To Configure the User Data Stores Load Balancer

1. Create a Pool.

   A pool contains all the backend server instances.

   1. Go to URL for the Big IP load balancer login page.

   2. Open the Configuration Utility.

      Click “Configure your BIG-IP (R) using the Configuration Utility.”

   3. In the left pane, click Pools.

   4. On the Pools tab, click the Add button.

   5. In the Add Pool dialog, provide the following information:

      Pool Name

      Example: DirectoryServer-UserData-Pool

      Load Balancing Method

      Round Robin

      Resources

      Add the IP address of both Directory Server hosts. In this case, add the IP address and port number for DirectoryServer-1:1489 and for DirectoryServer-2:1489.

   6. Click the Done button.

2. Add a Virtual Server.

   If you encounter Javascript errors or otherwise cannot proceed to create a virtual server, try using Microsoft Internet Explorer for this step.

   1. In the left frame, Click Virtual Servers.

   2. On the Virtual Servers tab, click the Add button.

   3. In the Add a Virtual Server dialog box, provide the following information:

      Address

      xxx.xx.69.14 (for LoadBalancer-2.example.com)

      Service

      489

      Pool

      DirectoryServer-UserData-Pool

   4. Continue to click Next until you reach the Pool Selection dialog box.

   5. In the Pool Selection dialog box, assign the Pool (DirectoryServer-POOL) that you have just created.

   6. Click the Done button.

3. Add Monitors

   Monitors are required for the load balancer to detect the backend server failures.

   1. In the left frame, click Monitors.

   2. Click the Basic Associations tab.

   3. Add an LDAP monitor for the Directory Server 1 node.

      Three columns exist on this page: Node, Node Address, and Service. In the Node column, locate the IP address and port number DirectoryServer-1:1489 . Select the Add checkbox.

   4. Add an LDAP monitor for the Directory Server 2 node.

      In the Node column, locate the IP address and port number for DirectoryServer–2:1489. Select the Add checkbox.

   5. At the top of the Node column, in the drop-down list, choose ldap-tcp.

   6. Click Apply.

4. Configure the load balancer for persistence.

   1. In the left frame, click Pools.

   2. Click the name of the pool you want to configure.

      In this example, DirectoryServer-UserData-Pool.

   3. Click the Persistence tab.

   4. On the Persistence tab, under Persistence Type, select None.

   5. Click Apply.

5. Verify the Directory Server load balancer configuration.

   1. Log in as a root user to the host of each Directory Server.

   2. On each Directory Server host, use the tail command to monitor the Directory Server access log.

      # cd /var/opt/mps/serverroot/slapd-am-users/logs

      # tail -f access

      You should see connections to the load balancer IP address opening and closing. Example:

      [12/Oct/2006:13:10:20-0700] conn=54 op=-1 msgId=-1 — 
      fd=22 slot=22 LDAP connection from xxx.xx.69.18 to xxx.xx.72.33

      [12/Oct/2006:13:10:20-0700] conn=54 op=-1 msgId=-1 — closing — B1

      [12/Oct/2006:13:10:20-0700] conn=54 op=-1 msgId=-1 — closed.

   3. Execute the following LDAP search against the Directory Server load balancer:

      # cd /var/opt/mps/serverroot/shared/bin/ # ./ldapsearch -h LoadBalancer-2.example.com -p 1489 -b "dc=company,dc=com" -D "cn=directory manager" -w d1rm4n4ger "(objectclass=*)"

      The ldapsearch operation should return entries. Make sure the directory access entries display in only one Directory Server access log.

   4. Stop Directory Server 1, and again perform the following LDAP search against the Directory Server load balancer:

      # cd /var/opt/mps/serverroot/slapd-am-config # ./stop # cd /var/opt/mps/serverroot/shared/bin/ # ./ldapsearch -h LoadBalancer-2.example.com -p 1489 -b "dc=company,dc=com" -D "cn=directory manager" -w d1rm4n4ger "(objectclass=*)"

      The ldapsearch operation should return entries. Verify that the Directory Server access entries display in only one Directory Server access log.

      You may encounter the following error message:

      ldap_simple_bind: Cant' connect to the LDAP 
      server — Connection refused

      In the Load Balancer configuration page, reset the timeout properties to lower values.

      • Click the Monitors tab, and click the ldap-tcp monitor name.

      • In the Interval field, set the value to 5.

      • In the Timeout field, set the value to 16.

        The default is 16 seconds. You can change this number to any value. In this deployment example, the BigIP documentation recommends the value should be at least three times the interval number of seconds plus one second.

      • Click Apply.

      Repeat the LDAP search.

   5. Restart the stopped Directory Server 1, and then stop Directory Server 2.

      Confirm that the requests are forwarded to the running Directory Server 1.

   6. Perform the following LDAP search against the Directory Server load balancer.

      # cd /var/opt/mps/serverroot/shared/bin/ # ./ldapsearch -h LoadBalancer-2.example.com -p 1489 -b "dc=company,dc=com" -D "cn=Directory Manager" - w d1rm4n4ger "(objectclass=*)"

      The ldapsearch operation should return entries. Make sure the directory access entries display in only the one Directory Server access log.