Replication Best Practices Use a replication user ● You can restart replication by adding/removing ● syncrepl statement if needed when changing replication credentials/certificates MirrorMode always good enough for most ● enterprises dependent on global requirements Slapo-chain to chain writes back to provider ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 30
Replication Best Practices [ghenry@suretec ~]$ ldapsearch ­x ­LLL ­H ldap[?]://master:389 ­s base ­b  'dc=suretecsystems,dc=com' contextCSN[?] dn: dc=suretecsystems,dc=com  contextCSN: 20081025222436.822813Z&000000;000#000000  [ghenry@suretec ~]$ ldapsearch ­x ­LLL ­H ldap://slave:389 ­s base ­b  'dc=suretecsystems,dc=com' contextCSN dn: dc=suretecsystems,dc=com  contextCSN: 20081025222436.822813Z&000000;000#000000 Backups – online(ldapsearch)/offline(slapcat)/phyiscal ● Checkpointing ● Monitoring: ● Nagios ● ZenOSS etc. ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 31
Conclusion OpenLDAP is the fastest directory software in the ● world. Now it also provides the best replication features in the world. There is always a replication model to suit your needs, ● if not send us a patch! Don't hide in a corner, join our community, ask ● questions and help others! - http://www.openldap.org http://creativecommons.org/licenses/by/3.0/ 02/04/09 32
Questions? http://creativecommons.org/licenses/by/3.0/ 02/04/09 33

Recomendados

Tips & Tricks for Apache Kafka®
Tips & Tricks for Apache Kafka®Tips & Tricks for Apache Kafka®
Tips & Tricks for Apache Kafka®confluent
 
Maksim Vazhenin [Dell Technologies] | InfluxDB for Storage System Monitoring ...
Maksim Vazhenin [Dell Technologies] | InfluxDB for Storage System Monitoring ...Maksim Vazhenin [Dell Technologies] | InfluxDB for Storage System Monitoring ...
Maksim Vazhenin [Dell Technologies] | InfluxDB for Storage System Monitoring ...InfluxData
 
Room 2 - 6 - Đinh Tuấn Phong - Migrate opensource database to Kubernetes easi...
Room 2 - 6 - Đinh Tuấn Phong - Migrate opensource database to Kubernetes easi...Room 2 - 6 - Đinh Tuấn Phong - Migrate opensource database to Kubernetes easi...
Room 2 - 6 - Đinh Tuấn Phong - Migrate opensource database to Kubernetes easi...Vietnam Open Infrastructure User Group
 
IBM MQ on cloud and containers
IBM MQ on cloud and containersIBM MQ on cloud and containers
IBM MQ on cloud and containersRobert Parker
 
Terraform modules and some of best-practices - March 2019
Terraform modules and some of best-practices - March 2019Terraform modules and some of best-practices - March 2019
Terraform modules and some of best-practices - March 2019Anton Babenko
 
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...Simplilearn
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetesrajdeep
 
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache James
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache JamesRoom 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache James
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache JamesVietnam Open Infrastructure User Group
 

Recomendados

Tips & Tricks for Apache Kafka®
Tips & Tricks for Apache Kafka®Tips & Tricks for Apache Kafka®
Tips & Tricks for Apache Kafka®confluent
 
Maksim Vazhenin [Dell Technologies] | InfluxDB for Storage System Monitoring ...
Maksim Vazhenin [Dell Technologies] | InfluxDB for Storage System Monitoring ...Maksim Vazhenin [Dell Technologies] | InfluxDB for Storage System Monitoring ...
Maksim Vazhenin [Dell Technologies] | InfluxDB for Storage System Monitoring ...InfluxData
 
Room 2 - 6 - Đinh Tuấn Phong - Migrate opensource database to Kubernetes easi...
Room 2 - 6 - Đinh Tuấn Phong - Migrate opensource database to Kubernetes easi...Room 2 - 6 - Đinh Tuấn Phong - Migrate opensource database to Kubernetes easi...
Room 2 - 6 - Đinh Tuấn Phong - Migrate opensource database to Kubernetes easi...Vietnam Open Infrastructure User Group
 
IBM MQ on cloud and containers
IBM MQ on cloud and containersIBM MQ on cloud and containers
IBM MQ on cloud and containersRobert Parker
 
Terraform modules and some of best-practices - March 2019
Terraform modules and some of best-practices - March 2019Terraform modules and some of best-practices - March 2019
Terraform modules and some of best-practices - March 2019Anton Babenko
 
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...Simplilearn
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetesrajdeep
 
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache James
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache JamesRoom 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache James
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache JamesVietnam Open Infrastructure User Group
 
Hadoop Meetup Jan 2019 - Overview of Ozone
Hadoop Meetup Jan 2019 - Overview of OzoneHadoop Meetup Jan 2019 - Overview of Ozone
Hadoop Meetup Jan 2019 - Overview of OzoneErik Krogen
 
The top 3 challenges running multi-tenant Flink at scale
The top 3 challenges running multi-tenant Flink at scaleThe top 3 challenges running multi-tenant Flink at scale
The top 3 challenges running multi-tenant Flink at scaleFlink Forward
 
12 factor app - Core Guidelines To Cloud Ready Solutions
12 factor app - Core Guidelines To Cloud Ready Solutions12 factor app - Core Guidelines To Cloud Ready Solutions
12 factor app - Core Guidelines To Cloud Ready SolutionsKashif Ali Siddiqui
 
Achieving CI/CD with Kubernetes
Achieving CI/CD with KubernetesAchieving CI/CD with Kubernetes
Achieving CI/CD with KubernetesRamit Surana
 
Terraform
TerraformTerraform
TerraformPathum Fernando ☁
 
Red Hat OpenShift -- Innovation without limitation.pdf
Red Hat OpenShift -- Innovation without limitation.pdfRed Hat OpenShift -- Innovation without limitation.pdf
Red Hat OpenShift -- Innovation without limitation.pdfssuser1490e8
 
Event driven microservices
Event driven microservicesEvent driven microservices
Event driven microservicesAnthony Martin
 
Docker
DockerDocker
DockerMokhless Hachicha
 
Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018Anton Babenko
 
Deploying Flink on Kubernetes - David Anderson
Deploying Flink on Kubernetes - David Anderson Deploying Flink on Kubernetes - David Anderson
Deploying Flink on Kubernetes - David AndersonVerverica
 
Disaster Recovery and High Availability with Kafka, SRM and MM2
Disaster Recovery and High Availability with Kafka, SRM and MM2Disaster Recovery and High Availability with Kafka, SRM and MM2
Disaster Recovery and High Availability with Kafka, SRM and MM2Abdelkrim Hadjidj
 
Intro to Helm for Kubernetes
Intro to Helm for KubernetesIntro to Helm for Kubernetes
Intro to Helm for KubernetesCarlos E. Salazar
 
Apache Kafka
Apache KafkaApache Kafka
Apache Kafkaemreakis
 
The Beginner’s Guide To Spring Cloud
The Beginner’s Guide To Spring CloudThe Beginner’s Guide To Spring Cloud
The Beginner’s Guide To Spring CloudVMware Tanzu
 
Rancher MasterClass - Avoiding-configuration-drift.pptx
Rancher MasterClass - Avoiding-configuration-drift.pptxRancher MasterClass - Avoiding-configuration-drift.pptx
Rancher MasterClass - Avoiding-configuration-drift.pptxLibbySchulze
 
Introduction of android treble
Introduction of android trebleIntroduction of android treble
Introduction of android trebleBin Yang
 
Terraform
TerraformTerraform
TerraformAdam Vincze
 
Introduction to Helm
Introduction to HelmIntroduction to Helm
Introduction to HelmHarshal Shah
 
Deep Dive - CI/CD on AWS
Deep Dive - CI/CD on AWSDeep Dive - CI/CD on AWS
Deep Dive - CI/CD on AWSAmazon Web Services
 
An Introduction to Kubernetes
An Introduction to KubernetesAn Introduction to Kubernetes
An Introduction to KubernetesImesh Gunaratne
 
Manage password policy in OpenLDAP
Manage password policy in OpenLDAPManage password policy in OpenLDAP
Manage password policy in OpenLDAPLDAPCon
 
CMDBuild overview (Japanese) V2.4 update
CMDBuild overview (Japanese) V2.4 updateCMDBuild overview (Japanese) V2.4 update
CMDBuild overview (Japanese) V2.4 updateOSSラボ株式会社
 

Mais conteúdo relacionado

Mais procurados

Hadoop Meetup Jan 2019 - Overview of Ozone
Hadoop Meetup Jan 2019 - Overview of OzoneHadoop Meetup Jan 2019 - Overview of Ozone
Hadoop Meetup Jan 2019 - Overview of OzoneErik Krogen
 
The top 3 challenges running multi-tenant Flink at scale
The top 3 challenges running multi-tenant Flink at scaleThe top 3 challenges running multi-tenant Flink at scale
The top 3 challenges running multi-tenant Flink at scaleFlink Forward
 
12 factor app - Core Guidelines To Cloud Ready Solutions
12 factor app - Core Guidelines To Cloud Ready Solutions12 factor app - Core Guidelines To Cloud Ready Solutions
12 factor app - Core Guidelines To Cloud Ready SolutionsKashif Ali Siddiqui
 
Achieving CI/CD with Kubernetes
Achieving CI/CD with KubernetesAchieving CI/CD with Kubernetes
Achieving CI/CD with KubernetesRamit Surana
 
Red Hat OpenShift -- Innovation without limitation.pdf
Red Hat OpenShift -- Innovation without limitation.pdfRed Hat OpenShift -- Innovation without limitation.pdf
Red Hat OpenShift -- Innovation without limitation.pdfssuser1490e8
 
Event driven microservices
Event driven microservicesEvent driven microservices
Event driven microservicesAnthony Martin
 
Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018Anton Babenko
 
Deploying Flink on Kubernetes - David Anderson
Deploying Flink on Kubernetes - David Anderson Deploying Flink on Kubernetes - David Anderson
Deploying Flink on Kubernetes - David AndersonVerverica
 
Disaster Recovery and High Availability with Kafka, SRM and MM2
Disaster Recovery and High Availability with Kafka, SRM and MM2Disaster Recovery and High Availability with Kafka, SRM and MM2
Disaster Recovery and High Availability with Kafka, SRM and MM2Abdelkrim Hadjidj
 
Intro to Helm for Kubernetes
Intro to Helm for KubernetesIntro to Helm for Kubernetes
Intro to Helm for KubernetesCarlos E. Salazar
 
Apache Kafka
Apache KafkaApache Kafka
Apache Kafkaemreakis
 
The Beginner’s Guide To Spring Cloud
The Beginner’s Guide To Spring CloudThe Beginner’s Guide To Spring Cloud
The Beginner’s Guide To Spring CloudVMware Tanzu
 
Rancher MasterClass - Avoiding-configuration-drift.pptx
Rancher MasterClass - Avoiding-configuration-drift.pptxRancher MasterClass - Avoiding-configuration-drift.pptx
Rancher MasterClass - Avoiding-configuration-drift.pptxLibbySchulze
 
Introduction of android treble
Introduction of android trebleIntroduction of android treble
Introduction of android trebleBin Yang
 
Introduction to Helm
Introduction to HelmIntroduction to Helm
Introduction to HelmHarshal Shah
 
An Introduction to Kubernetes
An Introduction to KubernetesAn Introduction to Kubernetes
An Introduction to KubernetesImesh Gunaratne
 

Mais procurados (20)

Hadoop Meetup Jan 2019 - Overview of Ozone
Hadoop Meetup Jan 2019 - Overview of OzoneHadoop Meetup Jan 2019 - Overview of Ozone
Hadoop Meetup Jan 2019 - Overview of Ozone
 
The top 3 challenges running multi-tenant Flink at scale
The top 3 challenges running multi-tenant Flink at scaleThe top 3 challenges running multi-tenant Flink at scale
The top 3 challenges running multi-tenant Flink at scale
 
12 factor app - Core Guidelines To Cloud Ready Solutions
12 factor app - Core Guidelines To Cloud Ready Solutions12 factor app - Core Guidelines To Cloud Ready Solutions
12 factor app - Core Guidelines To Cloud Ready Solutions
 
Achieving CI/CD with Kubernetes
Achieving CI/CD with KubernetesAchieving CI/CD with Kubernetes
Achieving CI/CD with Kubernetes
 
Terraform
TerraformTerraform
Terraform
 
Red Hat OpenShift -- Innovation without limitation.pdf
Red Hat OpenShift -- Innovation without limitation.pdfRed Hat OpenShift -- Innovation without limitation.pdf
Red Hat OpenShift -- Innovation without limitation.pdf
 
Event driven microservices
Event driven microservicesEvent driven microservices
Event driven microservices
 
Docker
DockerDocker
Docker
 
Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018
 
Deploying Flink on Kubernetes - David Anderson
Deploying Flink on Kubernetes - David Anderson Deploying Flink on Kubernetes - David Anderson
Deploying Flink on Kubernetes - David Anderson
 
Disaster Recovery and High Availability with Kafka, SRM and MM2
Disaster Recovery and High Availability with Kafka, SRM and MM2Disaster Recovery and High Availability with Kafka, SRM and MM2
Disaster Recovery and High Availability with Kafka, SRM and MM2
 
Intro to Helm for Kubernetes
Intro to Helm for KubernetesIntro to Helm for Kubernetes
Intro to Helm for Kubernetes
 
Apache Kafka
Apache KafkaApache Kafka
Apache Kafka
 
The Beginner’s Guide To Spring Cloud
The Beginner’s Guide To Spring CloudThe Beginner’s Guide To Spring Cloud
The Beginner’s Guide To Spring Cloud
 
Rancher MasterClass - Avoiding-configuration-drift.pptx
Rancher MasterClass - Avoiding-configuration-drift.pptxRancher MasterClass - Avoiding-configuration-drift.pptx
Rancher MasterClass - Avoiding-configuration-drift.pptx
 
Introduction of android treble
Introduction of android trebleIntroduction of android treble
Introduction of android treble
 
Terraform
TerraformTerraform
Terraform
 
Introduction to Helm
Introduction to HelmIntroduction to Helm
Introduction to Helm
 
Deep Dive - CI/CD on AWS
Deep Dive - CI/CD on AWSDeep Dive - CI/CD on AWS
Deep Dive - CI/CD on AWS
 
An Introduction to Kubernetes
An Introduction to KubernetesAn Introduction to Kubernetes
An Introduction to Kubernetes
 

Destaque

Manage password policy in OpenLDAP
Manage password policy in OpenLDAPManage password policy in OpenLDAP
Manage password policy in OpenLDAPLDAPCon
 
CMDBuild overview (Japanese) V2.4 update
CMDBuild overview (Japanese) V2.4 updateCMDBuild overview (Japanese) V2.4 update
CMDBuild overview (Japanese) V2.4 updateOSSラボ株式会社
 
OpenLDAP - Astuces pour en faire l'annuaire d'entreprise idéal
OpenLDAP - Astuces pour en faire l'annuaire d'entreprise idéalOpenLDAP - Astuces pour en faire l'annuaire d'entreprise idéal
OpenLDAP - Astuces pour en faire l'annuaire d'entreprise idéalJonathan Clarke
 
Ldap Synchronization Connector @ 2011.RMLL
Ldap Synchronization Connector @ 2011.RMLLLdap Synchronization Connector @ 2011.RMLL
Ldap Synchronization Connector @ 2011.RMLLsbahloul
 
Nis Vs Ldap
Nis Vs LdapNis Vs Ldap
Nis Vs LdapJuan Bau
 
LSC - Synchronizing identities @ Loadays 2010
LSC - Synchronizing identities @ Loadays 2010 LSC - Synchronizing identities @ Loadays 2010
LSC - Synchronizing identities @ Loadays 2010RUDDER
 
OpenLDAP configuration brought to Apache Directory Studio
OpenLDAP configuration brought to Apache Directory StudioOpenLDAP configuration brought to Apache Directory Studio
OpenLDAP configuration brought to Apache Directory StudioLDAPCon
 
Installing & Configuring OpenLDAP (Hands On Lab)
Installing & Configuring OpenLDAP (Hands On Lab)Installing & Configuring OpenLDAP (Hands On Lab)
Installing & Configuring OpenLDAP (Hands On Lab)Michael Lamont
 
What's New in OpenLDAP
What's New in OpenLDAPWhat's New in OpenLDAP
What's New in OpenLDAPLDAPCon
 
Synchronize OpenLDAP with Active Directory with LSC project
Synchronize OpenLDAP with Active Directory with LSC projectSynchronize OpenLDAP with Active Directory with LSC project
Synchronize OpenLDAP with Active Directory with LSC projectClément OUDOT
 
RMLL 2013 - Synchronize OpenLDAP and Active Directory with LSC
RMLL 2013 - Synchronize OpenLDAP and Active Directory with LSCRMLL 2013 - Synchronize OpenLDAP and Active Directory with LSC
RMLL 2013 - Synchronize OpenLDAP and Active Directory with LSCClément OUDOT
 
Active Directory & LDAP Authentication Without Triggers
Active Directory & LDAP Authentication Without TriggersActive Directory & LDAP Authentication Without Triggers
Active Directory & LDAP Authentication Without TriggersPerforce
 
RMLL 2014 - OpenLDAP - Manage password policy
RMLL 2014 - OpenLDAP - Manage password policyRMLL 2014 - OpenLDAP - Manage password policy
RMLL 2014 - OpenLDAP - Manage password policyClément OUDOT
 
Synchronize AD and OpenLDAP with LSC
Synchronize AD and OpenLDAP with LSCSynchronize AD and OpenLDAP with LSC
Synchronize AD and OpenLDAP with LSCLDAPCon
 
Open LDAP vs. Active Directory
Open LDAP vs. Active DirectoryOpen LDAP vs. Active Directory
Open LDAP vs. Active DirectoryAhmad Haghighi
 
System Engineer: OpenLDAP and Samba Server
System Engineer: OpenLDAP and Samba ServerSystem Engineer: OpenLDAP and Samba Server
System Engineer: OpenLDAP and Samba ServerTola LENG
 
Ldap system administration
Ldap system administrationLdap system administration
Ldap system administrationAli Abdo
 

Destaque (20)

Manage password policy in OpenLDAP
Manage password policy in OpenLDAPManage password policy in OpenLDAP
Manage password policy in OpenLDAP
 
CMDBuild overview (Japanese) V2.4 update
CMDBuild overview (Japanese) V2.4 updateCMDBuild overview (Japanese) V2.4 update
CMDBuild overview (Japanese) V2.4 update
 
OpenLDAP - Astuces pour en faire l'annuaire d'entreprise idéal
OpenLDAP - Astuces pour en faire l'annuaire d'entreprise idéalOpenLDAP - Astuces pour en faire l'annuaire d'entreprise idéal
OpenLDAP - Astuces pour en faire l'annuaire d'entreprise idéal
 
Ldap Synchronization Connector @ 2011.RMLL
Ldap Synchronization Connector @ 2011.RMLLLdap Synchronization Connector @ 2011.RMLL
Ldap Synchronization Connector @ 2011.RMLL
 
Nis Vs Ldap
Nis Vs LdapNis Vs Ldap
Nis Vs Ldap
 
IAO’s importance on sound student services in educational institutions
IAO’s importance on sound student services in educational institutionsIAO’s importance on sound student services in educational institutions
IAO’s importance on sound student services in educational institutions
 
LSC - Synchronizing identities @ Loadays 2010
LSC - Synchronizing identities @ Loadays 2010 LSC - Synchronizing identities @ Loadays 2010
LSC - Synchronizing identities @ Loadays 2010
 
OpenLDAP configuration brought to Apache Directory Studio
OpenLDAP configuration brought to Apache Directory StudioOpenLDAP configuration brought to Apache Directory Studio
OpenLDAP configuration brought to Apache Directory Studio
 
Installing & Configuring OpenLDAP (Hands On Lab)
Installing & Configuring OpenLDAP (Hands On Lab)Installing & Configuring OpenLDAP (Hands On Lab)
Installing & Configuring OpenLDAP (Hands On Lab)
 
What's New in OpenLDAP
What's New in OpenLDAPWhat's New in OpenLDAP
What's New in OpenLDAP
 
Synchronize OpenLDAP with Active Directory with LSC project
Synchronize OpenLDAP with Active Directory with LSC projectSynchronize OpenLDAP with Active Directory with LSC project
Synchronize OpenLDAP with Active Directory with LSC project
 
RMLL 2013 - Synchronize OpenLDAP and Active Directory with LSC
RMLL 2013 - Synchronize OpenLDAP and Active Directory with LSCRMLL 2013 - Synchronize OpenLDAP and Active Directory with LSC
RMLL 2013 - Synchronize OpenLDAP and Active Directory with LSC
 
Active Directory & LDAP Authentication Without Triggers
Active Directory & LDAP Authentication Without TriggersActive Directory & LDAP Authentication Without Triggers
Active Directory & LDAP Authentication Without Triggers
 
Rhel6
Rhel6Rhel6
Rhel6
 
RMLL 2014 - OpenLDAP - Manage password policy
RMLL 2014 - OpenLDAP - Manage password policyRMLL 2014 - OpenLDAP - Manage password policy
RMLL 2014 - OpenLDAP - Manage password policy
 
Synchronize AD and OpenLDAP with LSC
Synchronize AD and OpenLDAP with LSCSynchronize AD and OpenLDAP with LSC
Synchronize AD and OpenLDAP with LSC
 
Open LDAP vs. Active Directory
Open LDAP vs. Active DirectoryOpen LDAP vs. Active Directory
Open LDAP vs. Active Directory
 
AD & LDAP
AD & LDAPAD & LDAP
AD & LDAP
 
System Engineer: OpenLDAP and Samba Server
System Engineer: OpenLDAP and Samba ServerSystem Engineer: OpenLDAP and Samba Server
System Engineer: OpenLDAP and Samba Server
 
Ldap system administration
Ldap system administrationLdap system administration
Ldap system administration
 

Semelhante a OpenLDAP Replication Strategies

The architecture of oak
The architecture of oakThe architecture of oak
The architecture of oakMichael Dürig
 
Rails Application Optimization Techniques & Tools
Rails Application Optimization Techniques & ToolsRails Application Optimization Techniques & Tools
Rails Application Optimization Techniques & Toolsguest05c09d
 
Docker based Architecture by Denys Serdiuk
Docker based Architecture by Denys SerdiukDocker based Architecture by Denys Serdiuk
Docker based Architecture by Denys SerdiukLohika_Odessa_TechTalks
 
MySQL Replication Performance Tuning for Fun and Profit!
MySQL Replication Performance Tuning for Fun and Profit!MySQL Replication Performance Tuning for Fun and Profit!
MySQL Replication Performance Tuning for Fun and Profit!Vitor Oliveira
 
FIWARE Tech Summit - Docker Swarm Secrets for Creating Great FIWARE Platforms
FIWARE Tech Summit - Docker Swarm Secrets for Creating Great FIWARE PlatformsFIWARE Tech Summit - Docker Swarm Secrets for Creating Great FIWARE Platforms
FIWARE Tech Summit - Docker Swarm Secrets for Creating Great FIWARE PlatformsFIWARE
 
State of Containers and the Convergence of HPC and BigData
State of Containers and the Convergence of HPC and BigDataState of Containers and the Convergence of HPC and BigData
State of Containers and the Convergence of HPC and BigDatainside-BigData.com
 
Oracle RAC and Your Way to the Cloud by Angelo Pruscino
Oracle RAC and Your Way to the Cloud by Angelo PruscinoOracle RAC and Your Way to the Cloud by Angelo Pruscino
Oracle RAC and Your Way to the Cloud by Angelo PruscinoMarkus Michalewicz
 
Apache Kafka with Spark Streaming: Real-time Analytics Redefined
Apache Kafka with Spark Streaming: Real-time Analytics RedefinedApache Kafka with Spark Streaming: Real-time Analytics Redefined
Apache Kafka with Spark Streaming: Real-time Analytics RedefinedEdureka!
 
Digital Fabrication Studio.02 _Information @ Aalto Media Factory
Digital Fabrication Studio.02 _Information @ Aalto Media FactoryDigital Fabrication Studio.02 _Information @ Aalto Media Factory
Digital Fabrication Studio.02 _Information @ Aalto Media FactoryMassimo Menichinelli
 
Learning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a ClusterLearning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a Clusterphanleson
 
Docker Swarm secrets for creating great FIWARE platforms
Docker Swarm secrets for creating great FIWARE platformsDocker Swarm secrets for creating great FIWARE platforms
Docker Swarm secrets for creating great FIWARE platformsFederico Michele Facca
 
Power-Efficient Programming Using Qualcomm Multicore Asynchronous Runtime Env...
Power-Efficient Programming Using Qualcomm Multicore Asynchronous Runtime Env...Power-Efficient Programming Using Qualcomm Multicore Asynchronous Runtime Env...
Power-Efficient Programming Using Qualcomm Multicore Asynchronous Runtime Env...Qualcomm Developer Network
 
State of Linux Containers for HPC
State of Linux Containers for HPCState of Linux Containers for HPC
State of Linux Containers for HPCinside-BigData.com
 
Web scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelWeb scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelpurpleocean
 
Cat on demand emc vplex weakness
Cat on demand emc vplex weaknessCat on demand emc vplex weakness
Cat on demand emc vplex weaknessSahatma Siallagan
 
OpenPOWER Application Optimization
OpenPOWER Application Optimization OpenPOWER Application Optimization
OpenPOWER Application Optimization Ganesan Narayanasamy
 
Kafka Cluster Federation at Uber (Yupeng Fui & Xiaoman Dong, Uber) Kafka Summ...
Kafka Cluster Federation at Uber (Yupeng Fui & Xiaoman Dong, Uber) Kafka Summ...Kafka Cluster Federation at Uber (Yupeng Fui & Xiaoman Dong, Uber) Kafka Summ...
Kafka Cluster Federation at Uber (Yupeng Fui & Xiaoman Dong, Uber) Kafka Summ...confluent
 
Digital Fabrication Studio v.0.2: Information
Digital Fabrication Studio v.0.2: InformationDigital Fabrication Studio v.0.2: Information
Digital Fabrication Studio v.0.2: InformationMassimo Menichinelli
 
Container orchestration from theory to practice
Container orchestration from theory to practiceContainer orchestration from theory to practice
Container orchestration from theory to practiceDocker, Inc.
 
Drupal Efficiency
Drupal EfficiencyDrupal Efficiency
Drupal Efficiencysmattoon
 

Semelhante a OpenLDAP Replication Strategies (20)

The architecture of oak
The architecture of oakThe architecture of oak
The architecture of oak
 
Rails Application Optimization Techniques & Tools
Rails Application Optimization Techniques & ToolsRails Application Optimization Techniques & Tools
Rails Application Optimization Techniques & Tools
 
Docker based Architecture by Denys Serdiuk
Docker based Architecture by Denys SerdiukDocker based Architecture by Denys Serdiuk
Docker based Architecture by Denys Serdiuk
 
MySQL Replication Performance Tuning for Fun and Profit!
MySQL Replication Performance Tuning for Fun and Profit!MySQL Replication Performance Tuning for Fun and Profit!
MySQL Replication Performance Tuning for Fun and Profit!
 
FIWARE Tech Summit - Docker Swarm Secrets for Creating Great FIWARE Platforms
FIWARE Tech Summit - Docker Swarm Secrets for Creating Great FIWARE PlatformsFIWARE Tech Summit - Docker Swarm Secrets for Creating Great FIWARE Platforms
FIWARE Tech Summit - Docker Swarm Secrets for Creating Great FIWARE Platforms
 
State of Containers and the Convergence of HPC and BigData
State of Containers and the Convergence of HPC and BigDataState of Containers and the Convergence of HPC and BigData
State of Containers and the Convergence of HPC and BigData
 
Oracle RAC and Your Way to the Cloud by Angelo Pruscino
Oracle RAC and Your Way to the Cloud by Angelo PruscinoOracle RAC and Your Way to the Cloud by Angelo Pruscino
Oracle RAC and Your Way to the Cloud by Angelo Pruscino
 
Apache Kafka with Spark Streaming: Real-time Analytics Redefined
Apache Kafka with Spark Streaming: Real-time Analytics RedefinedApache Kafka with Spark Streaming: Real-time Analytics Redefined
Apache Kafka with Spark Streaming: Real-time Analytics Redefined
 
Digital Fabrication Studio.02 _Information @ Aalto Media Factory
Digital Fabrication Studio.02 _Information @ Aalto Media FactoryDigital Fabrication Studio.02 _Information @ Aalto Media Factory
Digital Fabrication Studio.02 _Information @ Aalto Media Factory
 
Learning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a ClusterLearning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a Cluster
 
Docker Swarm secrets for creating great FIWARE platforms
Docker Swarm secrets for creating great FIWARE platformsDocker Swarm secrets for creating great FIWARE platforms
Docker Swarm secrets for creating great FIWARE platforms
 
Power-Efficient Programming Using Qualcomm Multicore Asynchronous Runtime Env...
Power-Efficient Programming Using Qualcomm Multicore Asynchronous Runtime Env...Power-Efficient Programming Using Qualcomm Multicore Asynchronous Runtime Env...
Power-Efficient Programming Using Qualcomm Multicore Asynchronous Runtime Env...
 
State of Linux Containers for HPC
State of Linux Containers for HPCState of Linux Containers for HPC
State of Linux Containers for HPC
 
Web scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelWeb scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannel
 
Cat on demand emc vplex weakness
Cat on demand emc vplex weaknessCat on demand emc vplex weakness
Cat on demand emc vplex weakness
 
OpenPOWER Application Optimization
OpenPOWER Application Optimization OpenPOWER Application Optimization
OpenPOWER Application Optimization
 
Kafka Cluster Federation at Uber (Yupeng Fui & Xiaoman Dong, Uber) Kafka Summ...
Kafka Cluster Federation at Uber (Yupeng Fui & Xiaoman Dong, Uber) Kafka Summ...Kafka Cluster Federation at Uber (Yupeng Fui & Xiaoman Dong, Uber) Kafka Summ...
Kafka Cluster Federation at Uber (Yupeng Fui & Xiaoman Dong, Uber) Kafka Summ...
 
Digital Fabrication Studio v.0.2: Information
Digital Fabrication Studio v.0.2: InformationDigital Fabrication Studio v.0.2: Information
Digital Fabrication Studio v.0.2: Information
 
Container orchestration from theory to practice
Container orchestration from theory to practiceContainer orchestration from theory to practice
Container orchestration from theory to practice
 
Drupal Efficiency
Drupal EfficiencyDrupal Efficiency
Drupal Efficiency
 

Último

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 

Último (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 

OpenLDAP Replication Strategies

  • 1. OpenLDAP Replication Strategies Gavin Henry Managing Director, Suretec Systems Ltd. - ghenry@suretecsystems.com Documentation Developer, OpenLDAP Project - ghenry@openldap.org
  • 2. Agenda Overview ● The History of Replication ● Replication Technology ● Deployment Alternatives ● Replication Best Practices ● Questions and Answers ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 2
  • 3. Overview OpenLDAP is an open source code project ● Founded 1998 ● Three core team members ● A dozen or so contributors (engineering team) ● Feature releases every 12-18 months ● Maintenance releases roughly monthly ●
  • 4. Overview Replicated directories are a fundamental requirement ● for delivering a resilient enterprise deployment. Slurpd is now completely removed from 2.4 ● There's new terminology – Provider/Consumer ● MirrorMode and Multi-Master now available ● Replication needs to support complex environments ● Wonderful things can be done with the “Dynamic ● Configuration Backend” http://creativecommons.org/licenses/by/3.0/ 02/04/09 4
  • 5. The History of Replication Slurpd was the first form of replication ● Slurpd was a standalone daemon plagued with ● problems (in brief): slurpd never rerouted requests – It was not reliable – It was extremely sensitive to the ordering of records in – the replog more.... – http://creativecommons.org/licenses/by/3.0/ 02/04/09 5
  • 6. The History of Replication It could easily go out of sync, at which point manual – intervention was required It wasn't very tolerant of unavailable servers. – It only worked in push mode – It required stopping and restarting the master to add new – slaves It only supported single master replication – Slurpd is no longer part of OpenLDAP 2.4 ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 6
  • 7. The History of Replication Syncrepl has none of those weaknesses ● Syncrepl was born on April Fools Day 2003 and ● is documented in the Admin Guide and RFC 4533 - “LDAP Content Synchronization Operation” It is extremely flexible and “JGOWI” ● Push Based, Pull based, Proxies..... ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 7
  • 8. The History of Replication OpenLDAP 2.4 adds: ● MirrorMode (Active-Active Hot-standby) – N-Way Multimaster Replication – More sophisticated Syncrepl configurations – Replicating slapd Configuration (syncrepl and cn=config) – http://creativecommons.org/licenses/by/3.0/ 02/04/09 8
  • 9. Deployment Alternatives Syncrepl ● Delta-syncrepl ● N-Way Multi-Master ● MirrorMode ● Syncrepl Proxy Mode ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 9
  • 10. LDAP Content Synchronization Protocol (LDAP Sync) RFC 4533 - LDAP Content Synchronization ● Operation - June 2006 refreshOnly and refreshAndPersist ● Eventually-convergent content synchronization ● Client can be notified that a complete reload is ● needed (used in Delta-syncrepl) Copy of “DIT Fragment” ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 10
  • 11. LDAP Content Synchronization Protocol (LDAP Sync) Inconsistencies resolved on subsequent syncs ● Not good for bandwidth challenged ● apps/deployments Not for use with apps that need “transactional ● data consistency” Example of refreshOnly and refreshAndPresist ● to follow http://creativecommons.org/licenses/by/3.0/ 02/04/09 11
  • 14. LDAP Sync Replication (Syncrepl) LDAP Sync Replication engine, syncrepl for short ● Consumer-side replication engine ● Resides at the consumer and executes as one of the ● slapd(8) threads. Uses the LDAP Content Synchronization protocol (or ● LDAP Sync for short) - RFC4533 LDAP Sync provides a stateful replication which supports ● both pull-based and push-based synchronization and does not mandate the use of a history store. http://creativecommons.org/licenses/by/3.0/ 02/04/09 14
  • 15. LDAP Sync Replication (Syncrepl) Pull-based replication - periodically polls the provider for ● updates. Push-based replication - consumer listens for updates that are ● sent in realtime Syncrepl tracks status of the replication content by maintaining ● and exchanging synchronization cookies Consumer replica can be constructed from a consumer-side or ● a provider-side backup at any synchronization status. Syncrepl can automatically resynchronize the consumer replica ● up-to-date with the current provider content. http://creativecommons.org/licenses/by/3.0/ 02/04/09 15
  • 16. LDAP Sync Replication (Syncrepl) Session log can be used in the provider which stores the ● entryUUIDs of a finite number of entries deleted from a database in order to use the delete phase LDAP Sync provider maintains a contextCSN in the suffix ● entry (change sequence number = CSN) It is the largest entryCSN in the provider context ● (depending on outstanding transactions) contextCSN maintained primarily in memory and written at ● shutdown, but can be checkpointed. http://creativecommons.org/licenses/by/3.0/ 02/04/09 16
  • 17. LDAP Sync Replication (Syncrepl) Whole database scanned if contextCSN not found and ● new one generated Consumer also stores its replica state, which is the ● provider's contextCSN received as a synchronization cookie New Consumer doesn't change provider config ● No provider restarts needed ● Consumer replication can stop without the need for ● provider-side changes and restart. http://creativecommons.org/licenses/by/3.0/ 02/04/09 17
  • 18. Delta-syncrepl Disadvantages of LDAP Sync ● LDAP Sync replication is an object-based ● replication Both the changed and unchanged attribute values ● are processed Excess traffic generated for small changes ● changelog-based variant of syncrepl ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 18
  • 19. Delta-syncrepl Maintains a changelog on the provider ● Consumer checks the changelog for the ● changes it needs If a replica is too far out of sync, switches to ● conventional syncrepl Switches back to the delta-syncrepl mode when ● fully sync'd http://creativecommons.org/licenses/by/3.0/ 02/04/09 19
  • 21. N-Way Multi-Master Uses Syncrepl to replicate data to multiple provider ● (quot;Masterquot;) Directory servers. Avoids a single point of failure ● Supports complex topologies ● Providers can be located in several physical sites ● Good for Automatic failover/High Availability ● Requires synchronised time source - ntp ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 21
  • 22. N-Way Multi-Master It has NOTHING to do with load balancing ● Providers must propagate writes to all the other servers ● Network traffic and write load spreads across all of the ● servers the same as for single-master. Server utilization and performance are at best identical for ● Multi-Master and Single-Master replication Single-Master is superior because indexing can be tuned ● differently to optimize for the different usage patterns between the provider and the consumers. http://creativecommons.org/licenses/by/3.0/ 02/04/09 22
  • 23. N-Way Multi-Master Breaks the data consistency guarantees of the ● directory model Crashed, or network link has failed??? ● More: ● http://www.watersprings.org/pub/id/draft-zeilenga-ldup-harmful-02.txt ● http://www.openldap.org/faq/data/cache/1240.html ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 23
  • 25. MirrorMode Is a Active-Active Hot-Standby solution ● External front end needed ● Not a Multi-Master solution ● Syncrepl also allows the provider nodes to re- ● synchronize after any downtime Delta-Syncrepl is not yet supported ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 25
  • 26. MirrorMode Two providers are set up to replicate from each ● other An external frontend is employed to direct all ● writes to only one of the two servers. The second provider will only be used for writes ● if the first provider crashes automatically catch up to any changes on the ● running provider and resync. http://creativecommons.org/licenses/by/3.0/ 02/04/09 26
  • 27. MirrorMode http://creativecommons.org/licenses/by/3.0/ 02/04/09 27
  • 28. Syncrepl Proxy Mode refreshAndPersist must still ● be initiated from the consumer Firewalls may need provider ● initiated push-mode replication slapd-ldap proxy is set up ● near or with the provider that points to the consumer syncrepl engine runs on the ● proxy and points to provider http://creativecommons.org/licenses/by/3.0/ 02/04/09 28
  • 29. Syncrepl Proxy Mode http://creativecommons.org/licenses/by/3.0/ 02/04/09 29
  • 30. Replication Best Practices Use a replication user ● You can restart replication by adding/removing ● syncrepl statement if needed when changing replication credentials/certificates MirrorMode always good enough for most ● enterprises dependent on global requirements Slapo-chain to chain writes back to provider ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 30
  • 31. Replication Best Practices [ghenry@suretec ~]$ ldapsearch ­x ­LLL ­H ldap[?]://master:389 ­s base ­b  'dc=suretecsystems,dc=com' contextCSN[?] dn: dc=suretecsystems,dc=com  contextCSN: 20081025222436.822813Z&000000;000#000000  [ghenry@suretec ~]$ ldapsearch ­x ­LLL ­H ldap://slave:389 ­s base ­b  'dc=suretecsystems,dc=com' contextCSN dn: dc=suretecsystems,dc=com  contextCSN: 20081025222436.822813Z&000000;000#000000 Backups – online(ldapsearch)/offline(slapcat)/phyiscal ● Checkpointing ● Monitoring: ● Nagios ● ZenOSS etc. ● http://creativecommons.org/licenses/by/3.0/ 02/04/09 31
  • 32. Conclusion OpenLDAP is the fastest directory software in the ● world. Now it also provides the best replication features in the world. There is always a replication model to suit your needs, ● if not send us a patch! Don't hide in a corner, join our community, ask ● questions and help others! - http://www.openldap.org http://creativecommons.org/licenses/by/3.0/ 02/04/09 32
  • 33. Questions? http://creativecommons.org/licenses/by/3.0/ 02/04/09 33