This section describes the replication failover scenarios.

Figure 42-1 shows a typical failover scenario.

Figure 42-1 Replication Failover Scenario

This scenario has the following features:

• Apple, Banana and Candy are multimaster replicas in the same DRG.

• Damson is a read-only fan-out replica of Banana. That is, it is a partial replica using one-way LDAP replication.

• Eggplant is an updatable fan-out replica of Banana. That is, it is a partial replica using two-way LDAP replication.

• If Banana goes down, replication between the multimaster DRG and its fan-out replicas is broken.

  An administrator can switch Eggplant and Damson to a new supplier, Candy.

This section describes the supported failover topology types supported by Oracle Internet Directory.

Only two failover topology types are supported:

• The consumer and new supplier are both connected to the old supplier with LDAP-based replication agreements. This is shown in Figure 42-2. Node 1 and Node 3 both have LDAP replication agreements with Node 2. Node 2 is the original supplier for Node 1. When Node 2 fails, you can fail over Node 1 to a new supplier, Node 3.

  Figure 42-2 Consumer and New Supplier Connected to Old Supplier by LDAP

  

• The consumer is connected to the old supplier with an LDAP-based agreement and the old supplier is in the same Advanced Replication group as the new supplier. This is shown in Figure 42-3. Node 2 and Node 3 are in the same Advanced Replication DRG. Node 2 is the original supplier for Node 4. When Node 4 fails, you can fail over Node 4 to a new supplier, Node 3.

  Figure 42-3 Old and New Suppliers in the Same Directory Replication Group

  

This section describes limitations and warnings related to the use of replication failover.

• As of Oracle Internet Directory 11g Release 1 (11.1.1.0.0), replication failover requires administrator intervention.

• Following failover, you must compare and reconcile the consumer with the new supplier.

• The new agreement must be of the same type and direction as the old agreement.

• Only two topology types are supported.

• When a supplier fails, its directly connected replica can only fail over to another directly connected replica of the failed supplier.

• The replication filtering policy for the agreement between the new supplier and old supplier must match that between the old supplier and consumer.

• In most cases, you should fail over the replica in a way that preserves the original replica type. In the case shown in Figure 42-4, node 2 is the old supplier for both node 1 and 3, and node 1 is read-only. When node 2 fails, you could, in theory, set up either node 1 or 3 as the new supplier node. Best practice, however, is to fail over node 1 so that node 3 is the supplier. This preserves node 1's original, read-only replica type.

  Figure 42-4 Failover Preserving Replica Type

  

• If the new agreement is a two-way agreement, after you compare and reconcile the consumer with its new supplier, you must also compare and reconcile all other replicas that are connected to the new supplier with the new supplier. For example, in Figure 42-5, Node 2 has a two-way agreement with Node 3. Node 3 is connected to another replica, Node 4. When Node 2 fails, you set up a two-way agreement between node 3 and node 1. After comparing and reconciling node 3 with node 1, you must also compare and reconcile Node 4 with node 3 to ensure that the replicas are synchronized.

  Figure 42-5 Compare and Reconcile All Connected Replicas

  

This section describes the two types of replication failover types supported by Oracle Internet Directory.

There are two types of replication failover. They are:

• Stateless

• Time-based

Use stateless failover when you are unable to plan for the failover in advance. Stateless replication failover makes no assumptions about the state of the replicas. You can fail over to a new supplier at any time. Stateless failover requires more work after failover to synchronize the nodes.

Use time-based failover for planned failover. Time-based failover results in less work after failover. However, it requires some setup ahead of time to ensure that the following assumptions are true at the time of failover:

• The nodes are mostly synchronized

• The new supplier has preserved its change logs so that complete synchronization can be achieved quickly.

Stop the Oracle directory replication servers on the new supplier, old supplier and consumer.

oidctl connect=connStr server=oidrepld instance=1 componentname=oidComponentName \
 flags="-h LdapHost -p LdapPort" stop

Break the old replication agreement between the old supplier and consumer and set up a new agreement between the new supplier and consumer.

remtool -pchgmaster [-v] [-bind consumer_host::port_number]

Obtain the last change number from the new supplier.

ldapsearch -h new_supplier_host -p port_number -b "" \
   -s base "objectclass=*" lastchangenumber

ldapsearch -h consumer_host -p port_number -b "" \
   -s base "objectclass=*" lastchangenumber

Use the Oracle Internet Directory Comparison and Reconciliation Tool to compare and reconcile the new supplier and consumer.

oidcmprec operation=reconcile \
   source=new_supplier_host:port \
   destination=consumer_host:port \
   base='""' scope=sub

oidcmprec operation=merge \
   source=new_supplier_host:port\
   destination=consumer_host:port/ \
   base='""' scope=sub

Modify the new agreement with the retrieved last applied number at the new supplier.

1. Create an LDIF file with the last change number you retrieved in "Saving Last Change Number".

   For a one-way agreement, it should look similar to this:

   dn: agreement_dn
   changetype: modify
   replace: orclLastAppliedChangeNumber;apply$new_supplier_host$consumer_host
    orclLastAppliedChangeNumber;apply$new_supplier_host$consumer_host: 
    last_change_number_retrieved.
   -
   replace: orclLastAppliedChangeNumber;transport$new_supplier_host$consumer_host
   orclLastAppliedChangeNumber;transport$new_supplier_host$consumer_host: 
    last_change_number_retrieved_from_new_supplier
   

   For a two-way agreement, it should look similar to this:

   dn: agreement_dn
   changetype: modify
   replace: orclLastAppliedChangeNumber;apply$new_supplier_host$consumer_host
   orclLastAppliedChangeNumber;apply$new_supplier_host$consumer_host: 
    last_change_number_retrieved_from_new_supplier
   -
   replace: orclLastAppliedChangeNumber;transport$new_supplier$consumer
   orclLastAppliedChangeNumber;transport$new_supplier$consumer: 
    last_change_number_retrieved_from_new_supplier	
   -
   replace: orclLastAppliedChangeNumber;apply$consumer_host$new_supplier_host
   orclLastAppliedChangeNumber;apply$consumer_host$new_supplier_host: 
    last_change_number_retrieved_from_consumer	
   -
   replace: orclLastAppliedChangeNumber;transport$consumer_host$new_supplier_host
   orclLastAppliedChangeNumber;transport$consumer_host$new_supplier_host:
    last_change_number_retrieved_from_consumer
   

2. Modify the agreement by using ldapmodify, as follows:

   ldapmodify -D "cn=orcladmin" -q -h host_name -p port_number -f LDIF_file
   

This section describes the procedure to clean up old agreement on old supplier by using the Replication Environment Management Tool.

remtool -pcleanup -agrmt [-v] [-bind consumer_host::port_number]	

This section describes the procedure to start the Oracle directory replication servers on the new supplier, the old supplier and the consumer.

oidctl connect=connStr server=oidrepld instance=1 \
   name=instance_name componentname=component_name \
   flags="-h LdapHost -p LdapPort" start

Configure the changelog purging configuration entry on the new supplier so that it preserves change logs for the desired period.

1. Create an LDIF file similar to this:

   dn: cn=changelog purgeconfig,cn=purgeconfig,cn=subconfigsubentry
   changetype:modify
   replace: orclpurgetargetage
   orclpurgetargetage: 24
   

2. Apply the LDIF file by typing:

   ldapmodify -D "cn=orcladmin" -q -p port -h host -f LDIF_file
   

Obtain the last change number from the new supplier.

ldapsearch -h new_supplier_host -p port_number -D cn=orcladmin -q \
   -b "" -s base "objectclass=*" lastchangenumber

Enable change log regeneration at the new supplier, as follows:

1. Create an LDIF file like this:

   dn: 
   changetype: modify
   replace: orcldiprepository
   orcldiprepository: TRUE
   

2. Apply the LDIF file by typing:

   ldapmodify -D "cn=orcladmin" -q -h host_name -p port_number -f LDIF_file

Wait for a period no greater than the value of orclpurgetargetage in the changelog purging configuration entry.

Stop the Oracle directory replication servers on the new supplier, old supplier and consumer.

oidctl connect=connStr server=oidrepld instance=1 \
 componentname=oidComponentName \
 flags="-h LdapHost -p LdapPort" stop

Break the old replication agreement between the old supplier and the consumer, then set up a new agreement between the new supplier and the consumer.

remtool -pchgmaster [-v] [-bind hostname:port_number]

This section describes the procedure to Modify the new agreement at the new supplier.

1. Create an LDIF file with the retrieved last applied change number, similar to this:

   dn: agreement_dn
   changetype: modify
   replace: orclLastAppliedChangeNumber
   orclLastAppliedChangeNumber: last_change_number_retrieved
   

2. Apply the LDIF file to the agreement by using ldapmodify:

   ldapmodify -D "cn=orcladmin" -q -h host_name -p port_number -f LDIF_file
   

You can clean up old agreement on old supplier node by using the Replication Environment Management Tool.

remtool -pcleanup -agrmt [-v] [-bind hostname:port_number]

This section describes the procedure to start the Oracle directory replication servers on the new supplier, the old supplier and the consumer.

oidctl connect=connStr server=oidrepld instance=1  \
 componentname=oidComponentName \
 flags="-h LdapHost -p LdapPort" start