Bug 462920 - Make DNA plug-in auto-extend exhausted ranges
Make DNA plug-in auto-extend exhausted ranges
Status: CLOSED CURRENTRELEASE
Product: 389
Classification: Community
Component: Server - DNA Plug-in (Show other bugs)
1.1.2
All Linux
medium Severity medium
: ---
: ---
Assigned To: Nathan Kinder
Chandrasekar Kannan
:
Depends On:
Blocks: 249650 FDS1.2.0
  Show dependency treegraph
 
Reported: 2008-09-19 14:13 EDT by Nathan Kinder
Modified: 2015-01-04 18:34 EST (History)
4 users (show)

See Also:
Fixed In Version: 8.1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-04-29 19:06:32 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
CVS Diffs (85.90 KB, patch)
2008-09-19 14:26 EDT, Nathan Kinder
no flags Details | Diff
Revised Diffs (85.96 KB, patch)
2008-09-22 18:27 EDT, Nathan Kinder
no flags Details | Diff

  None (edit)
Description Nathan Kinder 2008-09-19 14:13:48 EDT
When using the DNA plug-in in a multi-master replication scenario, a master should try to transfer range from another master when it's own range is exhausted (or hits a low-water mark).
Comment 1 Nathan Kinder 2008-09-19 14:26:40 EDT
Created attachment 317225 [details]
CVS Diffs

These diffs implement auto-extension of ranges.

The way that this works is that a server sends a range extension extended operation request to another server when it hits a threshold.  The contents of this request are simply a string identifying the range it would like to extend (more details on this string below).  The other server will respond with an extended operation response containing a set of new minimum and maximum values that define the range it is transferring if it decides to give up the range.  This extended operation is only allowed by the replication bind DN.  The transferred range is always from the top-end of the server's range that is releasing the values.  It will give up to half of it's remaining allocated values up for each request.

For a server to know what other servers it can request range from, a shared configuration entry for each managed range is configured by the administrator.  This shared config entry must be located in the replicated tree.  Each server who has a range configured to use that shared entry will maintain a child entry for itself there.  This child entry has the server's hostname and portnumbers along with the remaining number of values that it has left.  This allows a server to ask the server with the most available values for range first instead of just asking all servers in a random order.  This shared config entry is the string that is used in the extended operation request.

When a range is transferred from another server, it is saved as an "on-deck" range until the old range is completely exhausted.  At that time, it will be made the active range.  This approach also allows an administrator to manually add a new range to a server by simply adding the dnaNextRange attribute to the range configuration entry, which puts this new range "on-deck".

In addition to the above, I made the DNA plug-in register for internal operations so it can catch new entries added by winsync.  I also added some functions to SLAPI for fetching long long values from attributes.
Comment 2 Nathan Kinder 2008-09-22 18:27:45 EDT
Created attachment 317423 [details]
Revised Diffs

I noticed a few unused defines that I meant to remove, so this new set of diffs addresses that.
Comment 3 Rich Megginson 2008-09-24 15:59:40 EDT
https://bugzilla.redhat.com/attachment.cgi?id=317423&action=diff#ldap/servers/plugins/dna/dna.c_sec14
in dna_load_host_port()
I think you need to add nsslapd-secureport to the attr list, otherwise it won't be returned.

Otherwise, ok.
Comment 4 Nathan Kinder 2008-09-24 17:09:40 EDT
(In reply to comment #3)
> https://bugzilla.redhat.com/attachment.cgi?id=317423&action=diff#ldap/servers/plugins/dna/dna.c_sec14
> in dna_load_host_port()
> I think you need to add nsslapd-secureport to the attr list, otherwise it won't
> be returned.
> 
> Otherwise, ok.

Good catch!  I'll get a new patch attached and check everything in.
Comment 5 Nathan Kinder 2008-09-24 17:23:03 EDT
Checked into ldapserver (HEAD).

Checking in ldap/ldif/template-dnaplugin.ldif.in;
/cvs/dirsec/ldapserver/ldap/ldif/template-dnaplugin.ldif.in,v  <--  template-dnaplugin.ldif.in
new revision: 1.2; previous revision: 1.1
done
Checking in ldap/servers/plugins/dna/dna.c;
/cvs/dirsec/ldapserver/ldap/servers/plugins/dna/dna.c,v  <--  dna.c
new revision: 1.9; previous revision: 1.8
done
Checking in ldap/servers/slapd/entry.c;
/cvs/dirsec/ldapserver/ldap/servers/slapd/entry.c,v  <--  entry.c
new revision: 1.17; previous revision: 1.16
done
Checking in ldap/servers/slapd/slapi-plugin.h;
/cvs/dirsec/ldapserver/ldap/servers/slapd/slapi-plugin.h,v  <--  slapi-plugin.h
new revision: 1.30; previous revision: 1.29
done
Checking in ldap/servers/slapd/value.c;
/cvs/dirsec/ldapserver/ldap/servers/slapd/value.c,v  <--  value.c
new revision: 1.7; previous revision: 1.6
done
Comment 6 Jenny Galipeau 2009-02-25 13:41:21 EST
This functionality now exists in DS 8.1 and is being tested by automated DNA acceptance testing.
Comment 7 Chandrasekar Kannan 2009-04-29 19:06:32 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2009-0455.html

Note You need to log in before you can comment on or make changes to this bug.