Tuesday, March 31, 2009

LDAP and MySQL Cluster

There are two LDAP Directory Servers available that supports MySQL Cluster - OpenLDAP (supported and maintained by Symas Corp.) and OpenDS (Sun Microsystems). Both of them have implemented a back-end called back-ndb that talks direclty to the data nodes. This means that they use the NDBAPI directly to access data in the cluster, thus bypassing the MySQL Server.

Using MySQL Cluster as the back-end makes it possible to easily scale out the LDAP layer without using replication between LDAP servers. If you need to have more capacity in the LDAP layer, add another LDAP server (online, no service interruption), if you need more storage capacity, add data nodes (online, no service interruption). This offers incredible scalability. And no single point of failure.

But since the data is stored in MYSQL Cluster, you can also use SQL to access the data, simultaneously with the LDAP accesses. See the picture below.

OpenDS actually uses ndb-bindings which is a Java layer (JNI wrapper) on top of the C++ NDBAPI. OpenLDAP use the Direct C++ NDBAPI directly. The use of Direct APIs makes a good foundation for high performance.

Besides that there is the usual differences in functionality you can expect from two different Directory Servers (I am not going into details about that here), but both implementation has the similar layout when it comes to the data model that is used inside MySQL Cluster to support LDAP accesses. This similarity comes from the fact that I have had my fingers in both implementations :) . However, I must say that I know the implemenation of OpenLDAP better.

If you want more details you should come to the MySQL User Conference 2009. During the UC, I will have a session together with Howard Chu on OpenLDAP for MySQL Cluster. There will also be a BOF for OpenDS (TBD exaclty when, since the BoFs have not been scheduled yet when this post was written (31st of March, 2009), but keep your eyes open!

If you are interested in getting started with OpenLDAP for MySQL Cluster, then you can follow this quickstart guide.

I have also got lualdap to work with OpenLDAP for MySQL Cluster. Quite cool, since it then can be accessed from the MySQL Proxy (thanks to Stephane Varoqui, Star Consultant MySQL/Sun based in Paris, for this idea)... This opens up quite some interesting things when it comes to authentication.

1 comment:

Matty said...

the next release of Cluster includes support for LDAP data stores. You can learn more about the next version of MySQL Cluster at a live webinar or April 30th. Register here: