| Oracle® Fusion Middleware Administrator's Guide for Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1.7.0) Part Number E28972-01 |
|
|
PDF · Mobi · ePub |
| Oracle® Fusion Middleware Administrator's Guide for Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1.7.0) Part Number E28972-01 |
|
|
PDF · Mobi · ePub |
For a description of load balancing and client affinity, see Chapter 16, Directory Proxy Server Load Balancing and Client Affinity, in the Reference for Oracle Directory Server Enterprise Edition. This chapter covers the following topics:
For information about load balancing, see Load Balancing in the Reference for Oracle Directory Server Enterprise Edition. This section explains how to configure load balancing and provides sample configurations.
You can use the web interface Directory Service Control Center (DSCC) to perform this task.
Obtain the current load balancing algorithm by viewing the properties of the LDAP data source pool.
$ dpconf get-ldap-data-source-pool-prop -h host -p port pool-name
The default properties of an LDAP data source pool are as follows:
client-affinity-bind-dn-filters : any client-affinity-criteria : connection client-affinity-ip-address-filters : any client-affinity-policy : write-affinity-after-write client-affinity-timeout : 20s description : Example data source pool enable-client-affinity : false load-balancing-algorithm : proportional minimum-total-weight : 100 proportion : 100 sample-size : 100
By default, the load balancing algorithm is proportional.
Configure the LDAP data source pool to use an algorithm.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:selected-algorithm
where selected-algorithm is one of the following:
failover
operational-affinity
proportional
saturation
adaptive failover
fastest server
For more information about the algorithms, see Introduction to Load Balancing in the Reference for Oracle Directory Server Enterprise Edition.
Restart the instance of Directory Proxy Server.
$ dpadm restart instance-path
For the failover, operational-affinity, proportional, saturation, and adaptive failover algorithms, configure the weights of an attached data source in relation to the weights of any other attached data sources in the data source pool. Consider the weights of all of your attached data sources. If a data source has a weight of disabled for a type of operation, requests of that type are never sent to that data source. If a data source has a weight of 0 (zero), no requests are distributed to that data source.
You can use the web interface Directory Service Control Center (DSCC) to perform this task.
View the list of data sources that are attached to the data source pool.
$ dpconf list-attached-ldap-data-sources -h host -p port pool-name
View the properties of one of the attached data sources.
$ dpconf get-attached-ldap-data-source-prop pool-name \ attached-data-source-name
The properties of an attached data source define the weight for each type of operation. The default weights of an attached data source are as follows:
add-weight : disabled bind-weight : disabled compare-weight : disabled delete-weight : disabled modify-dn-weight : disabled modify-weight : disabled search-weight : disabled
Configure the weights of one of the attached data sources.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name \ attached-data-source-name add-weight:value \ bind-weight:value compare-weight:value delete-weight:value \ modify-dn-weight:value modify-weight:value search-weight:value
Repeat View the properties of one of the attached data sources. and Configure the weights of one of the attached data sources. for the other attached data sources.
Compare the key parameters of the attached data sources.
$ dpconf list-attached-ldap-data-sources -h host -p port -v pool-name
For example, a data source pool can contain data sources with the following weights:
$ dpconf list-attached-ldap-data-sources -h host1 -p 1389 -v myPool SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- DS-1 disabled 3 disabled disabled DS-2 2 2 2 2 DS-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- disabled disabled disabled 2 2 2 1 1 1
This section contains sample procedures for configuring each of the load balancing algorithms.
For a description of the proportional algorithm, see Proportional Algorithm for Load Balancing in the Reference for Oracle Directory Server Enterprise Edition.
In this example, the data source ds-1 is configured with twice the weight of the other two data sources.
You can use the web interface Directory Service Control Center (DSCC) to perform this task.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data Views.
Configure the data source pool to use the proportional algorithm for load balancing.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:proportional
Configure the properties of the first data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-1 \ add-weight:2 bind-weight:2 compare-weight:2 delete-weight:2 modify-dn-weight:2 \ modify-weight:2 search-weight:2
Configure the properties of the second data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-2 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
Configure the properties of the third data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-3 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
Compare the key parameters of the attached data sources.
$ dpconf list-attached-ldap-data-sources -h host -p port -v pool-name SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- ds-1 2 2 2 2 ds-2 1 1 1 1 ds-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- 2 2 2 1 1 1 1 1 1
Restart the instance of Directory Proxy Server.
$ dpadm restart instance-path
For a description of the saturation algorithm, see Saturation Algorithm for Load Balancing in the Reference for Oracle Directory Server Enterprise Edition.
In this example, the data source ds-1 performs the majority of bind operations but does not perform any other types of operations. The three data sources are configured with the following weights:
ds-1 is configured with weight 3 for bind operations and is disabled for all other types of operations.
ds-2 is configured with weight 2 for all operations.
ds-3 is configured with weight 1 for all operations.
You can use the web interface Directory Service Control Center (DSCC) to perform this task.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data Views.
Configure the data source pool to use the saturation algorithm for load balancing.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:saturation
Configure the properties of the first data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-1 \ add-weight:disabled bind-weight:3 compare-weight:disabled delete-weight:disabled \ modify-dn-weight:disabled modify-weight:disabled search-weight:disabled
Configure the properties of the second data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-2 \ add-weight:2 bind-weight:2 compare-weight:2 delete-weight:2 modify-dn-weight:2 \ modify-weight:2 search-weight:2
Configure the properties of the third data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-3 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
Compare the key parameters of the attached data sources.
$ dpconf list-attached-ldap-data-sources -h host -p port -v pool-name SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- ds-1 disabled 3 disabled disabled ds-2 2 2 2 2 ds-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- disabled disabled disabled 2 2 2 1 1 1
Restart the instance of Directory Proxy Server.
$ dpadm restart instance-path
For a description of this algorithm, Operational Affinity Algorithm for Global Account Lockout in the Reference for Oracle Directory Server Enterprise Edition.
This example has three data sources. The data source ds-1 is configured to receive all bind requests.
You can use the web interface Directory Service Control Center (DSCC) to perform this task.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data Views.
Configure the data source pool to use the operational affinity algorithm.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:operational-affinity
Configure the properties of the first data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-1 \ add-weight:1 bind-weight:100 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
Configure the properties of the second data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-2 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
Configure the properties of the third data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-3 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
Compare the key parameters of the attached data sources.
$ dpconf list-attached-ldap-data-sources -h host -p port -v pool-name SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- ds-1 1 100 1 1 ds-2 1 1 1 1 ds-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- 1 1 1 1 1 1 1 1 1
Restart the instance of Directory Proxy Server.
$ dpadm restart instance-path
For a description of this algorithm, see Operational Affinity Algorithm for Cache Optimization in the Reference for Oracle Directory Server Enterprise Edition.
This example has three data sources. All search and compare operations are treated by the data source ds-1. When ds-1 responds to a request, the targeted entry is stored in the cache. If ds-1 responds repeatedly to the same request, the data source can use cached data.
You can use the web interface Directory Service Control Center (DSCC) to perform this task.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data Views.
Configure the data source pool to use the operational affinity algorithm.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:operational-affinity
Configure the properties of the first data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-1 \ add-weight:1 bind-weight:1 compare-weight:100 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:100
Configure the properties of the second data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-2 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
Configure the properties of the third data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-3 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
Compare the key parameters of the attached data sources.
$ dpconf list-attached-ldap-data-sources -h host -p port -v pool-name SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- ds-1 1 1 100 1 ds-2 1 1 1 1 ds-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- 1 1 100 1 1 1 1 1 1
Restart the instance of Directory Proxy Server.
$ dpadm restart instance-path
For a description of the failover algorithm, see Failover Algorithm for Load Balancing in the Reference for Oracle Directory Server Enterprise Edition.
This example has three data sources. The data source ds-1 receives all requests. If ds-1 fails, ds-2 receives all requests until ds-1 recovers. If ds-2 fails before ds-1 recovers, ds-3 receives all requests.
You can use the web interface Directory Service Control Center (DSCC) to perform this task.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data Views.
Configure the data source pool to use the failover algorithm for load balancing.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:failover
Configure the properties of the first data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-1 \ add-weight:3 bind-weight:3 compare-weight:3 delete-weight:3 modify-dn-weight:3 \ modify-weight:3 search-weight:3
Configure the properties of the second data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-2 \ add-weight:2 bind-weight:2 compare-weight:2 delete-weight:2 modify-dn-weight:2 \ modify-weight:2 search-weight:2
Configure the properties of the third data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-3 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
Compare the key parameters of the attached data sources.
$ dpconf list-attached-ldap-data-sources -h host -p port -v pool-name SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- ds-1 3 3 3 3 ds-2 2 2 2 2 ds-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- 3 3 3 2 2 2 1 1 1
Restart the instance of Directory Proxy Server.
$ dpadm restart instance-path
For a description of the adaptive failover algorithm, see Adaptive Failover Algorithm for Load Balancing in the Reference for Oracle Directory Server Enterprise Edition.
This example has three data sources. The data source ds-1 receives all requests. If ds-1 fails, requests are distributed between ds-2 and ds-3 until ds-1 recovers. If ds-2 or ds-3 fails before ds-1 recovers, the other one receives all the requests.
You can use the web interface Directory Service Control Center (DSCC) to perform this task.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data Views.
Configure the data source pool to use the adaptive failover algorithm for load balancing.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ load-balancing-algorithm:adaptive-failover minimum-total-weight:3
Configure the properties of the first data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-1 \ add-weight:3 bind-weight:3 compare-weight:3 delete-weight:3 modify-dn-weight:3 \ modify-weight:3 search-weight:3
Configure the properties of the second data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-2 \ add-weight:2 bind-weight:2 compare-weight:2 delete-weight:2 modify-dn-weight:2 \ modify-weight:2 search-weight:2
Configure the properties of the third data source.
$ dpconf set-attached-ldap-data-source-prop -h host -p port pool-name ds-3 \ add-weight:1 bind-weight:1 compare-weight:1 delete-weight:1 modify-dn-weight:1 \ modify-weight:1 search-weight:1
Compare the key parameters of the attached data sources.
$ dpconf list-attached-ldap-data-sources h host -p port -v pool-name SRC_NAME add-weight bind-weight compare-weight delete-weight -------- ---------- ----------- -------------- ------------- ds-1 3 3 3 3 ds-2 2 2 2 2 ds-3 1 1 1 1 modify-dn-weight modify-weight search-weight ---------------- ------------- ------------- 3 3 3 2 2 2 1 1 1
Restart the instance of Directory Proxy Server.
$ dpadm restart instance-path
For a description of the fastest server algorithm, see Fastest Server Algorithm for Load Balancing in the Reference for Oracle Directory Server Enterprise Edition.
This algorithm doesn't use the data source weights the user configured. The data source weights are computed dynamically as a function of their response time.
You can use DSCC to perform this task. For information, see Fastest Server Algorithm for Load Balancing in Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1) Reference and the DSCC online help.
Before You Begin
Ensure that you have a data source pool with at least three attached data sources. For information about how to create data sources and data source pools, see Creating LDAP Data ViewsCreating LDAP Data Views.
Configure the data source pool to use the fastest server algorithm for load balancing.
$ dpconf set-ldap-data-source-pool-prop -host host -p port pool-name \ load-balancing-algorithm:fastest-server proportion:100 sample-size:300
Verify that the values are correctly set.
$ dpconf get-ldap-data-source-pool-prop -host host -p port pool-name \ load-balancing-algorithm proportion sample-size load-balancing-algorithm : fastest-server proportion : 100 sample-size : 300
Restart the instance of Directory Proxy Server.
$ dpadm restart instance-path
A simple case of load balancing consists of sending search and compare operations to one set of directories, and sending other operations to another set. Directory Proxy Server receives all client operations. The server must determine which set gets the reads, and which set gets the other operations.
The key stages in configuring Directory Proxy Server to handle this load balancing scenario are as follows.
Add directories as data sources for Directory Proxy Server.
Add the data sources to a data source pool.
Configure some of the data sources to accept search and compare, other data sources to accept add, bind, delete, modify, and modify DN operations.
Add the data source pool to a data view.
The following example involves Directory Proxy Server, listening on port 9389. The proxy is configured here to balance the load as described across one Directory Server instance, ds1:1389, handling search and compare operations, and another Directory Server instance, ds2:2389, handling other operations.
The first step creates the data sources, and enables the data sources. This step requires a proxy server restart.
$ dpconf create-ldap-data-source -p 9389 ds1 localhost:1389 $ dpconf create-ldap-data-source -p 9389 ds2 localhost:2389 $ dpconf set-ldap-data-source-prop -p 9389 ds1 is-enabled:true $ dpconf set-ldap-data-source-prop -p 9389 ds2 is-enabled:true $ dpadm restart /local/dps
The second step adds the data sources to a data source pool.
$ dpconf create-ldap-data-source-pool -p 9389 "Directory Pool" $ dpconf attach-ldap-data-source -p 9389 "Directory Pool" ds1 ds2
The third step configures ds1 to accept search and compare operations, ds2 to accept other operations.
$ dpconf set-attached-ldap-data-source-prop -p 9389 "Directory Pool" ds1 \ add-weight:disabled bind-weight:disabled compare-weight:1 delete-weight:disabled \ modify-dn-weight:disabled modify-weight:disabled search-weight:1 $ dpconf set-attached-ldap-data-source-prop -p 9389 "Directory Pool" ds2 \ add-weight:1 bind-weight:1 compare-weight:disabled delete-weight:1 \ modify-dn-weight:1 modify-weight:1 search-weight:disabled
The fourth step adds the data source pool to a data view, so that client application requests are routed to the pool.
$ dpconf create-ldap-data-view -p 9389 "Balanced View" "Directory Pool" \ dc=example,dc=com
Client affinity reduces the risk of propagation delay in load-balanced deployments. For information about client affinity, see Client Affinity in the Reference for Oracle Directory Server Enterprise Edition. This section explains how to configure affinity between a client connection and a data source, and provides sample configurations.
This procedure describes how to configure affinity between a client connection and a data source.
You can use the web interface Directory Service Control Center (DSCC) to perform this task.
View the current load balancing algorithm by viewing the properties of the data source pool.
$ dpconf get-ldap-data-source-pool-prop -h host -p port pool-name
The default properties of a data source pool are as follows:
client-affinity-bind-dn-filters : any client-affinity-criteria : connection client-affinity-ip-address-filters : any client-affinity-policy : write-affinity-after-write client-affinity-timeout : 20s description : Example data source pool enable-client-affinity : false load-balancing-algorithm : proportional minimum-total-weight : 100 proportion : 100 sample-size : 100
These parameters configure client affinity: client-affinity-bind-dn-filters, client-affinity-criteria, client-affinity-ip-address-filters, client-affinity-policy, client-affinity-timeout, and enable-client-affinity. For a description of the properties and a list of their valid values, type:
dpconf help-properties ldap-data-source-pool client-affinity-bind-dn-filters \ client-affinity-criteria client-affinity-policy client-affinity-ip-address-filters\ client-affinity-timeout enable-client-affinity
For more information about the properties, see these man pages: client-affinity-bind-dn-filters, client-affinity-criteria, client-affinity-ip-address-filtersclient-affinity-policy, client-affinity-timeout, and enable-client-affinity.
Enable client affinity.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ enable-client-affinity:true
Select a policy for client affinity.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ client-affinity-policy:selected-policy
where selected-policy is one of the following:
write-affinity-after-writeAffinity for write requests after the first write request
read-write-affinity-after-writeAffinity for all requests after the first write request
read-write-affinity-after-anyAffinity for all requests after the first read request or write request
read-affinity-after-writeAffinity for the first read request after a write request
Configure the duration of the client affinity.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ client-affinity-timeout:time-out[unit]
The default unit for timeout is milliseconds.
The above setting is applicable to the only connection under consideration. It is not applicable to all the connections from a particular client.
This section contains example configurations related to client affinity, and includes examples for replication delay, verifying write operations, and connection-based routing.
This procedure configures client affinity for all read and write operations that occur up to three seconds after the first write operation.
You can use the web interface Directory Service Control Center (DSCC) to perform this task.
Configure the affinity parameters for the data source pool.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ client-affinity-policy:read-write-affinity-after-write client-affinity-timeout:3000 \ enable-client-affinity:true
This procedure configures client affinity for the first read operation after each write operation. The example could be for an application where a specified bind DN validates each write operation by performing a read operation.
You can use the web interface Directory Service Control Center (DSCC) to perform this task.
Configure the affinity parameters for the data source pool.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ client-affinity-policy:read-affinity-after-write enable-client-affinity:true
If an application makes an update using one connection from the pool but then uses a different connection to do the search for that entry, the affinity setting on the connection used to do the update is not used because the search is done from a different connection. The search operation could also be routed to a different server than where the update was performed. In this case, the affinity feature works only within the same client connection.
To resolve this, affinity should be defined at the client level such as an IP address or bind DN. When an update is made by a client, all the connections from that client follow the same affinity rule.
Specify the criteria to determine if the requests are coming from the same client.
dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ client-affinity-criteria:ip-address-and-bind-dn
For all the options, see client-affinity-criteria.
The server matches the bind DN as well as the IP address of the client requests, if the entries meet the criteria then they are from the same client.
Specify the regular expressions that the bind DN of the connection must match to consider that requests come from the same client.
dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ client-affinity-bind-dn-filters:"uid=boss*"
Specify the IPv4 or IPv6 address that the IP address of the connection must match to consider that requests come from the same client.
dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ client-affinity-ip-address-filters:129.157.192.108
In versions prior to Directory Proxy Server 6.0, one connection was opened between a client and an LDAP server. The same connection was used for all requests from the client until the connection was closed. This type of routing is called connection-based routing. This procedure describes how to configure client affinity for connection-based routing.
You can use the web interface Directory Service Control Center (DSCC) to perform this task.
Before You Begin
Ensure that all data sources are attached to the data source pool and that client-cred-mode is set to use-client-identity.
Configure the affinity parameters for the data source pool.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ client-affinity-policy:read-write-affinity-after-any enable-client-affinity:true
|
 Copyright © 2001, 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|