[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: if the commercial world wants serious multi-master facilities (was Re: Proposed LDUP Charter)

To: <ietf-ldup@xxxxxxx>, <capple@xxxxxxxxxxxxxxxxxxxxxx>, "'Ed Reed '" <ED_REED@xxxxxxxxxx>, <Alan.Lloyd@xxxxxxxxxxxxxxxxxxxx>
Subject: RE: if the commercial world wants serious multi-master facilities (was Re: Proposed LDUP Charter)
From: "Ed Reed" <ED_REED@xxxxxxxxxx>
Date: Mon, 28 Sep 1998 09:32:22 -0600
Sender: owner-ietf-ldup@xxxxxxx

One thing that is evident, is that "industry" is decidely schizophrenic when
it comes to agreeing on what "it" wants.

There are many, many deployment scenarios.  

Some emphasize rapid search
on arbitrary criteria, others on selected specific criteria.

Some emphasize lookup, not search, in order to read quickly a few bits
of configuration or profile information associated with an entry (like a name
service, or DNS does).

Some require transactional integrity among all potential writers / updaters of
information.  Others emphasize availability of reasonably quick updates, even
when they're unconnected to the rest of the replicated environment.

Some just want to automate the propagation of descriptive information about
users and administrators.  Others want to manage relationships while trying to
juggle some subset of all the other requirements.

I generally categorize back end, database-to-database replication services as
supporting transactional, or near transactional integrity facilities for the applications
(including LDAP or X.500 or whatever) which use those data stores.  This seems
particularly interesting in clustered configurations at large network operating 
centers, where high speed, high capacity, high availability, high transaction rate
services are offered, as for ISPs, national telcos and PTTs, etc.  That is an 
interesting part of the industry, but by no means all, nor probably even a large
fraction, of the directory market place.

I generally categorize distributed name services, including NDS,  as
serving a role in supporting authentication and authorization services in a 
distributed, decentralized enterprise, where centralized management of
the directory service and its topology is desired, but where distributed
administration of content requires delegation of non-operational authority
to users and secretaries, who create accounts, ACL groups and distribution
lists for themselves, to support their local work environments.  This is an interesting
fraction of the industry, represented by Apollo, Xerox, Digital, Banyan, Novell,
and (soon) Microsoft.

The industry representatives, both customers and vendors, that I work with
want these two broadly different categories of directory usage to play nice
with each other, to share information with each other, and to reach out to the
hundreds of other application specific repositories of user profiles that exist
in corporations, and to exchange information about changes to content
with each other.  

LDUP should facilitate that exchange of information, even among radically
different repositories, by standardizing on representing the location of replicas
of the directory, in the directory itself.  By providing a useful set of extensible
schema elements to document replica agreements, including specification of
how different transfer protocols are documented, and how policy elements
which one or both sides of a replication agreement values as important are
to be documented.

Mechanics of how changes are noted - at what granularity, are scheduled -
by what event or time mechanism, are expressed - with what information 
about the change, are all defined for a common understanding of what
change notifications mean.

Defining a mechanism which is able to support both single-master and
multi-master replication is only part of the whole story, as you point out.  It
will be encumbant on systems who perform transactional updates to not
slop over into loose consistency operations without intending to.  And it
is, as always, the responsibility of applications to choose their data stores
carefully, with requirements for consistency, latency, capacity, and availability
in mind.

Further thoughts...

Ed
>>> Alan Lloyd <Alan.Lloyd@xxxxxxxxxxxxxxxxxxxx> 09/26/1998 16:23:29 >>>
[snip]

b) With serious multi master mode, one needs serious engineering and
that is not a simple protocol. As said we can use the commercial DB
replicators that do very fast, robust replication below the X.500 level
of operations - as well as tools, DISP and LDIF. 
The point here is that if the commercial world wants serious multi
master facilities - I dont think LDAP the way it stands will do the job.
It has no robustness.

just thoughts and regards alan.



----------------------
Ed Reed, Technologist
Novell, Inc.
+1 801 861-3320

Prev by Date: RE: Proposed LDUP Charter
Next by Date: Fwd: WG Review:LDAP Duplication/Replication/Update Protocols (ldup)
Previous by thread: Proposed LDUP Charter
Next by thread: Fwd: WG Review:LDAP Duplication/Replication/Update Protocols (ldup)
Index(es):
- Date
- Thread