Page created: 4 Feb 2020
|
Page updated: 22 Jul 2020
| 5 min read
Product PingDirectory 8.1 Directory Capability Product documentation Content Type Administration User task IT Administrator Administrator Audience Software Deployment Method Configuration
This example illustrates configuring a variety of assured replication policies. In practice it's common for all servers to have the same policy. The following example assumes that three servers are configured on localhost, on ports 1389, 2389 and 3389. Note that each server has a default Replication Assurance Policy with no assurance levels set.
-
On server 1, use dsconfig to create request criteria for
add operations. This request criteria will be used to match any add operation
with the Replication Assurance Policy that will be configured in the next
step.
$ bin/dsconfig create-request-criteria \ --criteria-name Adds \ --type simple \ --set operation-type:add
-
On server 1, set up the Replication Assurance Policy to make all add operations
assured with a level of
processed-all-servers
, which indicates that all local servers in the topology must complete replay of the replication update before the response is sent to the client. Specify the Adds request criteria configured in the previous step.$ bin/dsconfig create-replication-assurance-policy \ --policy-name "Adds Processed All Locally" \ --set evaluation-order-index:1 \ --set local-level:processed-all-servers \ --set "timeout:500ms" \ --set request-criteria:Adds
-
On server 1, repeat the previous two steps for modify operations. The
Replication Assurance Policy "Mods Received Any Locally" ensures that at least
one available local server must receive a replication modify update before a
response is sent to the client.
$ bin/dsconfig create-request-criteria \ --criteria-name Mods \ --type simple \ --set operation-type:modify $ bin/dsconfig create-replication-assurance-policy \ --policy-name "Mods Received Any Locally" \ --set evaluation-order-index:2 \ --set local-level:received-any-server \ --set "timeout:500ms" \ --set request-criteria:Mods
-
On server 2, repeat steps 1-3 to set up the Adds and Mods request criteria and
its respective Replication Assurance Policy.
$ bin/dsconfig create-request-criteria \ --criteria-name Adds \ --type simple \ --set operation-type:add $ bin/dsconfig create-request-criteria \ --criteria-name Mods \ --type simple \ --set operation-type:modify $ bin/dsconfig create-replication-assurance-policy \ --policy-name "Adds Received Any Locally" \ --set evaluation-order-index:1 \ --set local-level:received-any-server \ --set "timeout:500ms" \ --set request-criteria:Adds $ bin/dsconfig create-replication-assurance-policy \ --policy-name "Mods Processed All Locally" \ --set evaluation-order-index:2 \ --set local-level:processed-all-servers \ --set "timeout:500ms" \ --set request-criteria:Mods
- Leave server 3 with the default Replication Assurance Policy configured with no assurance levels or criteria. In practice it is common for all servers to have the same assurance levels or criteria.
-
On server 1, list the policies on the server using the
dsconfig command to confirm that they exist on the
server.
$ bin/dsconfig list-replication-assurance-policies
- Repeat the previous step on server 2 and server 3. Server 3 should only show the Default Replication Assurance Policy.
-
Check the Replication Assurance counters on all servers before any add or
modify operation using
ldapsearch
. They should be set to zero. These counters are on the replica server, which is where the policy is matched and assigned. On server 1, run the following command:$ bin/ldapsearch --baseDN "cn=Replica dc_example_dc_com,cn=monitor" \ "(objectclass=*)" | grep replication-assurance replication-assurance-local-completed-normally: 0 replication-assurance-local-completed-abnormally: 0 replication-assurance-local-completed-with-timeout: 0 replication-assurance-local-completed-with-shutdown: 0 replication-assurance-local-completed-with-unavailable-server: 0 replication-assurance-remote-completed-normally: 0 replication-assurance-remote-completed-abnormally: 0 replication-assurance-remote-completed-with-timeout: 0 replication-assurance-remote-completed-with-shutdown: 0 replication-assurance-remote-completed-with-unavailable-server: 0
-
Check the Replication Summary table on all of the servers. For example, on
server 1, run the following command:
$ bin/ldapsearch --baseDN "cn=Replication Summary dc_example_dc_com,cn=monitor" \ "(objectclass=*)" | grep replication-assurance replication-assurance-submitted-operations: 0 replication-assurance-local-completed-normally: 0 replication-assurance-local-completed-abnormally: 0 replication-assurance-local-completed-with-timeout: 0 replication-assurance-local-completed-with-shutdown: 0 replication-assurance-local-completed-with-unavailable-server: 0 replication-assurance-remote-completed-normally: 0 replication-assurance-remote-completed-abnormally: 0 replication-assurance-remote-completed-with-timeout: 0 replication-assurance-remote-completed-with-shutdown: 0 replication-assurance-remote-completed-with-unavailable-server: 0
-
Add an entry to the server 1 Directory Server. Check that the
counters matched the newly added entry to the "Adds Processed All Locally"
Policy and that it completed assured.
$ bin/ldapmodify --filename add-user.ldif --defaultAdd $ bin/ldapsearch --baseDN "cn=Replica dc_example_dc_com,cn=monitor" \ "(objectclass=*)" | grep replication-assurance replication-assurance-submitted-operations: 1 replication-assurance-local-completed-normally: 1 replication-assurance-local-completed-abnormally: 0 replication-assurance-local-completed-with-timeout: 0 replication-assurance-local-completed-with-shutdown: 0 replication-assurance-local-completed-with-unavailable-server: 0 replication-assurance-remote-completed-normally: 0 replication-assurance-remote-completed-abnormally: 0 replication-assurance-remote-completed-with-timeout: 0 replication-assurance-remote-completed-with-shutdown: 0 replication-assurance-remote-completed-with-unavailable-server: 0 replication-assurance-policy-matches: Adds Processed All Locally: 1 replication-assurance-policy-matches: Default Replication Assurance Policy: 0 replication-assurance-policy-matches: Mods Received Any Locally: 0 replication-assurance-local-level-uses: processed-all-servers: 1 replication-assurance-remote-level-uses: none: 1 $ bin/ldapsearch --baseDN "cn=Replication Summary dc_example_dc_com,cn=monitor" \ "(objectclass=*)" | grep replication-assurance replication-assurance-submitted-operations: 1 replication-assurance-local-completed-normally: 1 replication-assurance-local-completed-abnormally: 0 replication-assurance-local-completed-with-timeout: 0 replication-assurance-local-completed-with-shutdown: 0 replication-assurance-local-completed-with-unavailable-server: 0 replication-assurance-remote-completed-normally: 0 replication-assurance-remote-completed-abnormally: 0 replication-assurance-remote-completed-with-timeout: 0 replication-assurance-remote-completed-with-shutdown: 0 replication-assurance-remote-completed-with-unavailable-server: 0
-
Perform a modify of an entry under dc=example,dc=com on server 1. Check that
the counters matched the modify operation to the "Mods Processed All Locally"
policy and that the operations completed assured.
$ bin/ldapsearch --baseDN "cn=Replica dc_example_dc_com,cn=monitor" \ "(objectclass=*)" | grep replication-assurance replication-assurance-submitted-operations: 2 replication-assurance-local-completed-normally: 2 replication-assurance-local-completed-abnormally: 0 replication-assurance-local-completed-with-timeout: 0 replication-assurance-local-completed-with-shutdown: 0 replication-assurance-local-completed-with-unavailable-server: 0 replication-assurance-remote-completed-normally: 0 replication-assurance-remote-completed-abnormally: 0 replication-assurance-remote-completed-with-timeout: 0 replication-assurance-remote-completed-with-shutdown: 0 replication-assurance-remote-completed-with-unavailable-server: 0 replication-assurance-policy-matches: Adds Processed All Locally: 1 replication-assurance-policy-matches: Default Replication Assurance Policy: 0 replication-assurance-policy-matches: Mods Received Any Locally: 1 replication-assurance-local-level-uses: processed-all-servers: 1 replication-assurance-local-level-uses: received-any-server: 1 replication-assurance-remote-level-uses: none: 2 $ bin/ldapsearch --baseDN "cn=Replication Summary dc_example_dc_com,cn=monitor" \ "(objectclass=*)" | grep replication-assurance replication-assurance-submitted-operations: 2 replication-assurance-local-completed-normally: 2 replication-assurance-local-completed-abnormally: 0 replication-assurance-local-completed-with-timeout: 0 replication-assurance-local-completed-with-shutdown: 0 replication-assurance-local-completed-with-unavailable-server: 0 replication-assurance-remote-completed-normally: 0 replication-assurance-remote-completed-abnormally: 0 replication-assurance-remote-completed-with-timeout: 0 replication-assurance-remote-completed-with-shutdown: 0 replication-assurance-remote-completed-with-unavailable-server: 0
You have successfully configured Assured Replication.