[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Handle-info] Handle server mirror replication howto - questions

Dear handle-info readers, forwarding a common question to the list,
maybe there is a nice howto about it somewhere? Thanks in advance!

We'd ... like to start replication of Handles between your and our HS.
How do we do this? I'm guessing you are using the Handle System's
mechanisms for replication - so if I send our siteinfo.bin to you, can
you add us to the replication as well..? Does this enable replication
automatically or do we have to do something beyond that?
And how does this work with the different prefixes? Our Handle Server
is currently homed for OURPREFIX - can it carry other prefixes as well
or do we need separate installations (I guess not...)

(end of quote)

As far as I remember, there was something about the config files on
both sides, public keys and the root "nameserver" of HS for those
prefixes that are to get mirrored? Looking at some etc. notes here,
I see for the config.dct of the mirror:

... in the server_config section of the main { } section ...:

"server_admins" = (
"301:0.NA/OURPREFIX"
)

"this_server_id" = "1"
"replication_authentication" = "privatekey:301:0.NA/OURPREFIX"

...

The private key must be available to the mirror and the public key
must be available as part of the 0.NA/OURPREFIX entry of the root
'name' server of the handle system.

Also there are replpriv.bin and replpub.bin files and the sitebndl.zip
contains replpub.bin, replid.txt, siteinfo.bin and contactdata.dct,
all probably gathered by the Handle System install tool? The text file
is apparently not really used, says: "300:0.NA/YOUR_NAMING_AUTHORITY".

The mirror also has the to-be-mirrored prefix homed, but that can be
done with the usual tools and methods provided for homing, I assume?

On the server side, I see the following in config.dct:

...

"server_admins" = (
"300:0.NA/OURPREFIX"
)

"replication_admins" = (
"300:0.NA/OURPREFIX"
)

"this_server_id" = "1"
"max_session_time" = "86400000"
"max_auth_time" = "60000"
"backup_admins" = (
"300:0.NA/OURPREFIX"
)

...

So apparently owning the private key for the 300:0.NA/OURPREFIX public
key stored in the root 'name' server (naming authority) grants rights
to 1. admin the server 2. receive data for mirroring and 3. dump all
data for backup purposes, but this could also be split into different
accounts? In particular, you will often have a separation between admin
and mirror credentials, so mirrors can only 'login' to mirror data...

Is that correct? Did I forget something important? Thanks in advance!

Regards, Eric


_______________________________________________
Handle-Info mailing list
Handle-Info@cnri.reston.va.us
http://www.handle.net/mailman/listinfo/handle-info