ApacheDS Multi Master config

3
votes

I'm looking for some help with an ApacheDS Multi Master solution. I'm new to the setting up LDAP solutions and so it's quite possible that I'm making some pretty basic errors.

I have two CentOS VM's running - LDAP1 and LDAP2. Each VM having a running ApacheDS solution. LDAP1 is running ApacheDS on port 10389 and LDAP2 is running ApacheDS on port 10399.

I can connect to both servers using Apache Directory Studio with no problems and can see the default structures listed.

I have then imported the SevenSeas structure into LDAP1, and enabled DEBUG for both LDAP1 and LDAP2 for replication by uncommenting the lines in /instances/default/conf/log4j.properties

log4j.logger.org.apache.directory.server.PROVIDER_LOG=DEBUG log4j.logger.org.apache.directory.server.CONSUMER_LOG=DEBUG

I then attempt to create the MultiMaster config following this guide : http://joacim.breiler.com/apacheds/ch08s02.html

1) I enable the replication handler on LDAP1 by importing the following LDIF

dn: ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config 
changetype: modify 
add: ads-replReqHandler 
ads-replReqHandler: org.apache.directory.server.ldap.replication.provider.SyncReplRequestHandler

2) I then enable the replication handler on LDAP2 by importing the same LDIF as above

3) I then restart both LDAP1 and LDAP2 ApacheDS servers.

4) Once the server restarts I check the apacheDS.log and see the following entries ( on Both LDAP1 and LDAP2)

[08:41:28] DEBUG [org.apache.directory.server.PROVIDER_LOG] - initializing the syncrepl provider
[08:41:28] DEBUG [org.apache.directory.server.PROVIDER_LOG] - Starting the replication consumer manager
[08:41:28] DEBUG [org.apache.directory.server.PROVIDER_LOG] - no replica logs found to initialize
[08:41:28] DEBUG [org.apache.directory.server.PROVIDER_LOG] - syncrepl provider initialized successfully

5) I then import the following LDIF on LDAP2 (No Errors are generated)

dn: ads-replConsumerId=1,ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config 
objectClass: ads-base 
objectClass: ads-replConsumer 
objectClass: top 
ads-replAliasDerefMode: never 
ads-replAttributes: * 
ads-replConsumerId: 1 
ads-replProvHostName: ldap1
ads-replProvPort: 10389 
ads-replRefreshInterval: 60000 
ads-replRefreshNPersist: true 
ads-replSearchFilter: (objectClass=*) 
ads-replSearchScope: sub 
ads-replSearchSizeLimit: 0 
ads-replSearchTimeOut: 0 
ads-replUserDn: uid=admin,ou=system 
ads-replUserPassword:: c2VjcmV0 
ads-searchBaseDN: o=SevenSeas

6) I then import the following LDIF on LDAP1

dn: ads-replConsumerId=2,ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config 
objectClass: ads-base 
objectClass: ads-replConsumer 
objectClass: top 
ads-replAliasDerefMode: never 
ads-replAttributes: * 
ads-replConsumerId: 2 
ads-replProvHostName: ldap2
ads-replProvPort: 10399 
ads-replRefreshInterval: 60000 
ads-replRefreshNPersist: true 
ads-replSearchFilter: (objectClass=*) 
ads-replSearchScope: sub 
ads-replSearchSizeLimit: 0 
ads-replSearchTimeOut: 0 
ads-replUserDn: uid=admin,ou=system 
ads-replUserPassword:: c2VjcmV0 
ads-searchBaseDN: o=SevenSeas

7) I then attempt to restart LDAP1 and LDAP2 apacheDS servers and hit the following error on both servers. (Reported in ApacheDS.log

08:52:42] ERROR [org.apache.directory.server.config.ConfigPartitionReader] - An error occured while reading the configuration DN 'ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config' for the objectClass 'ads-replConsumer':
ERR_04274 Can't find an OID for the name ads-base
[08:52:42] ERROR [org.apache.directory.server.UberjarMain] - Failed to start the service.
org.apache.directory.server.config.ConfigurationException: An error occured while reading the configuration DN 'ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config' for the objectClass 'ads-replConsumer':
ERR_04274 Can't find an OID for the name ads-base
        at org.apache.directory.server.config.ConfigPartitionReader.read(ConfigPartitionReader.java:641)
        at org.apache.directory.server.config.ConfigPartitionReader.read(ConfigPartitionReader.java:600)
        at org.apache.directory.server.config.ConfigPartitionReader.read(ConfigPartitionReader.java:600)
        at org.apache.directory.server.config.ConfigPartitionReader.readConfig(ConfigPartitionReader.java:754)
        at org.apache.directory.server.config.ConfigPartitionReader.readConfig(ConfigPartitionReader.java:718)
        at org.apache.directory.server.config.ConfigPartitionReader.readConfig(ConfigPartitionReader.java:690)
        at org.apache.directory.server.ApacheDsService.start(ApacheDsService.java:177)
        at org.apache.directory.server.UberjarMain.start(UberjarMain.java:76)
        at org.apache.directory.server.UberjarMain.main(UberjarMain.java:54)

8) I then reverted the config to before the import to allow me to restart the servers

9) If I remove the following line from the LDIF used in point 5 / 6, I'm then able to start the servers.

objectClass: ads-base

10) The debug (on both LDAP1 and LDAP2) reflects that the the replication is working 

[09:02:31] DEBUG [org.apache.directory.server.PROVIDER_LOG] - initializing the syncrepl provider
[09:02:31] DEBUG [org.apache.directory.server.PROVIDER_LOG] - Starting the replication consumer manager
[09:02:31] DEBUG [org.apache.directory.server.PROVIDER_LOG] - no replica logs found to initialize
[09:02:31] DEBUG [org.apache.directory.server.PROVIDER_LOG] - syncrepl provider initialized successfully

11) I then login to LDAP2 and do not see the partition o=SevenSeas - Which to me says the replication hasn't worked ? Have I missed a stage ?

UPDATE I've been able to make some more progress on this. Whilst using the Apache Directory Studio tool - i stumbled on the Server configuration tabs (Right click on the LDAP connection). Amongst the tabs is a Replication tab. This allows you to add consumers. On LDAP1 I added a consumer to point to LDAP2 and on LDAP2 I added a consumer to point to LDAP1, where the BASEDN was ou=system. The consumer ID appears to need to match the ID's given in point 5 /6.

I then restarted both the LDAP servers.

When the servers restarted I could see that they were talking to each other (via the debug). I made an edit to the ou_system partition on LDAP1 and this was replicated to LDAP2. I than made an edit to the ou=system partition on LDAP2 and this was replicated to LDAP1.

My issue is now that I cannot replicate other partitions - no matter what the BASE DN is in the consumer config.

1
apacheapacheds

1 Answers

1
votes

I guess we started working on the same issue at the same time today. The replication to a custom partition seems to work when you set the cache to 1000 for the partition.