I'm still working on this, but I'm hoping you guys can provide some helpful insights. I have a lot of services that depend on my directory service, and fail rather spectacularly when the directory service is unavailable. Some of those are fairly critical services.
In my quest to make my OpenLDAP directory highly available I have tried many approaches, and each has proven insufficient in some way. * Multiple ldap servers listed in the service configuration. Some services allow me to list multiple ldap servers, and tries each of them in turn if the one before it fails. But sometimes it takes too long to failover to the next server and some services don't support this feature. * DNS Round-Robin Obvious probem: if one server is down half my queries fail. Not exactly high availability. * CARP interfaces (Open/Free BSD) I thought this was it. But CARP only provides IP avilability, not service availability. So if one ldap service dies, or is under very heavy load, avialability is as bad as a DNS RR. I will look into an LDAP proxy, which might be able to do the service availability that CARP can't, but then I still have a single point of failure on the proxy server. What are the other strategies for making a service highly available? -- Perfection is just a word I use occasionally with mustard. --Atom Powers--
_______________________________________________ Tech mailing list Tech@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
