Example 1: A Directory-Enabled finger Service

Understanding and Deploying LDAP Directory Services > 16. Backups and Disaster Recovery > Directory-Specific Issues in Disaster Recovery

<  BACK CONTINUE  >
153021169001182127177100019128036004029190136140232051053054012004127032226122041186249

Directory-Specific Issues in Disaster Recovery

A cold-site disaster recovery plan for a directory is much like that for the other critical data repositories you might use. The recovery procedures are, for the most part, like recovering a database. If you use a cold site, directory server software must be installed on the replacement machines, and backup tapes containing the directory data must be restored.

With hot-site disaster recovery, however, directory replication offers unique opportunities to improve recovery time significantly. By using directory replication to maintain the hot standby servers, your directory can be made available much more quickly. For example, if you use directory replication to maintain hot standby replicas, no recovery at all is necessary; because the replicas are always updated, they are ready to take over at a moment's notice.

This does not mean, however, that it's impossible to lose transactions when using replication. It's certainly possible that a server at the primary site could be destroyed before it has a chance to transmit all its replication updates to its peers. This is especially true if replication is performed infrequently because directory replication is loosely consistent, as discussed in Chapter 10, "Replication Design." If this is a serious issue for your application, you should configure your directory software to always transmit replication updates immediately.

One issue that arises with replication is the reassignment of master servers. Directory server software that supports only single-master replication requires additional steps to recover from the destruction of the master server. In such a case, another server must be configured to be the updatable master and to supply updates to the backup servers at the alternate site. The recovery plan must be modified to include time for these steps if necessary.

Another issue to consider is the distributed nature of directories. Recall that a single directory tree can be spread across a number of servers, each holding a portion of the tree. To provide a backup set of servers, either at a cold or hot site, you need to either provide equivalent computing power (number of servers, speed of CPUs, and so on) or make a conscious decision that the standby site will be limited in some fashion.

For example, at your primary site your directory may be divided into three partitions, each residing on a separate server. The backup site, however, might have all three partitions on the same server. Although the backup site would have less capacity than the primary site, you might choose this approach to limit costs. Reduced capacity may be perfectly acceptable anyway, especially if you can reduce the load on the directory by shutting down less important directory-enabled applications while the backup site is in operation. However, the backup site must at least meet some minimum performance requirements for it to be useful at all.

You can, of course, install additional replicas at the backup site after disaster recovery commences. This would reduce the amount of replication update traffic that must flow from your primary site to your backup site under normal conditions. For example, if your primary site consists of three directory partitions replicated three times each (a total of nine servers), a complete hot standby site would also have nine servers. Maintaining the backup replicas might significantly increase the workload of the servers at the primary site, however. If you instead maintained a single server at the hot site that held all three partitions, replication update traffic to the remote site would be significantly reduced. Additional replicas could be rebuilt from the single server at the hot site in the event of a disaster at the primary site. This might be considered a hybrid hot/cold site approach: The online replica at the remote site is hot and the other servers are cold, put into service only if a disaster occurs (see Figure 16.5).

Figure 16.5 A hybrid hot/cold strategy.


Understanding and Deploying LDAP Directory Services,  2002 New Riders Publishing
<  BACK CONTINUE  >

Index terms contained in this section

cold sites
          disaster recovery plans
directories
         disaster recovery
                    cold sites
                    hot sites 2nd
         software
                    cold-site disaster recovery
disaster recovery
          cold sites
          hot sites 2nd
distributed directories
          disaster recovery replication 2nd 3rd 4th
hot sites
          disaster recovery plans 2nd
master servers
          reassigning
                    disaster recovery replication
planning
         disaster recovery
                    cold sites
                    hot sites 2nd
reassigning
         master servers
                    disaster recovery replication
recovery plans
          cold sites
          hot sites 2nd
replication
         disaster recovery
                    distributed directories 2nd 3rd 4th
                    hot sites 2nd
servers
         master
                    replication reassignment
software
         directory
                    cold-site disaster recovery

2002, O'Reilly & Associates, Inc.



Understanding and Deploying LDAP Directory Services
Understanding and Deploying LDAP Directory Services (2nd Edition)
ISBN: 0672323168
EAN: 2147483647
Year: 1997
Pages: 245

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net