[Samba] Samaba4 clustering

Greg Scott GregScott at infrasupport.com
Mon Sep 8 18:51:05 MDT 2014 

True - good point!  And if it was a Samba specific cluster at the application layer vs. doing it at the virtualization layer, you could do a bunch of cool things around an active/active implementation advertising that virtual IP to the world.   But if I were doing it at the virtualization layer, I'd do it with RHEV and not VMware.  ESXi just doesn't give me any hardware diagnostics so when a host has a problem, it's a royal pain to troubleshoot.  But with a RHEV-H or RHEL host, at least I have some off-the-shelf tools available to me.   I'm probably off the topic of Samba specific clusters, but it seems like there are a few ways to get at least some HA benefits right now.


-          Greg

From: Thomas Maerz [mailto:maerz.thomas at gmail.com]
Sent: Monday, September 08, 2014 7:11 PM
To: Greg Scott
Cc: Marc Muehlfeld; Dania Ramirez Moya; samba at lists.samba.org >> samba at lists.samba.org
Subject: Re: [Samba] Samaba4 clustering

Greg,

            To join this discussion, I believe you can (and people have) configured LVS to work with samba servers (not sure about domain controllers). I'm currently doing it with FreeRadius.

As far as VMWare goes, I have a triple ESXi HA cluster and its high availability, and I would present several reasons why application level redundancy is better.


  *   VMWare HA failover takes time, a full boot up's worth to be precise (several minutes)
  *   VMWare has another technology called FT (Fault Tolerance) that is instantaneous, but you have to sacrifice double resources to run it (it runs in sync in parallel on two computers at once using double RAM, double CPU and requires a dedicated network card on both hosts).
  *   My experience with VMWare thus far is that you will experience issues with VMWare just like you do on hardware, they are just software issues and thus not as disastrous, and you have the crutches like HA (and SRM) to mitigate the damage.

Thomas Maerz

On Sep 8, 2014, at 3:27 PM, Greg Scott <GregScott at infrasupport.com<mailto:GregScott at infrasupport.com>> wrote:


Why don't you join a second DC to the domain? If one fails, the others does the job. And while both are online, both are answering login queries, etc.

I'm not a Windows admin, but I guess this is the usual way for having redundance for DC.

Ya know - if there were some way for Samba to present a virtual IP Address that belongs to all members of a cluster, Samba may gain a functional advantage over a pure Windows solution.  In the Windows domain model, you have one or more domain controllers.  Clients use DNS SRV records to "mate" with a domain controller.  If my client PC mates with a domain controller for authentication and Kerberos tickets and that domain controller goes offline, I wait a long time before I go look for another domain controller in DNS.  But the end user only notices everything runs slowly with no clue why.

So if there were a way for more than one Samba host to share a common database and advertise a virtual IP, then Samba could do redundancy better than Windows does redundancy.

Or you could also do a Samba DC in a RHEV or VMWare virtual environment, so then the virtualization layer would take care of all the HA requirements.

- Greg
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list