Implement high-availability services on Linux

Source: Internet
Author: User
Tags ldap
Article Title: implement high-availability services on Linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
The high availability service is a hot topic in enterprise applications. High-Availability Service (HA) refers to the use of two or more machines to run services (such as http, NFT, and Oracle). When the master server is down, other secondary servers automatically take over the service. When the primary server returns to the normal state, the secondary server automatically takes over the service. As we all know, in the server field, the Linux operating system itself has high stability. However, in practical applications, the system may be required to have higher stability. At this time, we need to build a high-availability service to ensure that the system can provide uninterrupted services. Many merchants provide high-availability products on Linux, such as Rose HA, Turbo HA Cluster Server, and SGI FailSafe Server. However, there are also free high-availability products on Linux, for example, the High-Availability Linux Project is a High-Availability Linux Project. Using it, we can build various highly available services on Linux. This article uses heartbeat to implement highly available http Services.
  
The following describes the hardware and software of this experiment:
  
A. Hardware
  
Servers: both servers have dual NICs. One is used to connect to the network, and the other is used to connect two servers.
Heartbeat line: A special serial line used for detecting serial port information.
Network cable: A crossover network cable used for dual-host interconnection. Supports heartbeat UDP communication.
  
B. Software
  
OS: RedHat 9.0
Service: Apache (the apache settings and content on the two servers are exactly the same)
HA software: heartbeat 1.0.4 for RedHat 9.0
  
C. Network Information
  
Server 1
Host Name: ha1.bogus.sh.cn
Eth0: 192.168.2.1 (Access LAN)
Eth1: 10.0.0.1 (Heartbeat line)
  
Server 2
Host Name: ha2.bogus.sh.cn
Eth0: 192.168.2.2 (Access LAN)
Eth1: 10.0.0.2 (Heartbeat line)
  
External Service IP Address: 192.168.1.3
  
The installation process is as follows:
  
1. Install heartbeat
  
We chose heartbeat1.0.4, which was updated on and is also the latest stable version. There is also heartbeat-beta1.1.3, but if you are the first installation, there is no need to work with the previous version, do not select this.
  
Because the operating system we use is Red Hat 9.0, we directly use the corresponding version of the rpm package for installation.
  
Heartbeat 1.0.4 for RedHat 9.0 includes the following four main packages:
Heartbeat-1.0.4-2.rh.9.i386.rpm
Heartbeat-ldirectord-1.0.4-2.rh.9.i386.rpm
Heartbeat-pils-1.0.4-2.rh.9.i386.rpm
Heartbeat-stonith-1.0.4-2.rh.9.i386.rpm
  
However, these packages depend on other packages, which can be found here:
  
Ipvsadm-1.21-1.rh.9.um.1.i386.rpm
Libnet-1.1.0-1.rh.9.um.1.i386.rpm
Perl-Authen-SASL-2.03-1.rh.9.um.1.noarch.rpm
Perl-Convert-ASN1-0.16-2.rh.9.um.1.noarch.rpm
Perl-IO-Socket-SSL-0.92-1.rh.9.um.1.noarch.rpm
Perl-ldap-0.2701-1.rh.9.um.1.noarch.rpm
Perl-Mail-IMAPClient-2.2.7-1.rh.9.um.1.noarch.rpm
Perl-Net-SSLeay-1.23-1.rh.9.um.1.i386.rpm
Perl-XML-NamespaceSupport-1.08-1.rh.9.um.1.noarch.rpm
Perl-XML-SAX-0.12-1.rh.9.um.1.noarch.rpm
  
The installation sequence is as follows:
  
Rpm-ivh heartbeat-pils-1.0.4-2.rh.9.i386.rpm
Rpm-ivh heartbeat-stonith-1.0.4-2.rh.9.i386.rpm
Rpm-ivh heartbeat-1.0.4-2.rh.9.i386.rpm
Rpm-ivh ipvsadm-1.21-1.rh.9.um.1.i386.rpm
Rpm-ivh perl-Net-SSLeay-1.23-1.rh.9.um.1.i386.rpm
Rpm-ivh perl-IO-Socket-SSL-0.92-1.rh.9.um.1.noarch.rpm
Rpm-ivh perl-Convert-ASN1-0.16-2.rh.9.um.1.noarch.rpm
Rpm-ivh perl-XML-NamespaceSupport-1.08-1.rh.9.um.1.noarch.rpm
Rpm-ivh perl-XML-SAX-0.12-1.rh.9.um.1.noarch.rpm
Rpm-ivh -- nodeps perl-Authen-SASL-2.03-1.rh.9.um.1.noarch.rpm
Rpm-ivh -- nodeps perl-Mail-IMAPClient-2.2.7-1.rh.9.um.1.noarch.rpm
(Note: The preceding two packages have dependencies. You can find the tar package installation from cpan.org, and then use -- nodeps for forced installation)
Rpm-ivh perl-ldap-0.2701-1.rh.9.um.1.noarch.rpm
Rpm-ivh heartbeat-ldirectord-1.0.4-2.rh.9.i386.rpm
  
2. Configure heartbeat
  
The heartbeat configuration contains the following three files:
Main configuration files of ha. cf
Haresources resource configuration file
Authkeys authentication information
  
The first two files should be readable and writable by all, while authkeys can only be read and written by root.
  
2.1./etc/hd. d/ha. cf
  
This file is mainly used to define media and set parameters. It is the main configuration file of heartbeat. Here, the content of our ha. cf file is as follows:
  
Node ha1.bogus.sh.cn
Node ha2.bogus.sh.cn
Serial/dev/ttyS0
Baud 19200
Deadtime 5
Keepalive 1
Initdead 30
Udp eth1
Udpport 694
  
The following is an explanation of ha. cf:
  
Keepalive 1
This parameter specifies the number of seconds between two heartbeat requests. In this experiment, heartbeat is performed once per second.
  
Deadtime 5
This parameter specifies the time to wait for the declared host to crash. If 10 is specified, heartbeat starts failover 10 seconds after the node stops responding.
  
Initdead 30
This parameter specifies how long the deadtime should be when heartbeat is started for the first time. Because when heartbeat is started at boot, you still need to set aside time for network startup, so this time takes a longer time.
  
Udpport 694
This parameter specifies the port used by heartbeat to send UDP packets.
  
Udp eth1
This parameter specifies the interface on which heartbeat is sent.
  
Node ha1.bogus.sh.cn and node ha2.bogus.sh.cn
This parameter tells heartbeat which hosts are used. The correctness of node names is very important. The node name should be consistent with the name displayed in the Command uname-n.
  
Serial/dev/ttyS0
This parameter specifies the serial port on which the jumper is connected.
  
Baud 19200
The baud rate of the parameter for serial communication.
  
2.2./etc/ha. d/haresources
  
This file specifies the service to be synchronized and what the host is. The files on the two machines must be consistent. We set the high-availability service to Apache and its external IP address to 192.168.2.3. Therefore, the content of haresources should be as follows:
Ha1.bogus.sh.cn 192.168.2.3 httpd
  
Httpd is the name of the startup script. Heartbeat starts from/etc/ha. d/resource. d and/etc/rc. d/init. d directory to find the httpd STARTUP script. Here, because we use apache that comes with Redhat, in/etc/rc. d/there is an httpd STARTUP script below, so heartbeat can use httpd start/stop to start or stop the apache service. NextPage ### 2.3./etc/ha. d/authkeys
  
There are three authentication methods: crc, md5, and sha1. sha1 are the most difficult to crack, followed by md5 and crc.
  
The file format is as follows:
  
Auth
   []
  
Here, the content of our authkeys file is as follows:
  
Auth 1
1 sha1 sha1 myAuthkey
  
Then, set its permission to 600 to improve security. Note: If you do not perform this step, heartbeat may not work properly.
Chmod 600 authkeys
  
2.4 configure another server
  
The preceding settings are repeated for another server, for example:
Vi/etc/ha. d/ha. cf
Vi/etc/ha. d/haresources
Vi/etc/ha. d/authkeys
Chmod 600 authkeys
  
The haresources and authkeys on the two machines should be exactly the same. Ha. cf should also be the same, unless your heartbeat line is connected to different serial ports or different NICs connected to the Cross network cable.
3. Start heartbeat
  
First, disable the high-availability services of the two machines, because the service is automatically opened when heartbeat is started. The high-availability service here is apache. We can use the following command to close them:
/Etc/rc. d/init. d/httpd stop
  
Then, you can run the following command to start heartbeat on two machines:
/Etc/rc. d/init. d/heartbeat start
  
Run the following command to view the heartbeat log in the running state:
Tail-f/var/log/ha-log
  
Run the following command to disable the heartbeat service:
/Etc/rc. d/init. d/heartbeat stop
  
4. Test
  
After the heartbeat service is started, you can start testing. To identify which server the apacheservice is hosted, add the host name in the index.html file of apache. In this way, you can access the home page to identify which server is providing apache.
  
At the beginning, we visited http: // 192.168.2.3 and saw the ha1 page. Then we tried to disconnect ha1, such as shutting down or restarting it. Then, we refresh the page and soon we can see that the page has become ha2. This indicates that ha2 has taken over the apache service of ha1, and we can see it on ha2, it can be found that it has automatically mounted 192.168.2.3 IP addresses, and the apache service has started. Then let's re-run ha1. At this time, we refresh the page again, and soon we can see that the page is changed back to ha1, And the apache service on ha2 is automatically disabled. During the whole process, the external apache service was hardly affected.
  
5. Conclusion
  
Heartbeat is an open-source software that complies with GPL releases. This provides a low-cost high-availability solution. With heartbeat, it can also build other high-availability services, for example, LDAP, DataBsee, NFS, and FTP. In addition, heartbeat can be easily transplanted to other UNIX-like platforms. For more information, see its official website.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.