Deploying an entry-balancing proxy configuration
Entry-balancing is a PingDirectoryProxy server configuration that allows the entries within a portion of the directory information tree (DIT) to reside on multiple external servers.
This configuration is useful when the DIT contains many millions of entries, which can be difficult to bring completely into memory for optimal performance. Entry-balancing allows entries under a balancing point base distinguished name (DN) to be divided among any number of separate directory servers, making the PingDirectoryProxy server responsible for intelligently routing requests based on the division.
In this example scenario, the entries in the DIT outside of the balancing point are replicated across all external servers known to the PingDirectoryProxy server. You must properly configure replication on the external directory servers before proceeding through this example. The directory servers are expected to contain two replication domains: the global domain, dc=example,dc=com
, and the balancing point, ou=people,dc=example,dc=com
.
In this deployment scenario, an austin-proxy1
instance of the PingDirectoryProxy server communicates with four external directory servers. The PingDirectoryProxy server is configured to use entry balancing for the ou=people,dc=example,dc=com
base DN with two sets of user entries split beneath it. The first set of user entries is defined in the replicated pair of external servers, austin-set1.example.com
and newyork-set1.example.com
.
The second set of entries is defined in austin-set2.example.com
and newyork-set2.example.com
. The entries in the dc=example,dc=com
DIT outside of the balancing point base DN are replicated among the four external servers.
The following dsreplication status
output from the PingDirectory external servers describes the replication configuration that exists before creating the PingDirectoryProxy server configuration.
--- Replication Status for dc=example,dc=com: Enabled --- Server : Entries : Backlog : Oldest Backlog Change Age : Generation ID --------:---------:--------:---------------------------:------------- austin-set1.example.com:389 : 10003 : 0 : N/A : 722087263 austin-set2.example.com:389 : 10003 : 0 : N/A : 722087263 newyork-set1.example.com:389 : 10003 : 0 : N/A : 722087263 newyork-set2.example.com:389 : 10003 : 0 : N/A : 722087263 --- Replication Status for ou=people,dc=example,dc=com (Set: dataset1): Enabled --- Server : Entries : Backlog : Oldest Backlog Change Age : Generation ID --------:---------:---------:---------------------------:----------------- austin-set1.example.com:389 : 100001 : 0 : N/A : 178892712 newyork-set1.example.com:389 : 100001 : 0 : N/A : 178892712 --- Replication Status for ou=people,dc=example,dc=com (Set: dataset2): Enabled --- Server : Entries : Backlog : Oldest Backlog Change Age : Generation ID ---------:---------:---------:---------------------------:----------------- austin-set2.example.com:389 : 100001 : 0 : N/A : 1057593890 newyork-set2.example.com:389 : 100001 : 0 : N/A : 1057593890