Re: [Freeipa-users] understanding RUVs?
On 04/21/2015 01:26 AM, Janelle wrote: Hello, When I was working with OpenLDAP, and AD - and did not deal with "RUV"s the way I am with 389-ds and IPA. I am trying to understand what is "normal" for values. If I am looking at this (and seem to have no replication problems): ipa-replica-manage list-ruv ipa001.example.com:389: 13 ipa002.example.com:389: 12 ipa003.example.com:389: 11 ipa004.example.com:389: 10 ipa005.example.com:389: 7 ipa006.example.com:389: 6 ipa007.example.com:389: 5 ipa008.example.com:389: 3 ipa009.example.com:389: 16 ipa00a.example.com:389: 17 ipa00b.example.com:389: 15 ipa00c.example.com:389: 14 ipa00d.example.com:389: 9 ipa00e.example.com:389: 8 ipa00f.example.com:389: 4 I guess I was wondering, should I be seeing all the same values or should they all be unique based on being "replicated" and the order they were added? Or is it telling me something else? Sorry, I guess I am still trying to wrap my head around replication metadata. the output of list-ruv lists the replicaids and the corresponding servers the replica knows about. It should be unique and exactly match the servers (with their replicaid) deployed in your topology. If there are more ruvs, you probably have removed a server and should clean the ruv, if you have less than replication from the missing replica in the list did not get propagated to this server. But the output of list-ruv only shows part of the RUV, the "real" ruv looks like this: ldapsearch -LLL -o ldif-wrap=no -h localhost -p 30522 -x -D "cn=directory manager" -w . -b "cn=config" "objectclass=nsds5replica" nsds50ruv dn: cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config nsds50ruv: {replicageneration} 51dc3bac0064 nsds50ruv: {replica 100 ldap://localhost:30522} 5506ce510064 55254d910064 nsds50ruv: {replica 200 ldap://localhost:4945} 5506cf8e00c8 5506cf8e00c8 The most important part is the last field, eg 55254d910064 it is the csn of the last change this server has seen for replicaid 100 (0x64). In a replication session the ruvs of the supplier and consumer are compared to detect if the supplier has changes the consumer has not yet seen. So the ruvs have to be managed per server. Ludwig Thank you ~J -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] understanding RUVs?
On 04/21/2015 09:11 AM, Martin Kosek wrote: On 04/21/2015 01:26 AM, Janelle wrote: Hello, When I was working with OpenLDAP, and AD - and did not deal with "RUV"s the way I am with 389-ds and IPA. I am trying to understand what is "normal" for values. If I am looking at this (and seem to have no replication problems): ipa-replica-manage list-ruv ipa001.example.com:389: 13 ipa002.example.com:389: 12 ipa003.example.com:389: 11 ipa004.example.com:389: 10 ipa005.example.com:389: 7 ipa006.example.com:389: 6 ipa007.example.com:389: 5 ipa008.example.com:389: 3 ipa009.example.com:389: 16 ipa00a.example.com:389: 17 ipa00b.example.com:389: 15 ipa00c.example.com:389: 14 ipa00d.example.com:389: 9 ipa00e.example.com:389: 8 ipa00f.example.com:389: 4 I guess I was wondering, should I be seeing all the same values or should they all be unique based on being "replicated" and the order they were added? They should be unique, that's for sure. There is some info on them in Red Hat DS docs: https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html#cleanruv I am just not sure if they are replicated or per-server. But given they live in SUFFIX, I assume they are. The list above looks OK to me, so it should not cause the replication problems. Hello, Yes this RUV is normal. The RUV is a special 389-ds entry that is per server. This entry allows replication protocol (run by the replica agreements) to detect what updates are missing and then send the missing ones. The command list-ruv displays a subset of the attribute values of that entry. It displays url and the replicaId. A normal RUV in a replication topology contains unique replicaId and a url must be listed only once. thanks thierry But I am rather CCing Thierry to advise here. Or is it telling me something else? Sorry, I guess I am still trying to wrap my head around replication metadata. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] understanding RUVs?
On 04/21/2015 01:26 AM, Janelle wrote: > Hello, > > When I was working with OpenLDAP, and AD - and did not deal with "RUV"s the > way > I am with 389-ds and IPA. > > I am trying to understand what is "normal" for values. If I am looking at this > (and seem to have no replication problems): > > ipa-replica-manage list-ruv > > ipa001.example.com:389: 13 > ipa002.example.com:389: 12 > ipa003.example.com:389: 11 > ipa004.example.com:389: 10 > ipa005.example.com:389: 7 > ipa006.example.com:389: 6 > ipa007.example.com:389: 5 > ipa008.example.com:389: 3 > ipa009.example.com:389: 16 > ipa00a.example.com:389: 17 > ipa00b.example.com:389: 15 > ipa00c.example.com:389: 14 > ipa00d.example.com:389: 9 > ipa00e.example.com:389: 8 > ipa00f.example.com:389: 4 > > I guess I was wondering, should I be seeing all the same values or should they > all be unique based on being "replicated" and the order they were added? They should be unique, that's for sure. There is some info on them in Red Hat DS docs: https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html#cleanruv I am just not sure if they are replicated or per-server. But given they live in SUFFIX, I assume they are. The list above looks OK to me, so it should not cause the replication problems. But I am rather CCing Thierry to advise here. > Or is > it telling me something else? Sorry, I guess I am still trying to wrap my head > around replication metadata. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project