Generate Multi-Master Replication configuration for OpenLDAP
authorOliver Liebel <oliver@itc.li>
Tue, 19 Aug 2008 02:03:04 +0000 (12:03 +1000)
committerAndrew Bartlett <abartlet@samba.org>
Tue, 19 Aug 2008 02:03:04 +0000 (12:03 +1000)
This patches provision-backend and the related scripts to generate the
correct configuration blobs for N-way multi-master replication using
OpenLDAP.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
(This used to be commit 6ed0b3f2475022288f636605492ca27fde97cd52)

source4/scripting/python/samba/provision.py
source4/setup/mmr_serverids.conf [new file with mode: 0644]
source4/setup/mmr_syncrepl.conf [new file with mode: 0644]
source4/setup/provision-backend
source4/setup/slapd.conf

index 4f7fbfc6e6873e747264243016e77fac19cc65ea..8abcc2f2e330777a25600253ff03d54bfd51e696 100644 (file)
@@ -76,7 +76,9 @@ class ProvisionPaths(object):
         self.memberofconf = None
         self.fedoradsinf = None
         self.fedoradspartitions = None
+       self.olmmron = None
+       self.olmmrserveridsconf = None
+       self.olmmrsyncreplconf = None
 
 class ProvisionNames(object):
     def __init__(self):
@@ -242,8 +244,12 @@ def provision_paths_from_lp(lp, dnsdomain):
                                       "memberof.conf")
     paths.fedoradsinf = os.path.join(paths.ldapdir, 
                                    "fedorads.inf")
-    paths.fedoradspartitions = os.path.join(paths.ldapdir, 
-                                            "fedorads-partitions.ldif")
+    paths.olmmrserveridsconf = os.path.join(paths.ldapdir, 
+                                      "mmr_serverids.conf")
+    paths.olmmrsyncreplconf = os.path.join(paths.ldapdir, 
+                                      "mmr_syncrepl.conf")
+    paths.olmmron = os.path.join(paths.ldapdir, 
+                                      "mmr_on.conf")
     paths.hklm = "hklm.ldb"
     paths.hkcr = "hkcr.ldb"
     paths.hkcu = "hkcu.ldb"
@@ -331,7 +337,7 @@ def guess_names(lp=None, hostname=None, domain=None, dnsdomain=None, serverrole=
     names.hostname = hostname
     names.sitename = sitename
     names.serverdn = "CN=%s,CN=Servers,CN=%s,CN=Sites,%s" % (netbiosname, sitename, configdn)
-    
     return names
     
 
@@ -1141,7 +1147,11 @@ def provision_backend(setup_dir=None, message=None,
                       smbconf=None, targetdir=None, realm=None, 
                       rootdn=None, domaindn=None, schemadn=None, configdn=None,
                       domain=None, hostname=None, adminpass=None, root=None, serverrole=None, 
-                      ldap_backend_type=None, ldap_backend_port=None):
+                      ldap_backend_type=None, ldap_backend_port=None,
+                     ol_mmr_urls=None, mmr_serverids_config=None, mmr_on_config=None, 
+                     mmr_syncrepl_schema_config=None,
+                     mmr_syncrepl_config_config=None,
+                     mmr_syncrepl_user_config=None ):
 
     def setup_path(file):
         return os.path.join(setup_dir, file)
@@ -1255,7 +1265,64 @@ def provision_backend(setup_dir=None, message=None,
 
         refint_config = read_and_sub_file(setup_path("refint.conf"),
                                             { "LINK_ATTRS" : refint_attributes})
-    
+
+########################################################
+### generate serverids and ldap-urls for mmr hosts   ###
+########################################################
+
+       mmr_on_config = " "
+       mmr_serverids_config = " "
+
+       if ol_mmr_urls is not None:
+               mmr_hosts=ol_mmr_urls
+               mmr_hosts=filter(None,mmr_hosts.split(' ')) 
+               
+               mmr_serverids_config = "# Generated from template mmr_serverids.conf\n" 
+               z=0
+               for i in mmr_hosts:
+                       z=z+1
+                       mmr_serverids_config += read_and_sub_file(setup_path("mmr_serverids.conf"),
+                                                                    { "SERVERID" : str(z),
+                                                                      "LDAPSERVER" : i })
+               mmr_on_config = "MirrorMode On"
+
+########################################################
+### generate syncrepl-blocks for mmr hosts           ###
+########################################################
+
+       mmr_syncrepl_schema_config = " " 
+       mmr_syncrepl_config_config = " " 
+       mmr_syncrepl_user_config = " " 
+       
+       if ol_mmr_urls is not None:
+               mmr_hosts=ol_mmr_urls
+               mmr_hosts=filter(None,mmr_hosts.split(' ')) 
+               mmr_syncrepl_schema_config = "# Generated from template mmr_syncrepl.conf\n" 
+               mmr_syncrepl_config_config = "# Generated from template mmr_syncrepl.conf\n" 
+               mmr_syncrepl_user_config = "# Generated from template mmr_syncrepl.conf\n" 
+               z=0
+               for i in mmr_hosts:
+                       z=z+1
+                       mmr_syncrepl_schema_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
+                                                                    {  "RID" : str(z),
+                                                                       "MMRDN": names.schemadn,
+                                                                       "LDAPSERVER" : i })
+
+               for i in mmr_hosts:
+                       z=z+1
+                       mmr_syncrepl_config_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
+                                                                    {  "RID" : str(z),
+                                                                       "MMRDN": names.configdn,
+                                                                       "LDAPSERVER" : i })
+
+               for i in mmr_hosts:
+                       z=z+1
+                       mmr_syncrepl_user_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
+                                                                    {  "RID" : str(z),
+                                                                       "MMRDN": names.domaindn,
+                                                                       "LDAPSERVER" : i })
+
+
         setup_file(setup_path("slapd.conf"), paths.slapdconf,
                    {"DNSDOMAIN": names.dnsdomain,
                     "LDAPDIR": paths.ldapdir,
@@ -1263,8 +1330,13 @@ def provision_backend(setup_dir=None, message=None,
                     "CONFIGDN": names.configdn,
                     "SCHEMADN": names.schemadn,
                     "MEMBEROF_CONFIG": memberof_config,
+                    "MIRRORMODE": mmr_on_config,
+                    "MMR_SERVERIDS_CONFIG": mmr_serverids_config,
+                    "MMR_SYNCREPL_SCHEMA_CONFIG": mmr_syncrepl_schema_config,
+                    "MMR_SYNCREPL_CONFIG_CONFIG": mmr_syncrepl_config_config,
+                    "MMR_SYNCREPL_USER_CONFIG": mmr_syncrepl_user_config,
                     "REFINT_CONFIG": refint_config})
-        setup_file(setup_path("modules.conf"), paths.modulesconf,
+       setup_file(setup_path("modules.conf"), paths.modulesconf,
                    {"REALM": names.realm})
         
         setup_db_config(setup_path, os.path.join(paths.ldapdir, "db", "user"))
diff --git a/source4/setup/mmr_serverids.conf b/source4/setup/mmr_serverids.conf
new file mode 100644 (file)
index 0000000..863508d
--- /dev/null
@@ -0,0 +1 @@
+ServerID ${SERVERID} "${LDAPSERVER}:9000"
diff --git a/source4/setup/mmr_syncrepl.conf b/source4/setup/mmr_syncrepl.conf
new file mode 100644 (file)
index 0000000..857f044
--- /dev/null
@@ -0,0 +1,10 @@
+syncrepl rid=${RID} 
+       provider="${LDAPSERVER}:9000"
+       searchbase="${MMRDN}"
+       type=refreshAndPersist
+       retry="10 +"
+       bindmethod=simple
+       binddn="CN=Manager,${MMRDN}"
+       credentials="linux"
+
+       
index 845dc8679a2ad4a3e8ff8aad9725f2a2f52b5329..049b8752a6fefebb82f000c9313bd1d3d437747a 100755 (executable)
@@ -64,6 +64,9 @@ parser.add_option("--server-role", type="choice", metavar="ROLE",
                help="Set server role to provision for (default standalone)")
 parser.add_option("--targetdir", type="string", metavar="DIR", 
                          help="Set target directory")
+parser.add_option("--ol-mmr-urls", type="string", metavar="LDAPSERVER",
+                help="List of LDAP-URLS separated with whitespaces for Use with OpenLDAP-MMR")
+
 
 opts = parser.parse_args()[0]
 
@@ -99,4 +102,6 @@ provision_backend(setup_dir=setup_dir, message=message, smbconf=smbconf, targetd
                  adminpass=opts.ldap_admin_pass,
                  root=opts.root, serverrole=server_role, 
                  ldap_backend_type=opts.ldap_backend_type,
-                 ldap_backend_port=opts.ldap_backend_port)
+                 ldap_backend_port=opts.ldap_backend_port,
+                 ol_mmr_urls=opts.ol_mmr_urls)
+
index 4dcfd2aba76ad448b6fa1073f4ac31604d2c24da..be68ec258850d8912f521e882c540e8ce18a64e7 100644 (file)
@@ -1,5 +1,10 @@
 loglevel 0
 
+### Multimaster-ServerIDs and URLs ###
+
+${MMR_SERVERIDS_CONFIG}
+
+
 include ${LDAPDIR}/backend-schema.schema
 
 pidfile                ${LDAPDIR}/slapd.pid
@@ -52,10 +57,12 @@ suffix              cn=Samba
 directory       ${LDAPDIR}/db/samba
 rootdn          cn=Manager,cn=Samba
 
-
+########################################
+### cn=schema ###
 database        hdb
 suffix         ${SCHEMADN}
 rootdn          cn=Manager,${SCHEMADN}
+rootpw         linux
 directory      ${LDAPDIR}/db/schema
 index           objectClass eq
 index           samAccountName eq
@@ -64,16 +71,25 @@ index objectCategory eq
 index lDAPDisplayName eq
 index subClassOf eq
 index cn eq
+index entryUUID,entryCSN eq
 
 #syncprov is stable in OpenLDAP 2.3, and available in 2.2.  
 #We only need this for the contextCSN attribute anyway....
 overlay syncprov
-syncprov-checkpoint 100 10
 syncprov-sessionlog 100
+# syncprov-checkpoint 100 10
 
+
+### Multimaster-Replication of cn=schema Subcontext ###
+${MMR_SYNCREPL_SCHEMA_CONFIG}
+${MIRRORMODE}
+
+#########################################
+### cn=config ###
 database        hdb
 suffix         ${CONFIGDN}
 rootdn          cn=Manager,${CONFIGDN}
+rootpw         linux
 directory      ${LDAPDIR}/db/config
 index           objectClass eq
 index           samAccountName eq
@@ -85,16 +101,24 @@ index subClassOf eq
 index dnsRoot eq
 index nETBIOSName eq
 index cn eq
+index entryUUID,entryCSN eq
 
 #syncprov is stable in OpenLDAP 2.3, and available in 2.2.  
 #We only need this for the contextCSN attribute anyway....
 overlay syncprov
-syncprov-checkpoint 100 10
 syncprov-sessionlog 100
+# syncprov-checkpoint 100 10
+
+### Multimaster-Replication of cn=config Subcontext ###
+${MMR_SYNCREPL_CONFIG_CONFIG}
+${MIRRORMODE}
 
+########################################
+### cn=users /base-dn  ###
 database        hdb
 suffix         ${DOMAINDN}
 rootdn          cn=Manager,${DOMAINDN}
+rootpw         linux
 directory      ${LDAPDIR}/db/user
 index           objectClass eq
 index           samAccountName eq
@@ -110,10 +134,14 @@ index subClassOf eq
 index dnsRoot eq
 index nETBIOSName eq
 index cn eq
+index entryUUID,entryCSN eq
 
 #syncprov is stable in OpenLDAP 2.3, and available in 2.2.  
 #We only need this for the contextCSN attribute anyway....
 overlay syncprov
-syncprov-checkpoint 100 10
 syncprov-sessionlog 100
+# syncprov-checkpoint 100 10
 
+### Multimaster-Replication of cn=user/base-dn context ###
+${MMR_SYNCREPL_USER_CONFIG}
+${MIRRORMODE}