Обсуждение: HA for PostgreSQL (Auth-Server)
Hello *,
in my enterprise I have an Intranet-Server with NFSv4, Courier, Apache
and PostgreSQL and if this Server goes down, nothing will work anymore.
OK, I replicate the WHOLE server all 6 hours, but my PostgreSQL give me
a bunch of headache, becasue I use "pam-pgsql" for authentication.
What is the best practize to build the PgSQL in HA using a second/third
external server to keep authentication alive?
I am onging to put, the PostgregSQL on three or more Marvel MV78200 with
attached 4-port SAS controller (using three 74GByte SAS Drives in Raid-1
plus Hotfix) since the Intranet Database itself is only arround 13 GByte
Thanks, Greetings and nice Day/Evening
Michelle Konzack
--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
itsystems@tdnet France EURL itsystems@tdnet UG (limited liability)
Owner Michelle Konzack Owner Michelle Konzack
Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix
<http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/>
Jabber linux4michelle@jabber.ccc.de
ICQ #328449886
Linux-User #280138 with the Linux Counter, http://counter.li.org/
Вложения
On 24/06/10 17:27, Michelle Konzack wrote: > in my enterprise I have an Intranet-Server with NFSv4, Courier, Apache > and PostgreSQL and if this Server goes down, nothing will work anymore. > > OK, I replicate the WHOLE server all 6 hours, but my PostgreSQL give me > a bunch of headache, becasue I use "pam-pgsql" for authentication. Honestly, using PostgreSQL for authentication in this environment may not be optimal. PostgreSQL is good at complex queries with a solid read/write mix, where strong guarantees are required about concurrency, durability, etc. Its strong point isn't in distributed read-mostly use serving huge numbers of very simple queries. You might be better off chosing an LDAP server. LDAP is designed for extremely high rates of very simple queries - mostly single attribute reads and simple tree searches. It's designed to operate as a read-mostly system, where updates are infrequent. Most LDAP systems provide very strong replication options, and most LDAP clients can use multiple servers to service queries so they cope well when one of the servers goes down. > What is the best practize to build the PgSQL in HA using a second/third > external server to keep authentication alive? Look into replication options like Bucardo and Slony-I. But, really, you'll be much better off switching to using LDAP for this task. OpenLDAP is a pretty solid LDAP server these days, and I highly recommend it for use as an authentication database. By default it uses Berkeley DB as a backend, which is quite acceptable with newer versions of Berkeley DB that provide decent transactional behaviour and solid crash-safety. -- Craig Ringer
craig@postnewspapers.com.au (Craig Ringer) writes: > OpenLDAP is a pretty solid LDAP server these days, and I highly > recommend it for use as an authentication database. By default it uses > Berkeley DB as a backend, which is quite acceptable with newer versions > of Berkeley DB that provide decent transactional behaviour and solid > crash-safety. No disagreement there... I wonder, with the recent interesting results from performance comparisons between PostgreSQL and some of the key/value stores (e.g. - where PostgreSQL has ways to "win"), what the performance behaviour is, these days, for OpenLDAP backed by PostgreSQL. It's not actually terribly difficult to set that up (as long as you're not trying to use the "map some LDAP queries into relational ones" functionality of slapd-sql, which makes me want to poke out my eyes). At any rate, would be kinda cool to see numbers... -- (format nil "~S@~S" "cbbrowne" "acm.org") http://www3.sympatico.ca/cbbrowne/unix.html In case you weren't aware, "ad homineum" is not latin for "the user of this technique is a fine debater." -- Thomas F. Burdick