Zimbra is a email / collaboration suite that is typically deployed in a cluster or clusters of dedicated servers which fill roles like LDAP master, LDAP replica, Proxy, MTA, Mailstore, etc.
The LDAP servers are used by all the other servers to store configuration and provisioning data. Servers in the cluster understand where to find the LDAP master (read/write) and LDAP replicas (read only) though values defined in
There are 2 values relevant to LDAP server lists and they have values like this:
ldap_master_url = "ldap://zimbra-ldap-master-01" ldap_url = "ldap://zimbra-ldap-01 ldap://zimbra-ldap-02 ldap://zimbra-ldap-master-01"
That should be easy enough to construct based on group memberships, right? Unfortunately there is a bit of complexity lurking here. LDAP replica servers should always list themselves first in the
ldap_url, and the
ldap_url should end with an LDAP master. LDAP master servers should always list themselves first in
This is what I came up with.
The result is 2 fact variables for each host:
zimbra_ldap_master_url. Those facts can later be applied with the
zmlocalconfig command. (I wrote a Ansible module to do that as well. Maybe I will be able to post that at some point.)
--- # file: roles/zimbra/tasks/zimbra-define-ldap-urls.yml # Just set facts: zimbra_ldap_master_url, zimbra_ldap_url # ldap_master_url and ldap_url are used by all zimbra servers, # but zimbra LDAP servers need to always be first in their own list #------------------------ # LDAP Master URL # If I am an LDAP master, I should be first value. Everything else shuffled. - name: Shuffled list of LDAP masters other than me set_fact: ldap_master_sans_me: "" - name: Define LDAP Master URL for Masters set_fact: zimbra_ldap_master_url: 'ldap://' when: '"zimbra-ldap-master" in group_names' - name: Define LDAP Master URL for Non-masters set_fact: zimbra_ldap_master_url: 'ldap://' when: '"zimbra-ldap-master" not in group_names' #------------------------ # LDAP URL # If I am an LDAP server, I should be first value. Everything else shuffled, and masters should come last. - name: Shuffled list of LDAP replicas other than me set_fact: ldap_replica_sans_me: "" - name: Define LDAP URL for LDAP replicas set_fact: zimbra_ldap_url: 'ldap:// ' when: '"zimbra-ldap-replica" in group_names' - name: Define LDAP URL for LDAP masters set_fact: zimbra_ldap_url: 'ldap://' when: '"zimbra-ldap-master" in group_names' - name: Define LDAP URL for non-LDAP servers set_fact: zimbra_ldap_url: 'ldap:// ' when: '"zimbra-ldap" not in group_names'
- 09 May 2019 » Playbook to replace bootstrap.kubeconfig and node certificates on OpenShift 3.10 3.11
- 19 Feb 2019 » Downgrade Etcd 3.3.11 to 3.2.22 for OpenShift Compatibility
- 08 Feb 2019 » Migration of Etcd to Masters for OpenShift 3.9 to 3.10 Upgrade
- 08 Feb 2019 » Etcdctl v2 and v3 Aliases for Peer Authenticated Commands
- 21 Nov 2018 » How to Create and Use OpenStack Heat Orchestration Templates Part 1
- 30 Oct 2018 » Creating OpenStack Provider Network for Use by a Single Project
- 16 Feb 2018 » Load balancing of OpenShift HA Routers Mind the GARP
- 13 Oct 2017 » OpenShift 3.6 Upgrade Metrics Fails Missing heapster-certs Secret
- 20 Aug 2017 » Installing OpenShift on OpenStack
- 14 Aug 2017 » OpenStack Network Diagram