Directory Service Control Center: Replication
By mcraig on Mar 07, 2007
In Directory Service Control Center: Getting Started, you saw how to create a new directory suffix and import sample data using Directory Service Control Center. This entry takes the process a step further, showing you how to create the same suffix replicated on four Directory Server instances.
Directory Server replication is a mechanism to replay directory modifications from one Directory Server to another. Replication means your Directory Server data is constantly synchronized. You typically use replication to increase directory service availability, and to scale the number of lookups your directory service can handle.
Directory Server replication is built atop a protocol that uses LDAPv3 extended operations. Replication works peer-to-peer, where each server has replication agreements with its peer replicas. Replication therefore works as a series of operations between peers, operations running over LDAP connections between Directory Server instances.
Directory data is replicated per suffix, rather than per server. The set of all replicas of a given suffix makes up a replication topology. Directory Service Control Center helps you to set up and to monitor replication topologies.
For more information about how replication is useful for Directory Server deployments, see the Deployment Planning Guide.
Setting Up Replication
If you followed along with the demo in Getting Started, you created a suffix for dc=example,dc=com. Before you set up replication, delete that suffix. With Directory Service Control Center, setting up a replicated suffix with imported data is easy to do. You do not need to start with a suffix containing data.
Note: I rebooted my Windows system before setting up replication. After the reboot, I could log in to Directory Service Control Center, but the Common Agent Container was not running. To start the Common Agent Container on the command-line, I issued the following command as Administrator:
C:\\Program Files\\Sun\\JavaES5\\share\\cacao_2\\bin>cacaoadm start
Replication requires existing Directory Server instances to hold copies of the suffix you replicate. I created three empty instances alongside the instance created for Getting Started. When creating instances on the same host system, keep in mind that each instance must reside in its own, unique file system directory. Furthermore, each instance must have its own, unique port numbers on which to listen for LDAP traffic.
With my four empty instances running, I returned to the Directory Service Control Center home page. There I clicked the link to set up a new, replicated suffix. Notice that my version is running in French. Directory Service Control Center supports several language locales.
Click images to see them full size.
Clicking the link started the suffix creation wizard in a new browser window. The suffix creation wizard let me choose to set up replication for my new suffix.
The suffix setup wizard let me choose which Directory Servers participate in replication. I made all four server instances master replica. Master replica are read-write copies that can accept updates both from client applications and from other Directory Server replica. Directory Server 6.0 has no specific limit to the number of master replica in a topology. So I typically make all my replica masters. Then I do not have to remember which ones are read-write and which are read-only.
When choosing the data to import into my suffix, dc=example,dc=com, I selected the sample data delivered with Directory Server Enterprise Edition.
When I clicked Finish in the wizard, Directory Service Control Center created the suffixes and replication agreements. Directory Service Control Center let me know when everything is done.
Monitoring Replication and Viewing Topologies
After you set up replication, Directory Service Control Center gives you monitoring views, so you can see what is happening with replication. You find two quick links on the Directory Service Control Center home page. One link takes you to a browser table showing status for each individual server, so you can drill down on particular issues.
Another link takes you to a graphical representation of your topology.
Here is what I saw when I opened the graphical representation.
Notice the numbers you see next to server instances in the topology view. The topology view shows both how many updates are pending, and also the time estimated for synchronization to complete. Replication is what we call loosely consistent. Loose consistency means that a client performing an update gets the update success acknowledgment as soon as the update has been performed on the individual Directory Server instance. The LDAP client doing an update does not have to wait until the update has been communicated to all other replicas. As a result, there can be temporary inconsistencies between replica, but those inconsistencies are generally absorbed quickly.