Hi,
This is the setup I would like to have.
LDAP clients
_____________|___________________
| __________LoadBalancer1_________ |
| | |
ldapserver1 ldapserver2 ldapserver3
My challange is I never did this kind of architecture before, So
would like to know from LB prosepctive, How to configure it like
say i have to create a DNS FQDN e.g "ldapserver.example.com" and then
use this as a floating IP/hostname for the 3 ldapservers
in the backend? or whats should be done? The network team will do the
setup but i need to tell them what to do. My next question
would be i would like to configure LDAPS, so how to create the
certificate i mean what to provide in common name or how to create a
certificate which can be shared across the servers, am using
"openssl" ? I am using SLES 11(SP1) and the setup wiould be a
Multi-Master
replication.
Please help.
Regards,
Neo
On Fri, Sep 9, 2011 at 8:14 PM, pradyumna dash <[email protected]>wrote:
> Hi,
>
> Thanks for the suggestion, but i never did it before , if you can share a
> doc or something would be great.
>
> I use the openssl to generate the certificate, so even i dont know how to
> configure subjectAltNames. Also if you can explain a bit how i should i
> proceed would be appreciated.
>
> Example : ldap1.example.com ldap2.example.com
>
> So in the load balancer what to configure and how to create the
> certificate.
>
> Please help.
>
> Regards,
> Pradyumna
>
>
> On Fri, Sep 9, 2011 at 7:35 PM, Quanah Gibson-Mount <[email protected]>wrote:
>
>> --On Thursday, September 08, 2011 10:17 PM +0200 pradyumna dash <
>> [email protected]> wrote:
>>
>> Hi,
>>>
>>>
>>> I would like to setup OpenLDAP Mater-Master replication, before that i
>>> would like to know something more about it, because i
>>> never implemented the same.
>>>
>>>
>>> Suppose i have 2 servers ldap1.example.com and ldap2.example.com
>>>
>>>
>>> I will configure M-M replication with LDAPS, in this scenario how my
>>> architecture should be? Do i need to keep it behind the loadbalancer or
>>> what are the steps to do it?
>>> How come the client will come to know if any of the server is down, it
>>> will talk to the other server, because in my ldap.conf file i will have a
>>> single URI/host entry
>>> pointing to one of the server and also how to create the certificate, do
>>> i need 2 individiual certificate 1 for ldap1 and 1 for ldap2?
>>>
>>
>> I would suggest a cert for ldap1 and ldap2, both with having
>> subjectAltNames for a load balanced name too, so clients can work directly
>> to the servers and directly with the LB name.
>>
>> --Quanah
>>
>>
>> --
>>
>> Quanah Gibson-Mount
>> Sr. Member of Technical Staff
>> Zimbra, Inc
>> A Division of VMware, Inc.
>> --------------------
>> Zimbra :: the leader in open source messaging and collaboration
>>
>
>
