On Apr 17, 2008, at 7:29 PM, James CE Johnson wrote:
>> On Apr 17, 2008, at 8:06 AM, James CE Johnson wrote:
>>> I have a Subversion repository that is protected by mod_auth_ldap:
>>>
>>> <Location /svn>
>>> DAV svn
>>> SVNParentPath /usr/local/svn/repositories
>>> SVNListParentPath on
>>> SVNAutoVersioning on
>>> AuthName "Enterprise Shared SCM Repository"
>>> AuthType Basic
>>> Require valid-user
>>> AuthLDAPUrl ldap://primaryLdapHost...
>>> AuthLDAPBindDN ...
>>> AuthLDAPBindPassword ...
>>> </Location>
>>>
>>> This works perfectly and we've been very happy with the results.
>>>
>>> However...
>>>
>>> I now have a different set of users who exist in a different LDAP
>>> repository. They will ultimately (in 6-9 months) join everyone else
>>> but,
>>> in the meantime, they need SVN access.
>>>
>>> So, the question is, will it be safe to create (in the same
>>> httpd.conf) a
>>> second <Location/> pointed to the same SVNParentPath?
>>>
>>> <Location /svnForOthers>
>>> DAV svn
>>> SVNParentPath /usr/local/svn/repositories
>>> SVNListParentPath on
>>> SVNAutoVersioning on
>>> AuthName "Enterprise Shared SCM Repository"
>>> AuthType Basic
>>> Require valid-user
>>> AuthLDAPUrl ldap://alternateLdapHost...
>>> AuthLDAPBindDN ...
>>> AuthLDAPBindPassword ...
>>> </Location>
>>
>> I would guess that would be safe but wouldn't bet my own repository
>> on it at this point.
>
> OK. That brings me to the alternative implementation: Multiple (two in
> this case) Apache instances on the same host pointed at the same
> repository (which is on the local filesystem).
If I had to choose between a single Apache instance with multiple
Location directives pointed at the same repositories, and multiple
Apache instances on the same machine pointed at the same
repositories, I would feel much more confident in the former to not
corrupt my data.
>>> If nobody has a definite answer, can anyone recommend test
>>> scenarios to
>>> prove or disprove that this will or will not result in repository
>>> corruption?
>>
>> I'm not sure how you would test it.
>>
>>> Related to this, and I will post it as a second query later, is it
>>> safe to
>>> have multiple Apache instances pointed to the same SVNParentPath
>>> (e.g. --
>>> clustering)?
>>
>> It these multiple Apache instances are on multiple computers and
>> accessing a common repository on a storage-area network, then it will
>> be safe if the storage-area network uses a cluster filesystem. One
>> filesystem that has this is whatever Apple's Xsan uses.
>
> Initially they would be on the same host and the repository would
> be on
> the local filesystem. In the future they would be on different
> hosts and
> the repository would be mounted via NFS, most likely from a NetApp but
> possibly from our corporate SAN.
>
> The clustering is more for load balancing and traditional clustering
> reasons, not so much for the LDAP issue. I expect our LDAP to be
> consolidated before load balancing becomes a requirement.
Ok but NFS and SAN will be insufficient unless they offer a cluster
filesystem. Make sure you have this, otherwise you'll have multiple
computers writing to the same data at the same time and corrupting
things all over the place.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-04-18 02:38:10 CEST