lloyd
commented
11 years ago We're not doing anything now, we have LDAP in 1 dc multiple server redundant, in the future we'll move to multiple DCs and use DNS mechanisms. According to Jake Maul:
Right now there is only ldap.mozilla.org in phx1's HCI. In the coming months we might have another endpoint in scl3's HCI. The existing one is two servers behind a load balancer already though, so at least redundant at the server level.
We've considered whether we'll handle this in mozilla IT (by using DNS based mechanisms and health check), or whether we'll handle this in the application (by having a set of LDAP servers and trying them all before failing).
If we do this using DNS mechanisms, then the work required in the server is zero.
If we do this using multiple endpoints we need to implement application level round robin with handling of failures. In this case we need a complete list of the LDAP servers in play.