Chapter 4. Monitoring the replication topology using the command line
To monitor the state of the directory data replication between suppliers, consumers, and hubs, you can use replication topology report that provides information on the replication progress, replica IDs, number of changes, and other parameters. To generate the report faster and make it more readable, you can configure your own credentials and aliases.
4.1. Displaying a replication topology report using the command line
To view overall information about the replication status for each agreement in your replication topology, you can display the replication topology report. To do so, use the dsconf replication monitor
command.
Prerequisites
- The host is a member of replication topology.
- You initialized the consumers.
Procedure
To view a replication topology report, enter:
#
dsconf -D "cn=Directory Manager" ldap://supplier.example.com replication monitor
The
dsconf
utility will request authentication credentials for each instance in the topology:Enter password for cn=Directory Manager on ldap://supplier.example.com:
password
Enter a bind DN for consumer.example.com:389:cn=Directory Manager
Enter a password for cn=Directory Manager on consumer.example.com:389:password
Supplier: server.example.com:389 -------------------------------- Replica Root: dc=example,dc=com Replica ID: 1 Replica Status: Online Max CSN: 5e3acb77001d00010000 Status For Agreement: "example-agreement" (consumer.example.com:1389) Replica Enabled: on Update In Progress: FALSE Last Update Start: 20211209122116Z Last Update End: 20211209122116Z Number Of Changes Sent: 1:21/0 Number Of Changes Skipped: None Last Update Status: Error (0) Replica acquired successfully: Incremental update succeeded Last Init Start: 20211209122111Z Last Init End: 20211209122114Z Last Init Status: Error (0) Total update succeeded Reap Active: 0 Replication Status: In Synchronization Replication Lag Time: 00:00:00 Supplier: consumer.example.com:1389 ----------------------------------- Replica Root: dc=example,dc=com Replica ID: 65535 Replica Status: Online Max CSN: 00000000000000000000
4.2. Setting credentials for replication monitoring in the .dsrc file
By default, the dsconf replication monitor
command asks for bind DNs and passwords when authenticating to remote instances. To generate the report faster and easier in the future, you can set the bind DNs, and optionally passwords, for each server in the topology in the user’s ~/.dsrc
file.
Prerequisites
- The host is a member of replication topology.
- You initialized the consumers.
Procedure
-
Optional: Create the
~/.dsrc
file. In the
~/.dsrc
file, set the bind DNs, and passwords. For example:[repl-monitor-connections] connection1 = server1.example.com:389:cn=Directory Manager:* connection2 = server2.example.com:389:cn=Directory Manager:[~/pwd.txt] connection3 = hub1.example.com:389:cn=Directory Manager:S3cret
This example uses connection1 to connection3 as keys for each entry. However, you can use any unique key.
When you run the
dsconf replication monitor
command, thedsconf
utility connects to all servers configured in replication agreements of the instance. If the utility finds the hostname in~/.dsrc
, it uses the defined credentials to authenticate to the remote server. In the example above,dsconf
uses the following credentials when connecting to a server:Hostname Bind DN Password setup method server1.example.com
cn=Directory Manager
Requests the password
server2.example.com
cn=Directory Manager
Reads the password from
~/pwd.txt
hub1.example.com
cn=Directory Manager
S3cret
Verification
-
Run the
dsconf replication monitor
command to see Ifdsconf
utility uses credentials configured in the~/.dsrc
file. For more information, see
Displaying a replication topology report using the command line.
Additional resources
4.3. Using aliases in the replication topology monitoring output
To make the report more readable, you can set your own aliases that will be displayed in the report output. By default, the replication monitoring report contains the hostnames of remote servers.
Prerequisites
- The host is a member of replication topology.
- You initialized the consumers.
Procedure
If you want to see aliases in the report, use one of the following methods:
Define the aliases in the
~/.dsrc
file:[repl-monitor-aliases] M1 = server1.example.com:389 M2 = server2.example.com:389
Define the aliases by passing the
-a alias=host_name:port
parameter to thedsconf replication monitor
command:#
dsconf -D "cn=Directory Manager" ldap://server.example.com replication monitor -a M1=server1.example.com:389 M2=server2.example.com:389
In both cases, the dsconf replication monitor
command displays the alias in the output:
... Supplier: M1 (server1.example.com:389) -------------------------------- Replica Root: dc=example,dc=com ... Supplier: M2 (server2.example.com:389) -------------------------------- Replica Root: dc=example,dc=com
Additional resources