The goal here is to dynamically add/remove a directory server instance from the mesh with no or limited impact on the client applications and w/o altering the HW load-balancers that are commonly deployed in front of the directories. In the rest of this post, we assume that client applications access the directory services via an access layer provided by the Sun/Oracle Directory Proxy Server (DPS).
The first method consists in changing the directory server operational state so that it is automatically considered as "unavailable" by DPS. Each DPS periodically checks directory servers availability by retrieving its operational state with a configurable LDAP search. Would the operational entry "disappears" (i.e. no longer matches a search filter), the directory server would stop receiving traffic from the DPS(s).
First, decide which entry and attribute will hold the server operational state, e.g. attribute description in entry cn=server state,cn=config
dn: cn=server state,cn=config
Then change the DPS configuration of each LDAP data sources so that this "state" entry is checked on a regular basis. By convention, the server is down if the poll returns no entry.
In this example, the property monitoring-entry-dn must be set to cn=server state,cn=config, the property monitoring-search-filter can be set to (description=SERVER_AVAILABLE). Depending on the state entry used, it may be necessary to use specific credentials to access it. In such case, the properties monitoring-bind-dn and monitoring-bind-pwd should be changed as well.
[@euler]# dpconf get-ldap-data-source-prop
ldap-port : 10389
ldaps-port : ldaps
monitoring-bind-dn : cn=directory manager
monitoring-bind-timeout : 5s
monitoring-entry-dn : cn=server
monitoring-interval : 30s
Removing a directory server from the topology
The description of the state entry must first be modified e.g. the state can be set to SERVER_UNAVAILABLE. DPS will take up to about 2 times the monitoring-interval to stop forwarding traffic to that server. It is then safe to shut down the directory server instance w/o impacting client applications.
(Re)adding a directory server to the topology
Set (back) the description value to "SERVER_AVAILABLE" in the directory state entry (and dynamically add a new data source object to the DPS configuration for a brand-new server).