Hi,
the question in the title above .
I’d like to know if we have several DCs in some sites , can I configure readonlyrest to choose the nearest site ?
Thanks .
Hi,
the question in the title above .
I’d like to know if we have several DCs in some sites , can I configure readonlyrest to choose the nearest site ?
Thanks .
Hello @alonzo, great question. We researched and found out the library we use for LDAP does support this feature. So we can make it work. Will add it to the backlog, it will take a couple of months before we have time for this though, as we have a ton to do in the next 3 sprints.
How urgent is this for you?
Hi Simone,
it’s not “severity 1” , more like “severity 2” issue .
currently the application suffers from connection timeout from time to time since the active directory has some remote (for redundancy) and some local DCs.
we have a dirty workaround for those hangs and we will appreciate if you can promote a solution to fix this.
Thanks a lot .
@alonzo, maybe for now you can put all the known servers in HA in ROR settings?
thanks , we are familiar with those settings .
the reason we didn’t want to use it is because the way we configure the LDAP hosts is transparent to the application .
if we put the exact host names in the YML file we’ll have to maintain this list each time a DC is added or excluded by the IT team.
meanwhile since we have no choice we’ll use this option and wait for the new version to be released by you.
thanks again .
Hi Simone ,
can you please update if there’s anything new with the DC Locator ?
is it going to be implemented in one of the new builds ?
Thanks .
Hi @alonzo, this feature is in the pipeline, but not yet delivered. Will see if I can prioritise.
no problem , thank you Simone .
Hi @alonzo, we have developed a feature allowing usage of DNS SRV records for LDAP server discovery instead of having to provide list of servers in config file. This is what DC Locator is using to discover LDAP servers. ROR with this feature hasn’t been released yet, but you can check if it satisfies your needs using pre-release build. Here is link to ROR for ES 7.9.3 https://readonlyrest-data.s3.eu-west-1.amazonaws.com/build/1.26.0-pre5/readonlyrest-1.26.0-pre5_es7.9.3.zip?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA5SJIWBO5QS2CXRMG%2F20201220%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Date=20201220T124817Z&X-Amz-Expires=604800&X-Amz-Signature=a948bf5f73eada369a5a9fb6d0a60990da9a43909de0f99cd84fc3fc5b21025c&X-Amz-SignedHeaders=host. Please let me know if you are using different version of elasticsearch.
Here is link to documentation of this feature readonlyrest-docs/elasticsearch.md at feature/RORDEV-76-ldap-server-discovery · pielas/readonlyrest-docs · GitHub. In the simplest form, when you want to use the system DNS, all you have to do is replace current host/hosts configuration with server_discovery: true
.