Work in progress
This site is in the process of being reviewed and updated.
Introduction
Mitosis is the replication system built inside Apache Directory Server. It's a Multi-Master replication system.
Sources of Information
There are multiple sources of information that should be considered when researching MMR for LDAP:
- ACM & IEEE papers on MMR in general
- How other existing MMR implementations work (LDAP and non-LDAP)
- X.500, RFCs and IETF Drafts
- Analysis of conflict scenarios
- User feedback on existing Mitosis implementation
RFC Related to Replication
LDAP RFCs Can Be Trusted
IETF RFC are definitive sources of information unlike drafts which have errors and gross conflicts/misunderstandings WRT LDAP and X.500.
LDAPv3 Content Synchronization Operation (RFC 4533)
This specification describes the Lightweight Directory Access Protocol (LDAP) Content Synchronization Operation. The operation allows a client to maintain a copy of a fragment of the Directory Information Tree (DIT). It supports both polling for changes and listening for changes. The operation is defined as an extension of the LDAP Search Operation.
LDAPv3 Replication Requirements (RFC 3384)
This document discusses the fundamental requirements for replication of data accessible via the Lightweight Directory Access Protocol (version 3) (LDAPv3). It is intended to be a gathering place for general replication requirements needed to provide interoperability between informational directories.
Comments:
- Alex Karasulu Put em here!
LDAP entryUUID Operational Attribute (RFC 4530)
This document describes the LDAP/X.500 'entryUUID' operational attribute and associated matching rules and syntax. The attribute holds a server-assigned Universally Unique Identifier (UUID) for the object. Directory clients may use this attribute to distinguish objects identified by a distinguished name or to locate an object after renaming.
Comments:
- Alex Karasulu Put em here!
IETF Drafts Related to Replication
Drafts Are Not To Be Trusted
Most draft specifications contain serious conflicts with LDAP and X.500 concepts. Several gross misunderstandings of the protocol are evident. While reading drafts to consider some potential ideas on replication please keep this in mind and validate the concepts found in them against LDAP RFC and X.500 specifications.
LDAP Multi-Master Replication Protocol
This paper defines a multi-master, incremental replication protocol using the LDAP protocol [LDAPv3]. This protocol uses and builds upon previous LDAP support protocols, namely the changelog [change] and LDIF [LDIF] protocols. It defines the use of two types of transport protocols for replication data, and specifies the schema that must be supported by a server that wishes to participate in replication activities using this protocol. In addition, it specifies a conflict resolution mechanism for integrating updates from multiple servers.
Comments:
- Alex Karasulu Did not make it very far
- Alex Karasulu Old failed RFC (1997)
- Alex Karasulu Does not consider the use of subentries in LDAP which appeared in December 2003
Mandatory LDAP Replica Management
The goal of standards for LDAP replication is to allow interoperable replication among products from many different vendors. Defining the mechanism to move data among replicas is a necessary part of this work, but management of the replicated environment must also be standardized for replication to be truly interoperable. This document presents the replication management functions that must be performed. Whenever possible, these functions are defined in terms of existing LDAP functionality using existing LDAP operations and existing data definitions. In some cases, changes or additions to the existing model are required, and specifications for these changes are included in this document.
Comments:
- Alex Karasulu Put em here!
General Usage Profile for LDAPv3 Replication
Support for replication in LDAP directory systems is often one of the key factors in the decision to deploy them. But replication brings design constraints along with its benefits. We discuss some of the factors that should be taken into consideration when designing a replicated directory system. Both programming and architectural/operational concerns are addressed and both single- and multi-master directories are considered.
Comments:
- Alex Karasulu Put em here!
The LDUP Replication Update Protocol
The protocol described in this document is designed to allow one LDAP server to replicate its directory content to another LDAP server. The protocol is designed to be used in a replication configuration where multiple updateable servers are present. Provisions are made in the protocol to carry information that allows the server receiving updates to apply a total ordering to all updates in the replicated system. This total ordering allows all replicas to correctly resolve conflicts that arise when LDAP clients submit changes to different servers that later replicate to one another. All protocol elements described here are LDAPv3 extended operations and controls. LDAPv3 is described in RFC 2251 [LDAPv3]. Some LDAPv3 extended operations and controls described here are LDAPv3 extended operations used to group related operations. The protocol elements used for grouping are described in LDAPv3: Grouping of Related Operations [GROUPING|http://tools.ietf.org/html/draft-ietf-ldup-protocol-05#ref-GROUPING]. Certain terms used in this document are defined in the document "LDAP Replication Architecture" [ARCHITECTURE|http://tools.ietf.org/html/draft-ietf-ldup-protocol-05#ref-ARCHITECTURE].
Comments:
- Alex Karasulu Put em here!
LDAP Subentry Schema
This document describes an administrative model for LDAP, and an object class called ldapSubEntry and a control ldapSubentriesControl (to control the visibility of entries of type ldapSubEntry) that are to be used by directory servers claiming support for the administrative model defined here.
Comments:
- Alex Karasulu This draft grossly violates X.500 rules regarding subentries by suggesting they can contain subordinate entries (for replication agreements)
LDUP Replication Information Model
[LDUP Model] describes the architectural approach to replication of LDAP directory contents. This document describes the information model and schema elements which support LDAP Replication Services which conform to [LDUP Model]. Directory schema is extended to provide object classes, subentries, and attributes to describe areas of the namespace which are under common administrative authority, units of replication (i.e., subtrees, or partitions of the namespace, which are replicated), servers which hold replicas of various types for the various partitions of the namespace, which namespaces are held on given servers, and the progress of various namespace management and replication operations. Among other things, this knowledge of where directory content is located will provide the basis for dynamic generation of LDAP referrals for clients who can follow them. The controlling framework by which the relationships, types, and health of replicas of the directory content will be defined so that, as much as possible, directory content is itself used to monitor and control the environment. Security information, including access control policy identifiers and information will be treated as directory content by the replication protocols when specified by the LDAPEXT group. The information model will describe required and optional house- keeping duties for compliant systems to implement, such as garbage collection of deleted objects, reconciliation of moved and renamed objects, update sequencing and transaction bracketing of changes, etc.
Comments:
- Alex Karasulu Again all these LDUP drafts if I recall correctly make some presumptions about subentries that violate X.500 standards. I will confirm for sure as I make another pass through these drafts and update my comments.
LDUP Update Reconciliation Procedures
This document describes the procedures used by Lightweight Directory Access Protocol (LDAP) directory servers or X.500 directory servers to reconcile updates performed by autonomously operating directory servers in a distributed, replicated directory service, using the LDAP Duplication/Replication/Update protocols.
Comments:
- Alex Karasulu Put em here!
[]
Comments:
- Alex Karasulu Put em here!
[]
Comments:
- Alex Karasulu Put em here!
Lightweight Directory Access Protocol (LDAP) Client Update Protocol (LCUP)
Lightweight Directory Access Protocol (LDAP) Bulk Update/Replication Protocol (LBURP)
I-Ds List Working Group, LDAP Duplication/Replication/Update Protocols (ldup)
Other documents are articles about replication :
LDAP Duplication/Replication/Update Protocols (ldup)
LDAP Replication Draft Analysis and Design Document
Designating and Implementing Asynchronous Collaborative Applications with Bayou
General doctuments and specification about MMR :
Wikipedia link on Multi-master replication
Challenges Involved in Multimaster Replication
Active Directory infos about MMR
Oracle document about MMR
Active Directory replication model
eDirectory Synchronization and Background Processes
Paper by Kurt Zeilenga, and refutations:
MMR considered harmful
Read Only replicas considered harmful
Serial numbers and MMR
Is MMR really harmful?
There are some drafts called Mitosis Functionnal Abstract where some thoughts have been collected.
Configuration guide
TO BE WRITTEN
Developper guide
Every information about developpement can be found here : Mitosis Development Guide..