Thanks - I think we have enough ideas in here to get this going. One last question:
If replication is set up through the host name - how often does the directory server do a
DNS look up, or does it do it once on startup (or creation of the rep agreement)?
-----Original Message-----
From: William Brown <wbrown(a)suse.de>
Sent: Tuesday, May 26, 2020 10:48 PM
To: 389-users(a)lists.fedoraproject.org
Subject: [EXTERNAL] [389-users] Re: Re: Advice to bring new servers into production
There are a few options. The best would be a load balancer which has the ip's so that
it's transparent to your LDAP servers where they are.
But also as mentioned, the virtual IP's honestly is the best way. Linux can have
multiple IP's on an interface so you can just have two IP's on one interface,
andthat's the best way to do this.
Alternately, don't rely on the IP, lower your DNS ttl's to a very short time,
change the DNS A/AAAA records, and then do it that way.
On 27 May 2020, at 06:17, Crocker, Deborah <crock(a)ua.edu>
wrote:
I’d like not to take up two ip addresses per host indefinitely. We have re-IP’d our hosts
before so I know we can to do this but it was during a downtime when everything was
restarted. Just trying to get away with not restarting the masters.
Deborah Crocker, PhD
Systems Engineer III
Office of Information Technology
The University of Alabama
Box 870346
Tuscaloosa, AL 36587
Office 205-348-3758 | Fax 205-348-9393 deborah.crocker(a)ua.edu
From: Leo Pleiman <lpleiman(a)salsalabs.com>
Sent: Tuesday, May 26, 2020 3:08 PM
To: General discussion list for the 389 Directory server project.
<389-users(a)lists.fedoraproject.org>
Subject: [EXTERNAL] [389-users] Re: Advice to bring new servers into
production
My experience has been that the replicas and consumers have a unique id, more than just
an IP address which creates the trust relationship with the master. If your goal is to
simply maintain an IP so your clients don't have to be repointed, I would build each
new LDAP host and replication agreement, and then as you decommission the old hosts use
their IP address as a virtual IP address on the replacement host. It would take a quick
restart od the LDAP service to start a listener on the virtual Ip address.
Leo Pleiman
Senior System Engineer
Direct 202-787-3622
Cell 410-688-3873
On Tue, May 26, 2020 at 3:57 PM Crocker, Deborah <crock(a)ua.edu> wrote:
We have a setup with 2 multi-masters and 3 consumers. We are now building new host and
want to put them in place ultimately at the same IP address as the original ones. I need
some advice on how to do this quickly and cleanly.
To add a new consumer the idea now is to set it up and set up replications agreements
from each master using consumer DNS name (don't start continuous replication yet).
After initializing new consumer from one master - turn off old consumer, remove old
consumer agreement from each master, and re-IP new consumer. Do we need to restart masters
to re-read DNS or will it pick that up when it starts the next replication? Is this the
best way to do this?
Thanks
Deborah Crocker, PhD
Systems Engineer III
Office of Information Technology
The University of Alabama
Box 870346
Tuscaloosa, AL 36587
Office 205-348-3758 | Fax 205-348-9393 deborah.crocker(a)ua.edu
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org To
unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedorapr
oject.org _______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org To
unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedorapr
oject.org
—
Sincerely,
William Brown
Senior Software Engineer, 389 Directory Server SUSE Labs
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org To unsubscribe send an email
to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...