Re: [Freeipa-users] understanding RUVs?
On 04/21/2015 01:26 AM, Janelle wrote: Hello, When I was working with OpenLDAP, and AD - and did not deal with RUVs the way I am with 389-ds and IPA. I am trying to understand what is normal for values. If I am looking at this (and seem to have no replication problems): ipa-replica-manage list-ruv ipa001.example.com:389: 13 ipa002.example.com:389: 12 ipa003.example.com:389: 11 ipa004.example.com:389: 10 ipa005.example.com:389: 7 ipa006.example.com:389: 6 ipa007.example.com:389: 5 ipa008.example.com:389: 3 ipa009.example.com:389: 16 ipa00a.example.com:389: 17 ipa00b.example.com:389: 15 ipa00c.example.com:389: 14 ipa00d.example.com:389: 9 ipa00e.example.com:389: 8 ipa00f.example.com:389: 4 I guess I was wondering, should I be seeing all the same values or should they all be unique based on being replicated and the order they were added? They should be unique, that's for sure. There is some info on them in Red Hat DS docs: https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html#cleanruv I am just not sure if they are replicated or per-server. But given they live in SUFFIX, I assume they are. The list above looks OK to me, so it should not cause the replication problems. But I am rather CCing Thierry to advise here. Or is it telling me something else? Sorry, I guess I am still trying to wrap my head around replication metadata. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] understanding RUVs?
On 04/21/2015 09:11 AM, Martin Kosek wrote: On 04/21/2015 01:26 AM, Janelle wrote: Hello, When I was working with OpenLDAP, and AD - and did not deal with RUVs the way I am with 389-ds and IPA. I am trying to understand what is normal for values. If I am looking at this (and seem to have no replication problems): ipa-replica-manage list-ruv ipa001.example.com:389: 13 ipa002.example.com:389: 12 ipa003.example.com:389: 11 ipa004.example.com:389: 10 ipa005.example.com:389: 7 ipa006.example.com:389: 6 ipa007.example.com:389: 5 ipa008.example.com:389: 3 ipa009.example.com:389: 16 ipa00a.example.com:389: 17 ipa00b.example.com:389: 15 ipa00c.example.com:389: 14 ipa00d.example.com:389: 9 ipa00e.example.com:389: 8 ipa00f.example.com:389: 4 I guess I was wondering, should I be seeing all the same values or should they all be unique based on being replicated and the order they were added? They should be unique, that's for sure. There is some info on them in Red Hat DS docs: https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html#cleanruv I am just not sure if they are replicated or per-server. But given they live in SUFFIX, I assume they are. The list above looks OK to me, so it should not cause the replication problems. Hello, Yes this RUV is normal. The RUV is a special 389-ds entry that is per server. This entry allows replication protocol (run by the replica agreements) to detect what updates are missing and then send the missing ones. The command list-ruv displays a subset of the attribute values of that entry. It displays url and the replicaId. A normal RUV in a replication topology contains unique replicaId and a url must be listed only once. thanks thierry But I am rather CCing Thierry to advise here. Or is it telling me something else? Sorry, I guess I am still trying to wrap my head around replication metadata. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] understanding RUVs?
On 04/21/2015 01:26 AM, Janelle wrote:
Hello,
When I was working with OpenLDAP, and AD - and did not deal with
RUVs the way I am with 389-ds and IPA.
I am trying to understand what is normal for values. If I am looking
at this (and seem to have no replication problems):
ipa-replica-manage list-ruv
ipa001.example.com:389: 13
ipa002.example.com:389: 12
ipa003.example.com:389: 11
ipa004.example.com:389: 10
ipa005.example.com:389: 7
ipa006.example.com:389: 6
ipa007.example.com:389: 5
ipa008.example.com:389: 3
ipa009.example.com:389: 16
ipa00a.example.com:389: 17
ipa00b.example.com:389: 15
ipa00c.example.com:389: 14
ipa00d.example.com:389: 9
ipa00e.example.com:389: 8
ipa00f.example.com:389: 4
I guess I was wondering, should I be seeing all the same values or
should they all be unique based on being replicated and the order
they were added? Or is it telling me something else? Sorry, I guess I
am still trying to wrap my head around replication metadata.
the output of list-ruv lists the replicaids and the corresponding
servers the replica knows about. It should be unique and exactly match
the servers (with their replicaid) deployed in your topology.
If there are more ruvs, you probably have removed a server and should
clean the ruv, if you have less than replication from the missing
replica in the list did not get propagated to this server.
But the output of list-ruv only shows part of the RUV, the real ruv
looks like this:
ldapsearch -LLL -o ldif-wrap=no -h localhost -p 30522 -x -D
cn=directory manager -w . -b cn=config
objectclass=nsds5replica nsds50ruv
dn: cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config
nsds50ruv: {replicageneration} 51dc3bac0064
nsds50ruv: {replica 100 ldap://localhost:30522} 5506ce510064
55254d910064
nsds50ruv: {replica 200 ldap://localhost:4945} 5506cf8e00c8
5506cf8e00c8
The most important part is the last field, eg 55254d910064 it is
the csn of the last change this server has seen for replicaid 100
(0x64). In a replication session the ruvs of the supplier and consumer
are compared to detect if the supplier has changes the consumer has not
yet seen.
So the ruvs have to be managed per server.
Ludwig
Thank you
~J
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
[Freeipa-users] understanding RUVs?
Hello, When I was working with OpenLDAP, and AD - and did not deal with RUVs the way I am with 389-ds and IPA. I am trying to understand what is normal for values. If I am looking at this (and seem to have no replication problems): ipa-replica-manage list-ruv ipa001.example.com:389: 13 ipa002.example.com:389: 12 ipa003.example.com:389: 11 ipa004.example.com:389: 10 ipa005.example.com:389: 7 ipa006.example.com:389: 6 ipa007.example.com:389: 5 ipa008.example.com:389: 3 ipa009.example.com:389: 16 ipa00a.example.com:389: 17 ipa00b.example.com:389: 15 ipa00c.example.com:389: 14 ipa00d.example.com:389: 9 ipa00e.example.com:389: 8 ipa00f.example.com:389: 4 I guess I was wondering, should I be seeing all the same values or should they all be unique based on being replicated and the order they were added? Or is it telling me something else? Sorry, I guess I am still trying to wrap my head around replication metadata. Thank you ~J -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
