Red Hat Summit Red Hat SummitSupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 6. Configuring cascading replication using the command line

Configure cascading replication by setting up a hub server that acts as both a consumer and a supplier in your topology. The hub server forwards updates to consumers, reducing the processing burden on the primary supplier, while ensuring consistent data synchronization between the consumers.

The hub is a read-only replica that maintains a changelog.

6.1. Preparing the new hub server using the command line
Link kopieren

Enable replication on the hub.example.com host to configure cascading replication within your topology.

The process achieves the following:

  • Configures the role of this server in the replication topology
  • Defines the suffix that is replicated
  • Creates the replication manager account the supplier uses to connect to this host

Perform this procedure on the hub that you want to add to the replication topology.

Prerequisites

Procedure

  • Enable replication for the dc=example,dc=com suffix: 

    # dsconf <hub_instance_name> replication enable --suffix "dc=example,dc=com" --role "hub" --bind-dn "cn=replication manager,cn=config" --bind-passwd "<password>"

    This command configures the hub.example.com host as a hub for the dc=example,dc=com suffix. Additionally, the command creates the cn=replication manager,cn=config user with the specified password and allows this account to replicate changes for the suffix to this host.

Verification

  • Display the replication configuration: 

    # dsconf <hub_instance_name> replication get --suffix "dc=example,dc=com"
     
    dn: cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config
...
nsDS5ReplicaBindDN: cn=replication manager,cn=config
nsDS5ReplicaRoot: dc=example,dc=com
nsDS5ReplicaType: 2
nsDS5ReplicaId: 65535
...

    These parameters indicate:

    • nsDS5ReplicaBindDN specifies the replication manager account.
    • nsDS5ReplicaRoot sets the suffix that is replicated.
    • nsDS5ReplicaType set to 2 defines that this host is a consumer, which is also valid for a hub.
    • nsDS5ReplicaId set to 65535 defines that this host is a hub. The dsconf utility automatically sets this value if you define the --role "hub" option.

Configure an existing Directory Server instance as a supplier to a hub server to enable cascading replication. Define the supplier settings to send directory updates to the hub that then forwards changes to consumers reducing the processing load on the primary supplier.

To prepare the existing server as a supplier, you need to do the following:

  • Enable replication for the suffix.
  • Create a replication agreement that points to the hub.
  • Initialize the hub.

Perform this procedure on the existing supplier in the replication topology.

Prerequisites

  • You enabled replication for the dc=example,dc=com suffix on the hub to join.

Procedure

  1. Enable replication for the dc=example,dc=com suffix: 

    # dsconf <supplier_instance_name> replication enable --suffix "dc=example,dc=com" --role "supplier" --replica-id 1

    This command configures the supplier.example.com host as a supplier for the dc=example,dc=com suffix, and sets the replica ID of this entry to 1.

    Important

    The replica ID must be a unique integer between 1 and 65534 for a suffix across all suppliers in the topology.

  2. Add the replication agreement and initialize the new server: 

    # dsconf <supplier_instance_name> repl-agmt create --suffix "dc=example,dc=com" --host "hub.example.com" --port 389 --conn-protocol LDAP --bind-dn "cn=replication manager,cn=config" --bind-passwd "<password>" --bind-method SIMPLE --init example-agreement-supplier-to-hub

    This command creates a replication agreement named example-agreement-supplier-to-hub. The replication agreement defines settings, such as the hub’s host name, protocol, and authentication information that the supplier uses when connecting and replicating data to the hub.

    After the agreement was created, Directory Server initializes hub.example.com. Depending on the amount of data to replicate, initialization can be time-consuming.

Verification

  1. Display the replication configuration: 

    # dsconf <supplier_instance_name> replication get --suffix "dc=example,dc=com"
     
    dn: cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config
...
nsDS5ReplicaRoot: dc=example,dc=com
nsDS5ReplicaType: 3
...

    These parameters indicate:

    • nsDS5ReplicaRoot sets the suffix that is replicated.
    • nsDS5ReplicaType set to 3 defines that this host is a supplier.

  2. Verify whether the initialization was successful: 

    # dsconf <supplier_instance_name> repl-agmt init-status --suffix "dc=example,dc=com" example-agreement-supplier-to-hub
     
    Agreement successfully initialized.

  3. Display the replication status: 

    # dsconf <supplier_instance_name> repl-agmt status --suffix "dc=example,dc=com" example-agreement-supplier-to-hub
     
    Status For Agreement: "example-agreement-supplier-to-hub" (hub.example.com:389)
Replica Enabled: on
Update In Progress: FALSE
Last Update Start: 20210331105030Z
Last Update End: 20210331105030Z
Number Of Changes Sent: 0
Number Of Changes Skipped: None
Last Update Status: Error (0) Replica acquired successfully: Incremental update succeeded
Last Init Start: 20210331105026Z
Last Init End: 20210331105029Z
Last Init Status: Error (0) Total update succeeded
Reap Active: 0
Replication Status: Not in Synchronization: supplier (Unknown) consumer (Unknown) State (green) Reason (error (0) replica acquired successfully: incremental update succeeded)
Replication Lag Time: Unavailable

    Verify the Replication Status and Last Update Status fields.

Troubleshooting

  • By default, the replication idle timeout for all agreements on a server is 1 hour. If the initialization of large databases fails due to timeouts, set the nsslapd-idletimeout parameter to a higher value. For example, to set the parameter to 7200 (2 hours), enter: 

    # dsconf <supplier_instance_name> config replace nsslapd-idletimeout=7200

    To set an unlimited period, set nsslapd-idletimeout to 0.

6.3. Preparing the new consumer of the hub using the command line
Link kopieren

Prepare a new consumer instance to receive updates from a hub server in a cascading replication topology. Define the consumer role, configure replication manager credentials, and enable replication via the command line to ensure data synchronization.

Enabling replication on consumer.example.com achieves the following:

  • Configures the role of this server in the replication topology
  • Defines the suffix that is replicated
  • Creates the replication manager account the hub uses to connect to this host

Perform this procedure on the consumer that you want to add to the replication topology.

Prerequisites

Procedure

  • Enable replication for the dc=example,dc=com suffix: 

    # dsconf <consumer_instance_name> replication enable --suffix "dc=example,dc=com" --role "consumer" --bind-dn "cn=replication manager,cn=config" --bind-passwd "<password>"

    This command configures the consumer.example.com host as a consumer for the dc=example,dc=com suffix. Additionally, the command creates the cn=replication manager,cn=config user with the specified password and allows this account to replicate changes for the suffix to this host.

Verification

  • Display the replication configuration: 

    # dsconf <consumer_instance_name> replication get --suffix "dc=example,dc=com"
     
    dn: cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config
...
nsDS5ReplicaBindDN: cn=replication manager,cn=config
nsDS5ReplicaRoot: dc=example,dc=com
nsDS5ReplicaType: 2
...

    These parameters indicate:

    • nsDS5ReplicaBindDN specifies the replication manager account.
    • nsDS5ReplicaRoot sets the suffix that is replicated.
    • nsDS5ReplicaType set to 2 defines that this host is a consumer.

Configure the hub server as a supplier for a consumer in Directory Server to enable cascading replication. Establishing this relationship enables the hub to forward directory updates to the consumer, ensuring data synchronization across the topology while reducing the processing load on the primary supplier.

To prepare the hub, you need to do the following:

  • Create a replication agreement that points to the consumer.
  • Initialize the consumer.

Perform this procedure on the hub in the replication topology.

Prerequisites

  • The hub is initialized, and replication from the supplier to the hub works.
  • You enabled replication for the dc=example,dc=com suffix on the hub.

Procedure

  • Add the replication agreement and initialize the consumer: 

    # dsconf <hub_instance_name> repl-agmt create --suffix "dc=example,dc=com" --host "consumer.example.com" --port 389 --conn-protocol LDAP --bind-dn "cn=replication manager,cn=config" --bind-passwd "<password>" --bind-method SIMPLE --init example-agreement-hub-to-consumer

    This command creates a replication agreement named example-agreement-hub-to-consumer. The replication agreement defines settings, such as the consumer’s host name, protocol, and authentication information that the supplier uses when connecting and replicating data to this consumer.

    After the agreement was created, Directory Server initializes consumer.example.com. Depending on the amount of data to replicate, initialization can be time-consuming.

Verification

  1. Verify whether the initialization was successful: 

    # dsconf <hub_instance_name> repl-agmt init-status --suffix "dc=example,dc=com" example-agreement-hub-to-consumer
     
    Agreement successfully initialized.

  2. Display the replication status: 

    # dsconf <hub_instance_name> repl-agmt status --suffix "dc=example,dc=com" example-agreement-hub-to-consumer
     
    Status For Agreement: "example-agreement-hub-to-consumer" (consumer.example.com:389)
Replica Enabled: on
Update In Progress: FALSE
Last Update Start: 20210331131534Z
Last Update End: 20210331131534Z
Number Of Changes Sent: 0
Number Of Changes Skipped: None
Last Update Status: Error (0) Replica acquired successfully: Incremental update succeeded
Last Init Start: 20210331131530Z
Last Init End: 20210331131533Z
Last Init Status: Error (0) Total update succeeded
Reap Active: 0
Replication Status: Not in Synchronization: supplier (Unknown) consumer (Unknown) State (green) Reason (error (0) replica acquired successfully: incremental update succeeded)
Replication Lag Time: Unavailable

    Verify the Replication Status and Last Update Status fields.

Troubleshooting

  • By default, the replication idle timeout for all agreements on a server is 1 hour. If the initialization of large databases fails due to timeouts, set the nsslapd-idletimeout parameter to a higher value. For example, to set the parameter to 7200 (2 hours), enter: 

    # dsconf <hub_instance_name> config replace nsslapd-idletimeout=7200

    To set an unlimited period, set nsslapd-idletimeout to 0.

Red Hat logoGithubredditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können. Entdecken Sie unsere neuesten Updates.

Legal Notice

Theme

© 2026 Red HatNach oben