Shulou(Shulou.com)06/02 Report--

Basic environment

Hostname IP address remarks node201172.20.20.201

Node202172.20.20.202

Description: here are all root user operations

1. Basic environment, LDAP, phpLDAPAdmin deployment (both are deployed)

Note:

a. Configure hosts on both sets

Cat > > / etc/hosts cd / etc/openldap/

Shell > vi syncprov_mod.ldif

Dn: cn=module,cn=config

ObjectClass: olcModuleList

Cn: module

OlcModulePath: / usr/lib64/openldap

OlcModuleLoad: syncprov.la

Shell > ldapadd-Y EXTERNAL-H ldapi:///-f syncprov_mod.ldif

Shell > vi configrep.ldif

# Update Server ID with LDAP URL #

Dn: cn=config

Changetype: modify

Replace: olcServerID

OlcServerID: 1 ldap://172.20.20.201

OlcServerID: 2 ldap://172.20.20.202

# Enable replication #

Dn: olcOverlay=syncprov,olcDatabase= {2} hdb,cn=config

Changetype: add

ObjectClass: olcOverlayConfig

ObjectClass: olcSyncProvConfig

OlcOverlay: syncprov

# Adding details for replication #

Dn: olcDatabase= {2} hdb,cn=config

Changetype: modify

Add: olcSyncRepl

OlcSyncRepl:

Rid=001

Provider=ldap://172.20.20.201

Binddn= "cn=Manager,dc=node201,dc=com"

Bindmethod=simple

Credentials=root

Searchbase= "dc=node201,dc=com"

Type=refreshAndPersist

Retry= "5 5 300 5"

Timeout=1

OlcSyncRepl:

Rid=002

Provider=ldap://172.20.20.202

Binddn= "cn=Manager,dc=node201,dc=com"

Bindmethod=simple

Credentials=root

Searchbase= "dc=node201,dc=com"

Type=refreshAndPersist

Retry= "5 5 300 5"

Timeout=1

-

Add: olcMirrorMode

OlcMirrorMode: TRUE

Shell > ldapmodify-Y EXTERNAL-H ldapi:///-f configrep.ldif

3. Configure the slapd file for node201 (operate on node201)

Shell > vi / etc/sysconfig/slapd

# OpenLDAP server configuration

# see 'man slapd' for additional information

# Where the server will run (- h option)

#-ldapi:/// is required for on-the-fly configuration using client tools

# (use SASL with EXTERNAL mechanism for authentication)

#-default: ldapi:/// ldap:///

#-example: ldapi:/// ldap://127.0.0.1/ ldap://10.0.0.1:1389/ ldaps:///

SLAPD_URLS= "ldapi:/// ldap://172.20.20.201 ldap://127.0.0.1"

# Any custom options

# SLAPD_OPTIONS= ""

# Keytab location for GSSAPI Kerberos authentication

# KRB5_KTNAME= "FILE:/etc/openldap/ldap.keytab"

4. Configure the slapd file for node202 (operate on node202)

Shell > vi / etc/sysconfig/slapd

# OpenLDAP server configuration

# see 'man slapd' for additional information

# Where the server will run (- h option)

#-ldapi:/// is required for on-the-fly configuration using client tools

# (use SASL with EXTERNAL mechanism for authentication)

#-default: ldapi:/// ldap:///

#-example: ldapi:/// ldap://127.0.0.1/ ldap://10.0.0.1:1389/ ldaps:///

SLAPD_URLS= "ldapi:/// ldap://172.20.20.202 ldap://127.0.0.1"

# Any custom options

# SLAPD_OPTIONS= ""

# Keytab location for GSSAPI Kerberos authentication

# KRB5_KTNAME= "FILE:/etc/openldap/ldap.keytab"

5. Restart the slapd service (both operate)

Shell > systemctl restart slapd

6. Insert data validation

Add a new record on node201, and then check that it has been synchronized on node202

a. Add a new record to node201

b. View records on node202

At this point, the synchronization architecture of node201 and node202 nodes has been deployed.

Finally:

In the upstream of its two nodes, access LVS/Nginx/HAProxy/ Ali Cloud SLB (it is recommended that the access layer is also HA architecture).

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.