Hi Emmanuel, Sorry for flooding the mailing list with my JIRA cleaning. Your message is now hidden between dozen of JIRA notifications.
On Fri, Mar 13, 2009 at 3:34 PM, Emmanuel Lecharny <[email protected]>wrote: > Hi, > > on the replication branch, we are now able to connect to an OpenLDAP > server, and subscribe as a slave with the refreshOnly or refreshAndPersist > operations. This is very experimental atm, and we need more than the current > configuration in order to implement this in the server. > That's awesome! I'd love to see that in action. Maybe at ApacheCon... > So far, here are the needed informations : > - a replicaId (or RID), uniquely identifying the server > - a replication type : RefreshOnly or RefreshAndPersist > - an interval for a RefreshOnly replication > - a search base, which will be the part of the tree to replicate > - a principal, used to connect on the master server > - a password > > Currently, the lacking informations are : > - the replication type > - the search base > - the principal > - the password > > We have a Replica class holding similar informations, namely a > SocketAddress, as we where based on a proprietary protocol to handle the > replication in the previous version (Mitosis). As the new replication model > will be based on RFC 4533, we need to change this. > > So the ReplicationInterceptor configuration will change. Currently, it > looks like that : > > <replicationInterceptor> > <configuration> > <replicationConfiguration logMaxAge="5" > replicaId="instance_a" > replicationInterval="2" > responseTimeout="10" > serverPort="10390"> > <s:property name="peerReplicas"> > <s:set> > <s:value>instanc...@localhost:1234</s:value> > <s:value>instanc...@localhost:1234</s:value> > </s:set> > </s:property> > </replicationConfiguration> > </configuration> > </replicationInterceptor> > > > We will remove the logMaxAge, responseTimeout and serverPort parameters. > The peerReplicas will contain an LdapURL with the list of server we want to > replicate from. Those replicas will look like : > > ldap://[<principalDN>:<password>]@<server>[:<port>]/<baseDN> > > We will end with a configuration like : > > <replicationInterceptor> > <configuration> > <replicationConfiguration sync="RefreshOnly" (or > "RefreshAndPersist") > replicaId="001" > replicationInterval="00:05:00"> (every 5 > minutes) > <s:property name="peerReplicas"> > <s:set> > <s:value>ldap://uid=admin,ou= > system:[email protected]:10389/ou=people,dc=apache,dc=org</s:value> > <s:value>ldap://uid=admin,ou= > system:[email protected]:10389/ou=projects,dc=apache,dc=org > </s:value> > </s:set> > </s:property> > </replicationConfiguration> > </configuration> > </replicationInterceptor> > > (the replicaId is now a 3 digits value, as the OpenLDAP looks like > rid=000,sid=000,csn=20090311230920.705931Z#000000#001#000000). > > We may want to be more specific with the peerReplicas, like for instance > define a different replication Interval for each search base. That could be > done using such a configuration : > > <replicationInterceptor> > <configuration> > <replicationConfiguration replicaId="001"> > <s:property name="peerReplicas"> > <s:set> > <replica> > <type>refreshAndPersist</type> > <principalDn>uid=admin,ou=system</principalDn> > <password>secret</password> > <server>ldap1.apache.org</server> > <port>10389</port> > <baseDN>ou=people,dc=apache,dc=org</baseDN> > </replica> > <replica> > <type>refreshOnly</type> > <principalDn>uid=admin,ou=system</principalDn> > <password>secret</password> > <server>ldap1.apache.org</server> > <port>10389</port> > <baseDN>cn=config,ou=system</baseDN> > <interval>01:00:00</interval> > </replica> > </s:set> > </s:property> > </replicationConfiguration> > </configuration> > </replicationInterceptor> > > > This is a very preliminary proposal. Feel free to comment it. This looks good. However, on the last snippet of XML, I can't see the interval on the first replica. Does this mean there's a default value? All this "complex" (more verbose than complex actually) configuration makes me think a really cool UI could be drawn for this in Studio. :) We could even use GEF (Graphical Editing Framework) to build a graphical UI for handling the replication. Regards, P-A
