samba4-ol-mmr

Andrew Bartlett abartlet at samba.org
Tue Aug 12 23:01:45 GMT 2008 

On Tue, 2008-08-12 at 15:31 +0200, Oliver Liebel wrote:
> Andrew Bartlett schrieb:
> >> what do you think about checking only the presence of ol_mmr_url1 (maybe 
> >> logical "and-ed" url2).
> >> if values not "none", then all mmr-specific values will be set. so we 
> >> dont need [ol_mmr =yes] as choice.
> >>     
> >
> > Yep.  I was thinking we could actually have it as
> > --ol-mmr-urls="ldap://host1 ldap://host2", and use pythons .split()
> > function to get a list of them from the string. 
> >
> > ie, 
> >
> > ol_mmr_urls = opts.ol_mmr_urls.split
> >
> > You could then work on the URL list, which might include any number of
> > servers.  But perhaps leave this for later...
> >   
>  i got the provisioning-backend working with the mmr-templates  ;-)
> (in a simple way -see below- , but it works)

Great!

> i have attached all slapd-relevant config-templates and the diffs
> of provision-backend an provision.py.
> i didnt make use of the split-function yet, i will try that later.

OK.  Perhaps look at some of the other uses of arrays in python to
figure out the best use.  The biggest challenge will be making the
configuration completely general (ie, working for any number of
replicas). 

> > You need to specify the variables to sub.  Only create one ol-mmr.conf,
> > and then specify different MMR_DN values (instead of CONFIG_DN) for the
> > 3 different mmr configs.
> >
> >   
> i dont exactly know how to get this done yet,
> so i have used the four confs in this early stage.
> 
> can you give me a few more details how to set it up?
> #

Sure!

For example, replace ${CONFIGDN} with ${MMRDN} and rid=3 with rid=
${RID1} and rid=${RID2}

> plain text document attachment (ol-mmr-config.conf)

Then rename the file to ol-mmr-db.conf

> ### cn=config replication #########################################
> syncrepl        rid=3
>                 provider="${LDAPSERVER_1}:9000/"
>                 searchbase="${CONFIGDN}"
>                 bindmethod=simple
>                 binddn="cn=Manager,${CONFIGDN}"
>                 credentials="linux"
>                 type=refreshAndPersist
>                 retry="10 +"
> 
> 
> syncrepl        rid=4
>                 provider="${LDAPSERVER_2}:9000/"
>                 searchbase="${CONFIGDN}"
>                 bindmethod=simple
>                 binddn="cn=Manager,${CONFIGDN}"
>                 credentials="linux"
>                 type=refreshAndPersist
>                 retry="10 +"
> 
> MirrorMode      On
> #####################################################################

Then here, change "CONFIGDN" to "MMRDN", and add "RID1": 3, "RID2": 4

Because that makes the config compleatly general, you can then setup
from a common ol-mmr-db.conf

> +	if ol_mmr_url1 is not None:
> +	        ol_mmr_config_config = read_and_sub_file(setup_path("ol-mmr-config.conf"),
> +                                           { "LDAPSERVER_1" : ol_mmr_url1,
> +                                             "LDAPSERVER_2" : ol_mmr_url2,
> +					     "CONFIGDN" : names.configdn})



> +	if ol_mmr_url1 is not None:
> +	        ol_mmr_user_config = read_and_sub_file(setup_path("ol-mmr-user.conf"),
> +                                           { "LDAPSERVER_1" : ol_mmr_url1,
> +                                             "LDAPSERVER_2" : ol_mmr_url2,
> +					     "DOMAINDN" : names.domaindn})
> +
> +### end mmr - templates ###
>          setup_file(setup_path("slapd.conf"), paths.slapdconf,
>                     {"DNSDOMAIN": names.dnsdomain,
>                      "LDAPDIR": paths.ldapdir,
> @@ -1263,7 +1299,11 @@
>                      "CONFIGDN": names.configdn,
>                      "SCHEMADN": names.schemadn,
>                      "MEMBEROF_CONFIG": memberof_config,
> -                    "REFINT_CONFIG": refint_config})
> +                    "REFINT_CONFIG": refint_config,
> +		    "MMR_CONFIG": ol_mmr_config,
> +		    "MMR_SCHEMA_CONFIG": ol_mmr_schema_config,
> +		    "MMR_CONFIG_CONFIG": ol_mmr_config_config,
> +		    "MMR_USER_CONFIG": ol_mmr_user_config})
>          setup_file(setup_path("modules.conf"), paths.modulesconf,
>                     {"REALM": names.realm})

This looks great.

> plain text document attachment (provision-backend.diff)
> --- setup/provision-backend.bak	2008-08-12 11:46:13.000000000 +0200
> +++ setup/provision-backend	2008-08-12 13:31:51.000000000 +0200
> @@ -64,6 +64,11 @@
>  		help="Set server role to provision for (default standalone)")
>  parser.add_option("--targetdir", type="string", metavar="DIR", 
>  		          help="Set target directory")
> +parser.add_option("--ol-mmr-url1", type="string", metavar="LDAPSERVER_1",
> +                help="LDAP-URL (DC1) corresponding to Server-ID for Use with OpenLDAP-MMR")
> +parser.add_option("--ol-mmr-url2", type="string", metavar="LDAPSERVER_2",
> +                help="LDAP-URL (DC2) corresponding to Server-ID for Use with OpenLDAP-MMR")
> +
>  
>  opts = parser.parse_args()[0]
>  
> @@ -99,4 +104,7 @@
>  		  adminpass=opts.ldap_admin_pass,
>  		  root=opts.root, serverrole=server_role, 
>  		  ldap_backend_type=opts.ldap_backend_type,
> -		  ldap_backend_port=opts.ldap_backend_port)
> +		  ldap_backend_port=opts.ldap_backend_port,
> +		  ol_mmr_url1=opts.ol_mmr_url1,
> +		  ol_mmr_url2=opts.ol_mmr_url2)

Very well done.  You seem to be getting the hang of this very nicely.

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20080813/860c5727/attachment.bin

More information about the samba-technical mailing list