In this article Janua’s CTO share how to configuring DS389 aka RedHat DS as 2MMR
Step 1 – enable Change log (Master M1)
Step2 – Enable Replica (Master M1)
Step3 – Create replication Manager (Master M1)
ldapadd -h localhost -p 2389 -D « Cn=Directory Manager » -w secret12 -f ./replication_manager.ldif
cat ./replication_manager.ldif
dn: cn=replication manager,cn=config
objectClass: top
objectClass: device
objectClass: simpleSecurityObject
cn: replication manager
userPassword: strong_password
nsIdleTimeout: 0
Note:
After this step, the instance is configured with:
• Changelog enable
(with changelog DB specified)
• Enable Replica as a 2MMR configuration
(bind replication with cn=replication)
The replicaID is operational to be used in a replication topologie
Step4 Repeat the same operations for the other Master.
Note:
Now we have to 2 Master with their replicaID fully configured.
Step5 Creation of a replication agreement
• Select new agreement
select initialize consumer now
and you are done
Upon succesful configuration following is produced
Step 7 – create 2nd replication agreement
• Create the 2nd replication agreement in the opposite direction
• Do not perform the initialization, as the MMR from which the topology originates, is already initialized.
Step 8 – Perform Checks
• Perform some updates both side, and check the modification are correctly propagated.
Step 9 – Monitoring replication
9.1) Checking replication using the console
• It is possible to monitor the replication checking the status of the console
9.2) Checking on line command
Cat replication_config
#Configuration File for Monitoring Replication Via Admin Express
[connection]
*:*:*:secret12
[alias]
M1 = myserver.example.com:2389
M2 = myserver.example.com:5389
[color]
0 = #ccffcc
5 = #FFFFCC
60 = #FFCCCC
The command to be executed to retrieve replication info is:
/usr/bin/repl-monitor.pl -h myserver.example.com -p 2389 -s -f /root/replication/replication_config
Directory Server Replication Status (Version 1.1)
Time: ven. déc. 21 2018 16:07:52
Supplier: *:2389
—————-
Replica Root: dc=example,dc=com
Replica ID: 1
Max CSN: 5c1cf45f000000010000 (12/21/2018 15:10:39)
–
Consumer: M2 ldap://myserver.example.com:5389/
Type: master
Time Lag: ?:??:??
Supplier Max CSN: Unavailable
Consumer Max CSN: 5c1cf45f000000010000 (12/21/2018 15:10:39)
Last Modify Time: 12/21/2018 15:10:39
Supplier: *:2389
Sent/Skipped: 0 / 0
Update Status: Error (0) Replica acquired successfully: Incremental update succeeded
Update Started: 12/21/2018 15:59:28
Update Ended: 12/21/2018 15:59:28
Schedule: always in sync
SSL: n
Supplier: M2
————-
Replica Root: dc=example,dc=com
Replica ID: 5389
Max CSN: 5c1cfdd10001150d0000 (12/21/2018 15:50:57 1 0)
–
Consumer: M1 ldap://myserver.example.com:2389/
Type: master
Time Lag: – 0:41:26
Supplier Max CSN: 5c1cfdd10001150d0000 (12/21/2018 15:50:57 1 0)
Consumer Max CSN: 5c1cf41b0000150d0000 (12/21/2018 15:09:31)
Last Modify Time: 1/1/1970 01:00:00
Supplier: M2
Sent/Skipped: 4 / 0
Update Status: Error (0) Replica acquired successfully: Incremental update succeeded
Update Started: 12/21/2018 16:06:00
Update Ended: 12/21/2018 16:06:00
Schedule: always in sync
SSL: n
Supplier: M1
————-
Replica Root: dc=example,dc=com
Replica ID: 1
Max CSN: 5c1cf45f000000010000 (12/21/2018 15:10:39)
–
Consumer: M2 ldap://myserver.example.com:5389/
Type: master
Time Lag: ?:??:??
Supplier Max CSN: Unavailable
Consumer Max CSN: 5c1cf45f000000010000 (12/21/2018 15:10:39)
Last Modify Time: 12/21/2018 15:10:39
Supplier: M1
Sent/Skipped: 0 / 0
Update Status: Error (0) Replica acquired successfully: Incremental update succeeded
Update Started: 12/21/2018 15:59:28
Update Ended: 12/21/2018 15:59:28
Schedule: always in sync
SSL: n
Step 10 – Displaying replication agreement information
JANUA provides better security, build relationships, and enable new cloud, mobile, and IoT offerings from any device or connected thing.
- New Keycloak online training - 19 janvier 2022
- Sizing Keycloak or Redhat SSO projects - 8 juin 2021
- Keycloak.X Distribution - 28 janvier 2021