On Thu, Jan 19, 2023 at 04:39:26PM +0100, Stefan Kania wrote: > Hi Ondřej, > > I know, that I can put more then one uri to the "provider"-entry of > syncrepl. The questions comes up wile installing and testing lloadd. So it > not a special lloadd-thing. In general I would like to know if I could use > the SRV-records. That would make changing an OpenLDAP-Server (and it's > DNS-name) easy. I only need to change the SRV-record and don't have to > modify each ldap-server. Like in sssd and kerberos.
Hi Stefan, unlike back-ldap etc., lloadd opens a pool of persistent connections to configured servers ahead of time. Using SRV records as a configuration source has been on the wishlist however there is no way of getting notified that the record has been changed. On top of that, it has been found much easier to maintain a separate manager process (a human with a checklist, ansible, some kind of provisioning tool, consul/nomad triggered script, k8s operator, ...) that updates its configuration when needed. That said, patches implementing some kind of SRV are welcome. The easiest way might be to introduce an lloadd tier implementation that manages its backend collection accordingly. Regards, -- Ondřej Kuzník Senior Software Engineer Symas Corporation http://www.symas.com Packaged, certified, and supported LDAP solutions powered by OpenLDAP
