|Oracle® Application Server High Availability Guide
Part Number B28186-01
Oracle Real Application Clusters (Oracle RAC) is a computing environment that harnesses the processing power of multiple, interconnected computers. Along with a collection of hardware, called a cluster, it unites the processing power of each component to become a single, robust computing environment. A cluster comprises two or more computers, also called nodes.
This chapter discusses the ways you can run Oracle Internet Directory in an Oracle RAC system. It contains these topics:
A computer where an instance resides. It can be part of a Massively Parallel Computing Infrastructure in which it shares disk storage with other nodes. In most cases, a node has its own copy of the operating system.
A set of instances, each typically running on a different node, that coordinate with each other when accessing the shared database on the disk
An operating system-dependent component that discovers and tracks the membership state of nodes by providing a common view of cluster membership across the cluster
A runtime failover for high-availability environments, such as Oracle RAC and Oracle Fail Safe, that refers to the failover and re-establishment of application-to-service connections. It allows client applications to automatically reconnect to the database if the connection fails, and optionally resume a SELECT statement that was in progress. This reconnect happens automatically from within the Oracle Call Interface (OCI).
The client notices no connection loss as long as there is one instance left serving the application.
Failover method in which a client connect request is forwarded to another listener if the first listener is not responding. It is enabled by service registration, because the listener knows whether an instance is running before attempting a connection.
For information on installing Oracle Internet Directory against an Oracle RAC database, see the chapter entitled "Installing in High Availability Environments: OracleAS Cluster (Identity Management)" in the Oracle Application Server Installation Guide.
To achieve a very comprehensive high availability configuration, you can configure Oracle Internet Directory to run on an Oracle RAC environment. This involves running Oracle Internet Directory processes and the Oracle Internet Directory-designated database on all the Oracle RAC nodes.
Figure 9-1 shows a two-node cluster on which an Oracle RAC database is configured.
As Figure 9-1 shows:
Oracle directory server instance 1 is active on Oracle RAC Node 1 and Oracle directory server instance 2 is active on Oracle RAC Node 2. Note that multiple Oracle directory server instances can be started on each node.
Oracle Directory Integration Platform instances are active on both nodes.
The Oracle directory replication server instance is active on one node only. If the node fails, then the OID Monitor on the surviving node pulls the Oracle directory replication server instance from the failed node and starts it on the surviving node.
The LDAP client applications can be configured to communicate with Oracle Internet Directory on different Oracle RAC nodes directly. Alternatively, the Oracle Internet Directory server instances can be front-ended by a LAN redirector to get a single system image of the Oracle RAC nodes.
When one Oracle RAC node is unavailable because of failure or maintenance purposes, Oracle Internet Directory running on the other Oracle RAC node is available. The LDAP clients connected to Oracle Internet Directory on the failed Oracle RAC node must reconnect.
This section discusses the various connection modes possible for Oracle directory server instances communicating with Oracle RAC database instances. These connection modes are transparent to the Oracle Internet Directory clients, and do not affect the way in which Oracle Internet Directory communicates with its clients.
This section contains these topics:
load_balance parameter in the
tnsnames.ora file is set to
ON, then Oracle Internet Directory connections to the Oracle Database are distributed to each Oracle Database node. During failover of any node, only connections to the failed node are redirected to the available Oracle Database nodes.
load_balance parameter is set to
off, then all the Oracle Internet Directory connections to the Oracle Database are to one Oracle Database node only.
During failover, all the connections are redirected to the available Oracle Database nodes.
At the time of connection to the Oracle Database by the Oracle directory servers, if the primary Oracle Database node is not available, then Oracle Internet Directory servers connect to the backup (that is, secondary) database.
To configure TAF, in the
tnsnames.ora file, add one of the following:
During any LDAP search operation, if the primary Oracle Database node fails, then the Oracle directory server transparently connects to the backup (that is, the secondary) Oracle Database node, and the current LDAP search operation continues.
This section shows configurations of the
tnsnames.ora files on two nodes.
db.us.acme.com= (description= (load_balance=off/on) /* only connect time load balancing & connection load balancing */ (failover=on) /* only connect time failover */ (address= (protocol=tcp) (host=db1) (port=1521)) (address= (protocol=tcp) (host=db2) (port=1521)) (connect_data= (service_name=db.us.acme.com) (failover_mode= (backup=db2.acme.com) (type=select) (method=preconnect)))) db2.acme.com= (description= (address= (protocol=tcp) (host=db2) (port=1521)) (connect_data= (service_name=db.us.acme.com) (instance_name=db2) (failover_mode= (backup=db2.acme.com) (type=select) (method=preconnect)) ))
db.us.acme.com= (description= (load_balance=off/on) /* only connect time load balancing & connection load balancing */ (failover=on) /* only connect time failover */ (address= (protocol=tcp) (host=db2) (port=1521)) (address= (protocol=tcp) (host=db1) (port=1521)) (connect_data= (service_name=db.us.acme.com) (failover_mode= (backup=db1.acme.com) (type=select) (method=preconnect)))) db1.acme.com= (description= (address= (protocol=tcp) (host=db1) (port=1521)) (connect_data= (service_name=db.us.acme.com) (instance_name=db2) (failover_mode= (backup=db2.acme.com) (type=select) (method=preconnect))))
Directory replication can be configured between two or more Oracle Internet Directory Oracle RAC nodes.
Each node in the directory replication group (DRG) is an Oracle Internet Directory Oracle RAC node.
Directory replication brings in geographic availability, and the Oracle Internet Directory Oracle RAC nodes in the DRG ensure local availability, manageability, and scalability.
In the event that the Oracle directory replication server fails, or if the node running it fails, the OID Monitor starts the replication server on another node in the Oracle RAC. For details on how OID Monitor monitors the Oracle Internet Directory processes, see Section 3.7.2, "OID Monitor Details".
If you change the
ODS password on one Oracle RAC node by using the OID Database Password Utility (
oidpasswd), then you must update the wallet
ORACLE_HOME/ldap/admin/oidpwdlldap1 on the other Oracle RAC nodes. Do this either by copying the changed wallet to all the nodes, or by invoking the OID Database Password Utility on all other nodes to update the wallet file only. This applies to the replication password changes also. Here the Replication Environment Management Tool is used instead of the OID Database Password Utility.
If you run the
oidpasswd command on one node only, and do not update the wallet on all the Oracle RAC nodes, the OC4J_SECURITY instance will not be able to start on the other nodes. You will see this error in the
[gsdsiConnect] ORA-1017, ORA-01017: invalid username/password; logon denied.
The fix is to copy the
oidpwdlldap1 file to the other Oracle RAC nodes.