[KLUG Members] OpenLDAP failover questions

[Adam bultman]

Next issue:

I've successfully created two different slapd.conf files
(slapd.master.conf, slapd.slave.conf) and have both ldap and heartbeat
working quite nicely.

The only issue is that of failover.  One server (let's call it server1)
is always "master", no matter what.  If server1 dies, server2 will kick
in and pick up the slack, but the second server1 comes back, it flips
back over.  nice_failback is ON, which means that it shouldn't do that. 
(At any rate, it does the same thing with nice_failback off)

Second issue is related to the first.  The script I'm running (which
I'll put at the bottom) is nothing more than a juiced-up version of the
ldap init script that came with the rpm.  I added a section which
determines if it is 'master' or not via the IP addresses it has, and
then will start ldap with the master config, or the slave config. 
Server2 will allow itself to be promoted just fine, but when things flip
back to server1, it is supposed to be demoted.  And lo, ldap _is_
restarted, but it restarts as _master_ again, not as a slave.  I've
tried making changes to the init script, tried to see if sleeping allows
the server to ditch it's ip address, allowing the slave to come back
up... but it doesn't work.  I've tried taking my IP checking and making
it a function (current version) to see if the different times I call it
would help - to no avail. FWIW, both servers have the same exact init
script, but server2 is a bit slower in cpu/disk/ram.



_
Start LDAP init script

#!/bin/bash
#
# ldap  This shell script takes care of starting and stopping
#       ldap servers (slapd and slurpd).
#
# chkconfig: - 39 61
# description: LDAP stands for Lightweight Directory Access Protocol, used \
#              for implementing the industry standard directory services.
# processname: slapd
# config: /etc/openldap/slapd.conf
# pidfile: /var/run/slapd.pid



# Source function library.
. /etc/init.d/functions

##ADDITION BY ADAM BULTMAN FOR LINUX-HA
#We check our IP addresses for our virtual IP addresses.
# If we find the virtual IP address in our ethernet setup, we are the
master.
# If we do not find the virtual ip in our ethernet setup, we are the slave.
# If we are master, use slapd.master.conf, otherwise use slapd.slave.conf

function set_options  () {
MASTER_IP="192.168.204.227"
# clear the check_ip, conf file, and options
CHECK_IP=""
SLAPD_CONF=""
SLAPD_OPTIONS=""
SLURPD_OPTIONS=""

CHECK_IP=`/sbin/ifconfig -a |grep 192.168.204.227|sed 's/:/ /g' |awk
'{print $3}'`
echo "MASTER_IP set to $MASTER_IP"
echo "CHECK_IP set to $CHECK_IP"

# Temporary: if check_id isn't set, we just add a garbage value so we
don't have errors.
if [ -s $CHECK_IP ] ; then
CHECK_IP="word"
echo "RST CHECK_IP to $CHECK_IP"
fi

# If we have the virtual ip address, we are master;
# user the master config file.

if [ $MASTER_IP = $CHECK_IP ] ; then
SLAPD_CONF="/etc/openldap/slapd.master.conf"
SLAPD_OPTIONS=" -f $SLAPD_CONF"
SLURPD_OPTIONS=" -f $SLAPD_CONF"
echo "using $SLAPD_CONF as conf file"
else
# Else we are slave.
SLAPD_CONF="/etc/openldap/slapd.slave.conf"
SLAPD_OPTIONS=" -f $SLAPD_CONF -s 10"
SLURPD_OPTIONS=" -f $SLAPD_CONF"
echo "using $SLAPD_CONF as conf file"
fi

} # end set_options
if [ -r /etc/sysconfig/network ] ; then
        . /etc/sysconfig/network
        [ ${NETWORKING} = "no" ] && exit 0
fi

# Source an auxiliary options file if we have one, and pick up OPTIONS,
# SLAPD_OPTIONS, and SLURPD_OPTIONS.
#if [ -r /etc/sysconfig/ldap ] ; then
#       . /etc/sysconfig/ldap
#fi

slapd="/usr/sbin/slapd"
slurpd=/usr/sbin/slurpd
[ -x ${slapd} ] || exit 0
[ -x ${slurpd} ] || exit 0

RETVAL=0

function start() {
        set_options
        # Check for simple-but-common errors.
        user=ldap
        ldapuid=`id -u $user`
        # Unaccessible database files.
        for dbdir in `grep ^directory $SLAPD_CONF | sed s,^directory,,` ; do
                for file in `find ${dbdir}/ -not -uid $ldapuid -and \(
-name "*.dbb" -or -name "*.gdbm" -or -name "*.bdb" \)` ; do
                        echo -n $"$file is not owned by \"$user\"" ;
warning ; echo
                done
        done
        # Start daemons.
        prog=`basename ${slapd}`
        echo -n $"Starting $prog: "
        if grep -q ^TLS $SLAPD_CONF ; then
            daemon ${slapd}  -u ldap -h '"ldap:/// ldaps:///"' $OPTIONS
$SLAPD_OPTIONS
            RETVAL=$?
        else
            daemon ${slapd} -u ldap -h "ldap:///" $OPTIONS $SLAPD_OPTIONS
            RETVAL=$?
        fi
        echo
        if [ $RETVAL -eq 0 ]; then
            if grep -q "^replogfile" $SLAPD_CONF; then
                prog=`basename ${slurpd}`
                echo -n $"Starting $prog: "
                daemon ${slurpd} $OPTIONS $SLURPD_OPTIONS
                RETVAL=$?
                echo
            fi
        fi
        [ $RETVAL -eq 0 ] && touch /var/lock/subsys/ldap
        return $RETVAL
}

function stop() {
        set_options
        # Stop daemons.
        prog=`basename ${slapd}`
        echo -n $"Stopping $prog: "
        killproc ${slapd}
        RETVAL=$?
        echo
        if [ $RETVAL -eq 0 ]; then
            #if grep -q "slurp" `ps -efw |grep slurpd` ; then
                prog=`basename ${slurpd}`
                echo -n $"Stopping $prog: "
                killproc ${slurpd}
                RETVAL=$?
                echo
           # fi
        fi
        [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/ldap /var/run/slapd.args
        return $RETVAL
}

# See how we were called.
case "$1" in
    start)
        start
        ;;
    stop)
        stop
        ;;
    status)
        set_options
        status ${slapd}
        if grep -q "^replogfile" $SLAPD_CONF ; then
            status ${slurpd}
        fi
        ;;
    restart)
        stop
        sleep 20
        start
        ;;
    condrestart)
        if [ -f /var/lock/subsys/ldap ] ; then
            stop
            start
        fi
        ;;
    *)
        echo $"Usage: $0 {start|stop|restart|status|condrestart}"
        RETVAL=1
esac

exit $RETVAL