Failover question

Mike Dopheide dopheide at ncsa.uiuc.edu
Fri Jul 14 13:34:08 EDT 2006


Here's what we do...

There's one master KDC and two slaves.  The master propagates it's 
database to the slaves every 5 minutes if there were any changes.  All of 
the servers have the same startup script that detects the existence of a 
file.  If said file exists, it starts the server as a master (with 
kadmind), otherwise it starts as a slave (without kadmind).

krb5.conf is configured with CNAMEs for the actual servers.

So, in the case of a failure:
1) Turn off the failed master.
2) Create the master indicating file on one of the slaves.
3) Restart services on the slave.
4) Change the master kerberos server CNAME to point to the new master.
5) Reconfigure propagation from the new master to the remaining slave.

After fixing the failed system we can bring it back up as a slave and put 
it back in the pool.

-Mike

> This is probably a stupid question but the docs I have been reading have forced
> me to ask. If the master goes down the slave should automatically pick up the
> authentication requests, correct?
>
> So far, from what I have read, it says that I need to copy the db over, stop the
> master, start a couple of services on the slave, the then bring up the slave to
> be able to answer requests.
>
> If this is the case, should I instead run two masters with one backing up the db
> to the other?
>
> Thanks for all the help,
>
> Jon
>
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>



More information about the Kerberos mailing list