Directory Server availability is usually obtained with setting up several instances in a Multi-Master Replication (MMR) topology, but we do also support deployments in a Sun Cluster environment. For the pros and cons of using MMR vs Cluster, you may want to read Neil’s post on the subject.
Before You Start
This cookbook describes how to install
Directory Server as a data service for Sun Cluster 3.1 (or higher) on Solaris 9 or
10 systems, for SPARC, x86, and x64 platforms. You install Directory
Server from native packages by using the Java ES installer.
You must be familiar with Sun Cluster and Directory Server technology in order to find this cookbook useful.
A
detailed How-to guide for setting up a 2 node cluster can be found here.
In following the instructions here, you create one resource group per Directory Server instance.
The example assumes that the machines are in the example.com domain.
To Prepare Sun Cluster
Start
by preparing the cluster. Directory Service requires an IP address, and
also disk space. Configure the disks in failover mode with affinity set
to on.
Note: You execute cluster commands scrgadm and scswitch only on one node of the cluster.
- /etc/hosts and /etc/nsswitch.conf
- Make sure the logical host name you intend to use is in /etc/hosts (in this example: sun-ldap).
- Make sure you have "files" before "nis" or "dns" in /etc/nsswitch.conf:
hosts: cluster files nis [NOTFOUND=return] - Disks
- Make
sure the shared disks that used for the Directory Server instance do
not have the global option set. Use the "no logging" option, rather
than the "yes global,logging" in /etc/vfstab:
/dev/md/sc1/dsk/d50 /dev/md/sc1/rdsk/d50 /clusteredfs/sunds ufs 2 no logging - umount the disks:
- umount /clusterdisks/sunds
- Create the resource group, and the logical hostname:
- scrgadm -a -g ds-ldap1
- scrgadm -a -L -g ds-ldap1 -l sun-ldap
- Create and configure the disks (HAStoragePlus in failover mode)
- scrgadm -a -t SUNW.HAStoragePlus
- scrgadm -a -j disks -g ds-ldap1 -t SUNW.HAStoragePlus -x FilesystemMountPoints=/clusteredfs/sunds -x AffinityOn=TRUE
- Enable the resource group
- scswitch -Z -g ds-ldap1
To Install Directory Server With the Java ES Installer
Install
Directory Server packages on all nodes of the cluster in their default
locations (using the default BASEDIR). Do not use the Java ES installer
to create or to configure a Directory Server instance. Instead, use
dsadm as described in the section "To Create a Directory Server Instance" of this cookbook.
- Install Directory Server on all nodes of the cluster:
- Use JES installer
- Install all Directory Server software, including the configuration tools.
- Do not create an instance. Do not configure anything ("configure later" in the Java ES installer).
- Install Cluster Agents. (This is a specific checkbox in the installer).
To Create a Directory Server Instance
Create
the Directory Server instance on the failover file system. Once
created, manage the instance using Sun Cluster commands. Perform this
procedure on only one node of the cluster.
- Make sure the failover filesystem is mounted on the local node:
- scswitch -z -g ds-ldap1 -h `uname -n`
- Create the Directory Server instance:
- echo secret12 > /tmp/me/password.txt
- chmod 700 /tmp/me/password.txt
- dsadm create -w /tmp/me/password.txt -h sun-ldap.example.com /clusteredfs/sunds/myds
Notes:
The logical hostname must be specified when creating the instance,
otherwise the server will use the node name. This name is used for
referrals, mostly by the replication feature.- If you
install DS as a non-root user, you need to specify port numbers higher
than 1024 and make sure you have write permissions in
/global/sc1/sunds/:
dsadm create -p 1389 -P 1636 -w /tmp/me/password.txt -h sun-ldap.example.com /clusteredfs/sunds/myds - Make sure the Directory Server instance is properly working:
- Start the Directory Server instance manually on the node1:
dsadm start /clusteredfs/sunds/myds - Test with an LDAP client to connect to the Directory Server instance:
ldapsearch -h sun-ldap.example.com -b "" -s base ‘(objectclass=*)’ - Stop the Directory Server instance:
dsadm stop /clusteredfs/sunds/myds - Switch the Cluster to the other node:
scswitch -z -g ds-ldap1 -h node2 - Start the Directory Server instance manually on the other node:
dsadm start /clusteredfs/sunds/myds - Test with an LDAP client:
ldapsearch -h sun-ldap.example.com -b "" -s base ‘(objectclass=*)’ - Stop the Directory Server instance:
dsadm stop /clusteredfs/sunds/myds - Enable the newly created Directory Server instance as a Cluster resource:
- (as root) scrgadm -a -t SUNW.ds6ldap
- (as root) dsadm enable-service –type CLUSTER /clusteredfs/sunds/myds ds-ldap1
- Work-around bug 6478568 – Missing dependency on disks in dsadm enable-service –type CLUSTER:
- scrgadm -c -j ds–clusteredfs-sunds-myds -y Resource_dependencies=disks
Note: The previous command names the resource with a predefined
format which is later used to retrieve the DS instance. As a result,
any attempt to change the resource name will cause the start and stop
commands to fail. Also, dashes and spaces should be avoided in the
installation path of the Directory Server instances. These limitations
may be removed in future versions of DS 6 and its cluster agent.
To Manage a Directory Server Instance
At
this point, only root can stop and start the Directory Server instance,
either with the cluster commands (scswitch -e|-n|-z) on any node of the
cluster, or with the dsadm command:
- scswitch -e -j ds–clusteredfs-sunds-myds
- dsadm start /clusteredfs/sunds/myds
Ludo Sketches 