On 24/06/10 17:27, Michelle Konzack wrote:
> in my enterprise I have an Intranet-Server with NFSv4, Courier, Apache
> and PostgreSQL and if this Server goes down, nothing will work anymore.
>
> OK, I replicate the WHOLE server all 6 hours, but my PostgreSQL give me
> a bunch of headache, becasue I use "pam-pgsql" for authentication.
Honestly, using PostgreSQL for authentication in this environment may
not be optimal.
PostgreSQL is good at complex queries with a solid read/write mix, where
strong guarantees are required about concurrency, durability, etc. Its
strong point isn't in distributed read-mostly use serving huge numbers
of very simple queries.
You might be better off chosing an LDAP server. LDAP is designed for
extremely high rates of very simple queries - mostly single attribute
reads and simple tree searches. It's designed to operate as a
read-mostly system, where updates are infrequent. Most LDAP systems
provide very strong replication options, and most LDAP clients can use
multiple servers to service queries so they cope well when one of the
servers goes down.
> What is the best practize to build the PgSQL in HA using a second/third
> external server to keep authentication alive?
Look into replication options like Bucardo and Slony-I. But, really,
you'll be much better off switching to using LDAP for this task.
OpenLDAP is a pretty solid LDAP server these days, and I highly
recommend it for use as an authentication database. By default it uses
Berkeley DB as a backend, which is quite acceptable with newer versions
of Berkeley DB that provide decent transactional behaviour and solid
crash-safety.
--
Craig Ringer