Skip Navigation Links | |
Exit Print View | |
Oracle Directory Server Enterprise Edition Administration Guide 11g Release 1 (11.1.1.5.0) |
Part I Directory Server Administration
2. Directory Server Instances and Suffixes
3. Directory Server Configuration
6. Directory Server Access Control
7. Directory Server Password Policy
8. Directory Server Backup and Restore
9. Directory Server Groups, Roles, and CoS
10. Directory Server Replication
13. Directory Server Attribute Value Uniqueness
15. Directory Server Monitoring
Part II Directory Proxy Server Administration
16. Directory Proxy Server Tools
17. Directory Proxy Server Instances
19. Directory Proxy Server Certificates
20. Directory Proxy Server Load Balancing and Client Affinity
To Select a Load Balancing Algorithm
To Configure Weights for Load Balancing
Example Configurations for Load Balancing
To Configure the Proportional Algorithm for Load Balancing
To Configure the Saturation Algorithm for Load Balancing
To Configure the Operational Affinity Algorithm for Global Account Lockout
To Configure Operational Affinity Algorithm for Cache Optimization
To Configure the Failover Algorithm for Load Balancing
To Configure the Adaptive Failover Algorithm for Load Balancing
To Configure the Fastest Server Algorithm for Load Balancing
Configuring Directory Proxy Server To Perform Load Balancing
Example Configurations for Client Affinity
To Configure Client Affinity to Verify Each Write Operation With a Read Operation
To Configure Client Affinity for Client--Based Routing
To Configure Client Affinity for Connection-Based Routing
21. Directory Proxy Server Distribution
22. Directory Proxy Server Virtualization
23. Virtual Data Transformations
24. Connections Between Directory Proxy Server and Back-End LDAP Servers
25. Connections Between Clients and Directory Proxy Server
26. Directory Proxy Server Client Authentication
27. Directory Proxy Server Logging
28. Directory Proxy Server Monitoring and Alerts
Part III Directory Service Control Center Administration
For information about load balancing, see Load Balancing in Oracle Directory Server Enterprise Edition Reference. This section explains how to configure load balancing and provides sample configurations.
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
$ dpconf get-ldap-data-source-pool-prop -h host -p port pool-name
The default properties of an LDAP data source pool are as follows:
client-affinity-bind-dn-filters : any client-affinity-criteria : connection client-affinity-ip-address-filters : any client-affinity-policy : write-affinity-after-write client-affinity-timeout : 20s description : Example data source pool enable-client-affinity : false load-balancing-algorithm : proportional minimum-total-weight : 100 proportion : 100 sample-size : 100
By default, the load balancing algorithm is proportional.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:selected-algorithm
where selected-algorithm is one of the following:
failover
operational-affinity
proportional
saturation
adaptive failover
fastest server
For more information about the algorithms, see Introduction to Load Balancing in Oracle Directory Server Enterprise Edition Reference.
$ dpadm restart instance-path
For the failover, operational-affinity, proportional, saturation, and adaptive failover algorithms, configure the weights of an attached data source in relation to the weights of any other attached data sources in the data source pool. Consider the weights of all of your attached data sources. If a data source has a weight of disabled for a type of operation, requests of that type are never sent to that data source. If a data source has a weight of 0 (zero), no requests are distributed to that data source.
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
$ dpconf list-attached-ldap-data-sources -h host -p port pool-name
$ dpconf get-attached-ldap-data-source-prop pool-name \ attached-data-source-name
The properties of an attached data source define the weight for each type of operation. The default weights of an attached data source are as follows:
add-weight : disabled bind-weight : disabled compare-weight : disabled delete-weight : disabled modify-dn-weight : disabled modify-weight : disabled search-weight : disabled
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name \ attached-data-source-name add-weight:value \ bind-weight:value compare-weight:value delete-weight:value \ modify-dn-weight:value modify-weight:value search-weight:value
$ dpconf list-attached-ldap-data-sources -h host -p port -v pool-name
For example, a data source pool can contain data sources with the following weights:
$ dpconf list-attached-ldap-data-sources -h host1 -p 1389 -v myPool SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- DS-1 disabled 3 disabled disabled DS-2 2 2 2 2 DS-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- disabled disabled disabled 2 2 2 1 1 1
This section contains sample procedures for configuring each of the load balancing algorithms.
For a description of the proportional algorithm, see Proportional Algorithm for Load Balancing in Oracle Directory Server Enterprise Edition Reference.
In this example, the data source ds–1 is configured with twice the weight of the other two data sources.
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data Views.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:proportional
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-1 \ add-weight:2 bind-weight:2 compare-weight:2 delete-weight:2 modify-dn-weight:2 \ modify-weight:2 search-weight:2
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-2 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-3 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
$ dpconf list-attached-ldap-data-sources -h host -p port -v pool-name SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- ds-1 2 2 2 2 ds-2 1 1 1 1 ds-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- 2 2 2 1 1 1 1 1 1
$ dpadm restart instance-path
For a description of the saturation algorithm, see Saturation Algorithm for Load Balancing in Oracle Directory Server Enterprise Edition Reference.
In this example, the data source ds-1 performs the majority of bind operations but does not perform any other types of operations. The three data sources are configured with the following weights :
ds-1 is configured with weight 3 for bind operations and is disabled for all other types of operations.
ds-2 is configured with weight 2 for all operations.
ds-3 is configured with weight 1 for all operations.
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data Views.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:saturation
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-1 \ add-weight:disabled bind-weight:3 compare-weight:disabled delete-weight:disabled \ modify-dn-weight:disabled modify-weight:disabled search-weight:disabled
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-2 \ add-weight:2 bind-weight:2 compare-weight:2 delete-weight:2 modify-dn-weight:2 \ modify-weight:2 search-weight:2
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-3 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
$ dpconf list-attached-ldap-data-sources -h host -p port -v pool-name SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- ds-1 disabled 3 disabled disabled ds-2 2 2 2 2 ds-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- disabled disabled disabled 2 2 2 1 1 1
$ dpadm restart instance-path
For a description of this algorithm, Operational Affinity Algorithm for Global Account Lockout in Oracle Directory Server Enterprise Edition Reference.
This example has three data sources. The data source ds-1 is configured to receive all bind requests.
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data Views.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:operational-affinity
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-1 \ add-weight:1 bind-weight:100 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-2 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-3 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
$ dpconf list-attached-ldap-data-sources -h host -p port -v pool-name SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- ds-1 1 100 1 1 ds-2 1 1 1 1 ds-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- 1 1 1 1 1 1 1 1 1
$ dpadm restart instance-path
For a description of this algorithm, see Operational Affinity Algorithm for Cache Optimization in Oracle Directory Server Enterprise Edition Reference.
This example has three data sources. All search and compare operations are treated by the data source ds-1. When ds-1 responds to a request, the targeted entry is stored in the cache. If ds-1 responds repeatedly to the same request, the data source can use cached data.
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data Views.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:operational-affinity
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-1 \ add-weight:1 bind-weight:1 compare-weight:100 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:100
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-2 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-3 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
$ dpconf list-attached-ldap-data-sources -h host -p port -v pool-name SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- ds-1 1 1 100 1 ds-2 1 1 1 1 ds-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- 1 1 100 1 1 1 1 1 1
$ dpadm restart instance-path
For a description of the failover algorithm, see Failover Algorithm for Load Balancing in Oracle Directory Server Enterprise Edition Reference.
This example has three data sources. The data source ds-1 receives all requests. If ds-1 fails, ds-2 receives all requests until ds-1 recovers. If ds-2 fails before ds-1 recovers, ds-3 receives all requests.
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data Views.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:failover
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-1 \ add-weight:3 bind-weight:3 compare-weight:3 delete-weight:3 modify-dn-weight:3 \ modify-weight:3 search-weight:3
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-2 \ add-weight:2 bind-weight:2 compare-weight:2 delete-weight:2 modify-dn-weight:2 \ modify-weight:2 search-weight:2
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-3 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
$ dpconf list-attached-ldap-data-sources -h host -p port -v pool-name SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- ds-1 3 3 3 3 ds-2 2 2 2 2 ds-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- 3 3 3 2 2 2 1 1 1
$ dpadm restart instance-path
For a description of the adaptive failover algorithm, see Adaptive Failover Algorithm for Load Balancing in Oracle Directory Server Enterprise Edition Reference.
This example has three data sources. The data source ds-1 receives all requests. If ds-1 fails, requests are distributed between ds-2 and ds-3 until ds-1 recovers. If ds-2 or ds-3 fails before ds-1 recovers, the other one receives all the requests.
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data Views.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:adaptive-failover minimum-total-weight:3
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-1 \ add-weight:3 bind-weight:3 compare-weight:3 delete-weight:3 modify-dn-weight:3 \ modify-weight:3 search-weight:3
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-2 \ add-weight:2 bind-weight:2 compare-weight:2 delete-weight:2 modify-dn-weight:2 \ modify-weight:2 search-weight:2
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-3 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
$ dpconf list-attached-ldap-data-sources -h host -p port -v pool-name SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- ds-1 3 3 3 3 ds-2 2 2 2 2 ds-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- 3 3 3 2 2 2 1 1 1
$ dpadm restart instance-path
For a description of the fastest server algorithm, see Fastest Server Algorithm for Load Balancing in Oracle Directory Server Enterprise Edition Reference.
This algorithm doesn't use the data source weights the user configured. The data source weights are computed dynamically as a function of their response time.
You can use DSCC to perform this task. For information, see Fastest Server Algorithm for Load Balancing in Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1) Reference and the DSCC online help.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data ViewsCreating LDAP Data Views.
$ dpconf set-ldap-data-source-pool-prop -host host -p port pool-name \ load-balancing-algorithm:fastest-server proportion:100 sample-size:300
$ dpconf get-ldap-data-source-pool-prop -host host -p port pool-name \ load-balancing-algorithm proportion sample-size load-balancing-algorithm : fastest-server proportion : 100 sample-size : 300
$ dpadm restart instance-path
A simple case of load balancing consists of sending search and compare operations to one set of directories, and sending other operations to another set. Directory Proxy Server receives all client operations. The server must determine which set gets the reads, and which set gets the other operations.
The key stages in configuring Directory Proxy Server to handle this load balancing scenario are as follows.
Add directories as data sources for Directory Proxy Server.
Add the data sources to a data source pool.
Configure some of the data sources to accept search and compare, other data sources to accept add, bind, delete, modify, and modify DN operations.
Add the data source pool to a data view.
The following example involves Directory Proxy Server, listening on port 9389. The proxy is configured here to balance the load as described across one Directory Server instance, ds1:1389, handling search and compare operations, and another Directory Server instance, ds2:2389, handling other operations.
The first step creates the data sources, and enables the data sources. This step requires a proxy server restart.
$ dpconf create-ldap-data-source -p 9389 ds1 localhost:1389 $ dpconf create-ldap-data-source -p 9389 ds2 localhost:2389 $ dpconf set-ldap-data-source-prop -p 9389 ds1 is-enabled:true $ dpconf set-ldap-data-source-prop -p 9389 ds2 is-enabled:true $ dpadm restart /local/dps
The second step adds the data sources to a data source pool.
$ dpconf create-ldap-data-source-pool -p 9389 "Directory Pool" $ dpconf attach-ldap-data-source -p 9389 "Directory Pool" ds1 ds2
The third step configures ds1 to accept search and compare operations, ds2 to accept other operations.
$ dpconf set-attached-ldap-data-source-prop -p 9389 "Directory Pool" ds1 \ add-weight:disabled bind-weight:disabled compare-weight:1 delete-weight:disabled \ modify-dn-weight:disabled modify-weight:disabled search-weight:1 $ dpconf set-attached-ldap-data-source-prop -p 9389 "Directory Pool" ds2 \ add-weight:1 bind-weight:1 compare-weight:disabled delete-weight:1 \ modify-dn-weight:1 modify-weight:1 search-weight:disabled
The fourth step adds the data source pool to a data view, so that client application requests are routed to the pool.
$ dpconf create-ldap-data-view -p 9389 "Balanced View" "Directory Pool" \ dc=example,dc=com