A common configuration for an HA server is simply to provide an IP address and a single service to be failed over[1]. This example will be an active/passive[2] configuration for the Apache web server.
logfacility daemon # Log to syslog as facility "daemon" node paul silas # List our cluster members keepalive 1 # Send one heartbeat each second deadtime 10 # Declare nodes dead after 10 seconds bcast eth0 eth1 # Broadcast heartbeats on eth0 and eth1 interfaces ping 1.2.3.254 # Ping our router to monitor ethernet connectivity auto_failback no # Don't fail back to paul automatically respawn hacluster /usr/lib/heartbeat/ipfail # Failover on network failures
See the ipfail[3] page for more information on the respawn directive above.
In most cases, this file can be identical between the two machines.
paul 1.2.3.4 apache
The first word (paul) on the line represents the "preferred[4]" host for the service. The remainder of the line is the list of resource[5]s (services) which are part of this ResourceGroup[6]. In this example, the sole resource group consists of two resources: an IP address (IPaddr::1.2.3.4) and the Apache web server. Although Heartbeat[7] can use resources which are simply init scripts from /etc/init.d, both of these ResourceAgent[8]s are located in /etc/ha.d/resource.d. In every case, this file must be identical on both machines.
/etc/ha.d/authkeys[9] must be mode 600. See the section on GeneratingAuthkeysAutomatically[10] for information how to generate good keys automatically.
auth 1 1 sha1 PutYourSuperSecretKeyHere
Except when changing keys, this file must be identical on the two machines.
To get Apache to bind to the correct IP addresses, you have to tell it which IP address it should bind to.
This is done by the Apache Listen[11] directive. In httpd.cf, include this directive:
Listen 1.2.3.4:port-number
It is important that you not let Apache be started by init at boot time. If you do that, then both init and Heartbeat[7] will "fight" for control of Apache, and it won't work. You have to let Heartbeat[7] control all resources that you include in haresources[12]. To disable Apache from starting at boot time, issue the following command on both paul and silas:
/sbin/chkconfig apache off
or if you're using the httpd service script instead of the apache script:
/sbin/chkconfig httpd off
For the purposes of this example, we assume that somehow the Apache configuration files, and the web site content is being "magically" maintained on both machines and are sufficiently similar that no one will complain when failovers[1] occur between nodes. You can use rsync for this if that meets your needs. Alternatively, one can use shared disk or DRBD[13] when they need to be truly identical to the millisecond.
Hidayatullah Shaikh's article[14] on Linux-HA and Apache
| [1] | http://en.wikipedia.org/wiki/Failover |
| [2] | http://www.linux-ha.org/ActivePassive |
| [3] | http://www.linux-ha.org/ipfail |
| [4] | http://www.linux-ha.org/PreferredNode |
| [5] | http://www.linux-ha.org/resource |
| [6] | http://www.linux-ha.org/ResourceGroup |
| [7] | http://www.linux-ha.org/Heartbeat |
| [8] | http://www.linux-ha.org/ResourceAgent |
| [9] | http://www.linux-ha.org/authkeys |
| [10] | http://www.linux-ha.org/GeneratingAuthkeysAutomatically |
| [11] | http://httpd.apache.org/docs-2.0/mod/mpm_common.html#listen |
| [12] | http://www.linux-ha.org/haresources |
| [13] | http://www.linux-ha.org/DRBD |
| [14] | http://www-106.ibm.com/developerworks/library/l-halinux/?ca=dnt-541 |
This information provided courtesy of the Linux-HA project at http://linux-ha.org/