Directory Services 7.4.3

Replication Synchronization Provider

The Replication Synchronization Provider provides multi-master replication of data across multiple directory server instances.

Parent

The Replication Synchronization Provider object inherits from Synchronization Provider.

Dependencies

Replication Synchronization Providers depend on the following objects:

Replication Synchronization Providers depend on the following objects:

Replication Synchronization Provider properties

You can use configuration expressions to set property values at startup time. For details, see Property value substitution.

Basic Properties Advanced Properties

bootstrap-replication-server
enabled
health-checks-enabled
heartbeat-interval
initialization-window-size
isolation-policy
key-manager-provider
log-changenumber
max-replication-delay-health-check
referrals-url
replication-purge-delay
source-address
ssl-cert-nickname
ssl-cipher-suite
ssl-protocol
trust-manager-provider

changetime-heartbeat-interval
connection-timeout
java-class
num-update-replay-threads
solve-conflicts
ssl-encryption

Basic properties

Use the --advanced option to access advanced properties.

bootstrap-replication-server

Synopsis

The addresses of one or more replication servers within the topology which this server should connect to in order to discover the rest of the topology.

Description

Addresses must be specified using the replication port of the remote replication servers using the syntax "hostname:repl-port". When using an IPv6 address as the hostname, put brackets around the address as in "[IPv6Address]:repl-port".

Default value

Adding a replication server or a replication domain requires this to be filled.

Allowed values

A host name or an IP address followed by a ":" and a port number.

Port number must be greater than 1 and less than 65535.

Multi-valued

Yes

Required

No

Admin action required

None

Advanced

No

Read-only

No

enabled

Synopsis

Indicates whether the Synchronization Provider is enabled for use.

Default value

None

Allowed values

true

false

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

No

Read-only

No

health-checks-enabled

Synopsis

Indicates whether the Replication Synchronization Providers health-checker is enabled.

Default value

true

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

heartbeat-interval

Synopsis

Specifies the heartbeat interval that the directory server will use when communicating with Replication Servers.

Description

The directory server expects a regular heartbeat coming from the Replication Server within the specified interval. If a heartbeat is not received within the interval, the Directory Server closes its connection and connects to another Replication Server.

Default value

1 m

Allowed values

Lower limit: 100 milliseconds.

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

initialization-window-size

Synopsis

Specifies the window size that this directory server may use when communicating with remote Directory Servers for initialization.

Default value

1000

Allowed values

An integer.

Lower limit: 0.

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

isolation-policy

Synopsis

Specifies the behavior of the directory server when writing to replicated data while none of the configured Replication Servers are available.

Default value

reject-all-updates

Allowed values

  • accept-all-updates: The server accepts updates even when it cannot send them to any Replication Server. When a Replication Server again becomes available, the server attempts to resend the updates. This does not guarantee that updates will be successfully resent. This mode can cause high replication latency.

  • reject-all-updates: Indicates that all updates attempted on this Replication Synchronization Provider are rejected when no Replication Server is available.

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

key-manager-provider

Synopsis

Specifies the name of the key manager that should be used with this Replication Synchronization Provider.

Default value

None

Allowed values

The name of an existing key-manager-provider.

The referenced key manager provider must be enabled.

Multi-valued

No

Required

Yes

Admin action required

None

Changes to this property take effect immediately, but only for subsequent attempts to access the key manager provider for associated client connections.

Advanced

No

Read-only

No

log-changenumber

Synopsis

Indicates if this server logs the ChangeNumber in access log.

Description

This boolean indicates if the domain should log the ChangeNumber of replicated operations in the access log.

Default value

false

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

max-replication-delay-health-check

Synopsis

The maximum replication delay for considering the Replication Synchronization Provider healthy.

Default value

5s

Allowed values

Lower limit: 1 milliseconds.

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

referrals-url

Synopsis

The URLs other LDAP servers should use to refer to the local server.

Description

URLs used by peer servers in the topology to refer to the local server through LDAP referrals. If this attribute is not defined, every URLs available to access this server will be used. If defined, only URLs specified here will be used.

Default value

None

Allowed values

A LDAP URL compliant with RFC 2255.

Multi-valued

Yes

Required

No

Admin action required

None

Advanced

No

Read-only

No

replication-purge-delay

Synopsis

Minimum lifetime of changelog data and old replication meta-data in directory entries. Changelog data and replication meta-data older than this setting is eligible to be removed.

Description

After the purge delay has passed, the server removes old changelog data over time when it applies new updates. Replication meta-data is stored in changed directory entries. The server removes old replication meta-data either when the entry is next modified, or by a dedicated purge task, whichever happens first. The server temporarily stops removing old data when it has been unable to process updates for an extended period of time. For example, the server stops removing data when the server is offline, and when it cannot access other servers due to a network partition. Once old data is removed, the server can no longer use it for replication. Changelog and replication meta-data older than the purge delay must therefore be considered stale. Backups must be newer than the purge delay, including the time it takes to restore a backup.

Default value

3 days

Allowed values

Lower limit: 0 seconds.

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

source-address

Synopsis

If specified, the server will bind to the address before connecting to the remote server.

Description

The address must be one assigned to an existing network interface.

Default value

Let the server decide.

Allowed values

A hostname or an IP address.

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

ssl-cert-nickname

Synopsis

Specifies the nicknames (also called the aliases) of the keys or key pairs that the Replication Synchronization Provider should use when performing SSL communication.

Description

The property can be used multiple times (referencing different nicknames) when server certificates with different public key algorithms are used in parallel (for example, RSA, DSA, and ECC-based algorithms). When a nickname refers to an asymmetric (public/private) key pair, the nickname for the public key certificate and associated private key entry must match exactly. A single nickname is used to retrieve both the public key and the private key. This is only applicable when the Replication Synchronization Provider is configured to use SSL.

Default value

Let the server decide.

Allowed values

A string.

Multi-valued

Yes

Required

No

Admin action required

Restart the server for changes to take effect.

Advanced

No

Read-only

No

ssl-cipher-suite

Synopsis

Specifies the names of the SSL cipher suites that are allowed for use in SSL or TLS communication.

Default value

Uses the default set of SSL cipher suites provided by the server’s JVM.

Allowed values

A string.

Multi-valued

Yes

Required

No

Admin action required

None

Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change.

Advanced

No

Read-only

No

ssl-protocol

Synopsis

Specifies the names of the SSL protocols that are allowed for use in SSL or TLS communication.

Default value

Uses the default set of SSL protocols provided by the server’s JVM.

Allowed values

A string.

Multi-valued

Yes

Required

No

Admin action required

None

Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change.

Advanced

No

Read-only

No

trust-manager-provider

Synopsis

Specifies the name of the trust manager that should be used with the Replication Synchronization Provider .

Default value

None

Allowed values

The name of an existing trust-manager-provider.

The referenced trust manager provider must be enabled.

Multi-valued

Yes

Required

Yes

Admin action required

None

Changes to this property take effect immediately, but only for subsequent attempts to access the trust manager provider for associated client connections.

Advanced

No

Read-only

No

Advanced properties

Use the --advanced option to access advanced properties.

changetime-heartbeat-interval

Synopsis

Specifies the heartbeat interval that the directory server will use when sending its local change time to the Replication Server.

Description

The directory server sends a regular heartbeat to the Replication within the specified interval. The heartbeat indicates the change time of the directory server to the Replication Server.

Default value

1000ms

Allowed values

Lower limit: 0 milliseconds.

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

connection-timeout

Synopsis

Specifies the timeout used when connecting to peers and when performing SSL negotiation.

Default value

5 seconds

Allowed values

Lower limit: 0 milliseconds.

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

java-class

Synopsis

Specifies the fully-qualified name of the Java class that provides the Replication Synchronization Provider implementation.

Default value

org.opends.server.replication.plugin.MultimasterReplication

Allowed values

A Java class that extends or implements:

  • org.opends.server.api.SynchronizationProvider

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

Yes

Read-only

No

num-update-replay-threads

Synopsis

Specifies the number of update replay threads.

Description

This value is the number of threads created for replaying every updates received for all the replication domains.

Default value

Let the server decide.

Allowed values

An integer.

Lower limit: 1.

Upper limit: 65535.

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

solve-conflicts

Synopsis

Indicates if this server solves conflict.

Description

This boolean indicates if this domain keeps the historical meta-data necessary to solve conflicts. When set to false the server will not maintain historical meta-data and will therefore not be able to solve conflict. This should therefore be done only if the replication is used in a single master type of deployment.

Default value

true

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

ssl-encryption

Synopsis

Specifies whether SSL/TLS is used to provide encrypted communication between two OpenDJ server components.

Default value

true

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change.

Advanced

Yes

Read-only

No