OpenLDAP 2.4 offers a bunch of replication configurations, ranging from usual master initiated master to slave replication, to multi-master and mirror mode replication. Moreover, OpenLDAP offers granular replication, push or pull based replication, with or without changelog. From my own experience, I’d recommand to use multi-master push based replication, as far as the expected number of updates remains « reasonable ». I was recently noticed of unexpected stalled replication between two master servers, with OpenLDAP 2.4.31, while it’s a rather recent version, when using the « RefreshOnly » mode.
In that mode, a server will periodically ask for updates to the configured master. I can’t understand why it got stalled and the available traces kept unuseful. Switching to the « RefreshAndPersist » mode gave better results and fixed the problem, so I decided to keep that configuration, even if it’s a bit more resource intensive.
- New Keycloak online training - 19 janvier 2022
- Sizing Keycloak or Redhat SSO projects - 8 juin 2021
- Keycloak.X Distribution - 28 janvier 2021