LDAP

Schéma de base

Description

The idea is to re-use the two HAProxys as load balancer for the slapd servers. The same load balancer will be used for the management machines. The sssd deamon of the clients will be configured with 3 different URLs: * 1 DNS round robin * First HAProxy * Second HAProxy

By doing so we make sure that the sssd switches nicely between the different slapd services. Please note that the configuration of sssd should make sure that always one server is available (no offline mode possible).

We can use an additional slapd server as « fuse » in case of duplication trouble. This “fuse” sladp service has to run on one of the TOP hypervisors and will serve as source for all sladp services. Moreover, the slapd servers used by the sssd clients will be configured with a data base in memory as to increase their performance.

Only one slapd will be deployed per island, and only one “fuse” slapd will be deployed for the whole system.