Atom Powers wrote: > What are the other strategies for making a service highly available?
This is a question that I believe is best asked on the OpenLDAP.org mailing lists. We have one of the largest OpenLDAP installations in the world (using the open-source version of the code, anyway), and what we've done is put Netscaler Layer Four load-balancing switches in front of our OpenLDAP servers. The primary problem there is that no L4 load-balancing switch that I know of is smart enough to use the LDAP protocol to determine when a back-end system is available or overloaded, so you have to find ways to work around that. We have a little monitoring script that runs on each production OpenLDAP server that can use the LDAP protocol to run a standard query. If the query doesn't come back or takes too long, then we change a status file that is served via HTTP, and our Netscalers check the contents of the status file. We're going to be switching to the commercial version of OpenLDAP from Symas, in part because they provide a pre-built binary that is guaranteed to have all the right library versions of all the various other pieces of code that are used to help build OpenLDAP. In the past, we've built OpenLDAP ourselves, and there has been confusing advice as to which versions of which library routines should or should not be used. I'd also like to see us split our database between active records (where the person has been affiliated in some way with the University within the last eighteen months), and inactive records. Of course, these two sets of databases would be on a proper multi-master environment. Then we'd put LDAP proxies in front of that, and it would be up to them to pull the appropriate data from the appropriate back-end database. -- Brad Knowles <b...@shub-internet.org> If you like Jazz/R&B guitar, check out LinkedIn Profile: my friend bigsbytracks on YouTube at <http://tinyurl.com/y8kpxu> http://preview.tinyurl.com/bigsbytracks _______________________________________________ Tech mailing list Tech@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
