In this post, we will discuss how we can implement high availability in Oracle Unified Directory. Oracle Unified Directory is the next generation LDAP v3 compliant directory service provider. It can act as a directory server, proxy server and replication gateway between Oracle Unified Directory server and Oracle Directory Server Enterprise Edition (ODSSE). To get an overview about this product, check out my previous post here: http://trainings.k21technologies.com/oracle-unified-directory-at-a-glance/
In Oracle Unified Directory, there are broadly three ways of implementing high availability:
Here it is assumed that the readers are familiar with the basic concepts of high availability, disaster recovery, replication etc. In next sections, we will see what Oracle Unified Directory offers to make the solution more reliable.
When used in replicated mode, Oracle Unified Directory follows multi-master replication model. The model consists of two or more directory servers active across same or different geographical locations. All the servers are capable of processing read and write operations. This is performed over publish-subscribe architecture. When there is any change in one of the nodes, the changes are published to the other nodes in the topology. Usually the server that publishes the changes to others is called the replication server and the service it provides is termed as replication service.
The directory servers are connected to the replication servers which are interconnected. The changes are sent to the replication servers by directory servers where they are forwarded to other connected replication servers. Modify conflicts as well as Naming conflicts are resolved with the help of change records.
Following figure shows the basic replication architecture.
OUD also supports multiple data center topology as shown in the following figure.
Oracle Unified Directory can be installed in proxy mode where OUD acts as proxy server between clients and directory servers. The proxy server does not hold any directory data but rather forwards the requests coming from clients to the appropriate directory servers with network connection management.
In order to implement high availability, OUD proxy server can be used in following modes
The proxy server routes the requests to remote replicated directory servers (both contain the same data) based on some algorithm defined during deployment
The directory data is partitioned into multiple partitions, distributed across multiple directory servers. Each partition is held on a separate directory server. The proxy server takes care of forwarding the requests to remote directory server which hold the appropriate partition data.
In this mode, basically the load balancer, data centers and directory servers are all replicated. If one load balancer or data center goes down, the failover load balancer routes the traffic to replicated data centers.
In this deployment, the data is distributed using load balancing. The data is partitioned and replicated across remote directory servers. The proxy server identifies the appropriate partition based on the incoming requests, forwards them to the load balancer where they are routed to the directory servers based on the algorithm used.
Here the data is split into partitions across multiple directory servers. Each directory server is managed through a failover load balancing route. Each directory server in a data center as well as the data centers themselves are replicated and are managed by active load balancer and failover load balancer.
The replication gateway is responsible for the transfer of data between Oracle Directory Server Enterprise Edition (ODSEE) and Oracle Unified Directory. The main purpose of this deployment is to migrate the ODSEE data to OUD.
When deployed in replication gateway mode, Oracle Unified Directory acts as a two-way forwarding server. It forwards changes from Oracle Directory Server Enterprise Edition servers to Oracle Unified Directory and vice versa.
In this post, we saw the various ways in which high availability can be deployed with Oracle Unified Directory to recover from system failures and maintain service level agreement.
Ganesh Kamble works as Oracle Fusion Middleware Consultant and is an Oracle Certified Specialist in Access Management. Having started his career in product development at Oracle, Ganesh got excellent exposure to the middleware technologies during his work in integration of Tier-1 banking product Oracle Banking Platform with Oracle Fusion Middleware products. He was honored with Outstanding Contribution award by Oracle.
His key areas of interest are Oracle Identity and Access Management, Oracle Service Oriented Architecture and Java with passion for blogging on various encounters with Oracle products. He publishes blogs regularly on http://k21technologies.com/blog/. He can be reached at firstname.lastname@example.org and http://twitter.com/ganeshk_8