MMR setup from CLI

Quite often I was in position which required automated configuration of multi-master replication on Sun Java Systems Directory Server 5.2, but I never got the chance to properly document it in a cheat-sheet form for the future reference.

If we would assume we have two DSAs, the process would be the following:

  • on both servers
    1. enable changelog on both servres;
    2. configure replication settings;
    3. set replication manager password;
    4. create replication agreements, and
  • on the primary master
    1. initialise the secondary master.

Here are the LDIF templates for each of the steps:

  • enabling changelog:

    dn: cn=changelog5, cn=config
    changetype: add
    objectclass: top
    objectclass: extensibleObject
    cn: changelog5
    nsslapd-changelogdir: $PATH_TO_CHANGELOG_DB
    

    $PATH_TO_CHANGELOG_DB - filesystem path where changelog database should be kept

  • replication settings:

    dn: cn=replica, cn=$SUFFIX, cn=mapping tree, cn=config
    changetype: add
    objectclass: top
    objectclass: nsDS5Replica
    cn: replica
    nsDS5ReplicaRoot: $SUFFIX
    nsDS5ReplicaID: $REPLICA_ID
    nsDS5ReplicaBindDN: cn=Replication Manager, cn=replication, cn=config
    nsDS5Flags: 1
    nsDS5ReplicaType: 3
    nsDS5ReplicaPurgeDelay: 604800
    

    $SUFFIX - directory suffix which is being replicated $REPLICA_ID - unique integer value for each master, e.g. 1 for primary, 2 for secondary, etc. NOTES: "nsDS5ReplicaType: 3" configures this DSA as a replica master, while "nsDS5Flags: 1" regulates creation of changelog db.

  • replication manager password:

    dn: cn=Replication Manager, cn=replication, cn=config
    changetype: modify
    add: userPassword
    userpassword: $PASSWORD
    

    $PASSWORD - password which has to be used by the other masters in topology

  • replication agreement:

    dn: cn=$REP_AGREEMENT_NAME, cn=replica, cn=$SUFFIX, cn=mapping tree, cn=config
    changetype: add
    objectclass: top
    objectclass: nsDS5ReplicationAgreement
    cn: $REP_AGREEMENT_NAME
    description: $DESCRIPTION
    nsDS5ReplicaRoot: $SUFFIX
    nsDS5ReplicaHost: $DESTINATION
    nsDS5ReplicaPort: 389
    nsDS5ReplicaBindDN: cn=Replication Manager, cn=replication, cn=config
    nsDS5ReplicaCredentials: $PASSWORD
    nsDS5ReplicaBindMethod: SIMPLE
    

    $REP_AGREEMENT_NAME - short name to distinguish this agreement from other agreements $DESCRIPTION - brief description of the agreement $SUFFIX - directory suffix being replicated $DESTINATION - fully qualified domain name of the destination machine that recieves replication data $PASSWORD - password set for the replication manager on the destination machine

  • initialising the secondary master:

    dn: cn=$REP_AGREEMENT_NAME, cn=replica, cn=$SUFFIX, cn=mapping tree, cn=config
    changetype: modify
    replace: nsDS5BeginReplicaRefresh
    nsDS5BeginReplicaRefresh: start
    

    $REP_AGREEMENT_NAME - short name to distinguish this agreement from other agreements $SUFFIX - directory suffix being replicated

Comments:

I don't know what you are saying but I can see that it's smart :)

Posted by Aleksandar Bilanovic on март 26, 2007 at 07:44 AM CEST #

Post a Comment:
Comments are closed for this entry.
About

Publishing quirks of Sun software popped up during integration.

Search

Categories
Archives
« април 2014
понутосречетпетсубнед
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today