Friday, December 7, 2018

High Availibility - HEARTBEAT (HA-CLUSTER) CONFIGURATION on LINUX

HEARTBEAT CONFIGURATION on LINUX

Below are the following steps which should be followed to setup HA-Cluster on two machine.

PREPARING THE SERVERS:-
We need to make sure that ntpd is configured and always running to keep both servers time synchronized.

# chkconfig ntpd on
HOSTNAME RESOLVE
Now let’s suppose we have created two servers :-

Host name                   ipaddress
Server1         test1                          10.2.1.231
Server2         test2                          10.2.1.232

Now we need to make sure that these two servers ping each also other with their hostname and for this we have to open

#nano /etc/hosts
And write these two lines in the file
10.2.1.231   test1
10.2.1.232   test2

Next try to ping both the servers from each other if they are able to ping then its fine otherwise you need to recheck the “/etc/hosts” file for your hostname.
Create the following file on both servers with the exact same content:

# nano /etc/ha.d/ha.cf
###################################################
logfile /var/log/ha-log
logfacility local0
keepalive 2
deadtime 30
initdead 120
bcast Auto_eth0
udpport 694
auto_failback on
node test1
node test2
###################################################

Note: Here in the above file we are broadcasting the service from Auto_eth0 “bcast Auto_eth0 “ . This will work when we have a single pair of machine that are running Heartbeat for High Availability, but it creates problems and gives error when there are multiple pairs of Heartbeat  running on the same subnet. To have multiple error-less  heartbeat running on the same subnet we need to do multicast instead of broadcast, so the “ha.cf” should look like this

# nano /etc/ha.d/ha.cf
###################################################
logfile /var/log/ha-log
logfacility local0
keepalive 2
deadtime 30
initdead 120
### here we are using mcast assigning the dev and class D multicast ip udp-port and ttl
mcast eth0 224.1.2.3 694 1 0
auto_failback on
node ldap1
node ldap2
###################################################
Note: The multicast ip should be same for a pair of systems and each pair in the environment should have their unique mcast ip so that they only synchronize by themselves and do not disturb other pairs.
The next step is to create the resource file for heartbeat on both servers with exact same content again:

# nano /etc/ha.d/haresources
test1 IPaddr::10.2.1.230/24/Auto_eth0  

first word is the hostname of the primary server then the IP 10.2.1.230 is the one I choose to be the virtual IP to be moved to the slave in case of a failure.
The last thing is to create the authentication file on both servers again with the same content:

# nano /etc/ha.d/authkeys
###################################################
auth 2
2 sha1 my-password
###################################################

This password file should only be readable by the root user:

# chmod 600 /etc/ha.d/authkeys

Ok now we should be ready to go… Let’s test it!!

On both servers start heartbeat service:

# service heartbeat start

Then check on server1

# ifconfig
*********************************************************
Auto_eth0 Link encap:Ethernet HWaddr 08:00:27:95:AB:B1
inet addr:10.2.1.230 Bcast:10.2.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe95:abb1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2189638 errors:0 dropped:0 overruns:0 frame:0
TX packets:30442386 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:188528923 (179.7 MiB) TX bytes:45853044392 (42.7 GiB)
Auto_eth0:0 Link encap:Ethernet HWaddr 08:00:27:95:AB:B1
inet addr:10.2.1.200 Bcast:10.2.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:305 errors:0 dropped:0 overruns:0 frame:0
TX packets:305 errors:0 dropped:0 overruns:0 carrier:0
*********************************************************

You can see that a new interface named Auto_eth0:0 can be seen which contained the virtual ip and as server 1 is the primary one it will be only on server 1 till the server is working or heartbeat is active. The ip will by self move to server2 in case when server 1 is inactive/crashed/heartbeat is stopped

Testing fail over
You can shut down server1 or simply stop heartbeat service:

On server1:

# service heartbeat stop

On server2:

# ifconfig
*********************************************************
Auto_eth0 Link encap:Ethernet HWaddr 08:00:27:8F:3B:50
inet addr:10.2.1.232 Bcast:10.2.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe8f:3b50/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:30447253 errors:0 dropped:0 overruns:0 frame:0
TX packets:2138369 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:45799991579 (42.6 GiB) TX bytes:173195698 (165.1 MiB)
Auto_eth0:0 Link encap:Ethernet HWaddr 08:00:27:8F:3B:50
inet addr:10.2.1.200 Bcast:10.0.4.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:208 errors:0 dropped:0 overruns:0 frame:0
TX packets:208 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
*********************************************************

Till this point if your machine responds in the same manner, congratulations you have now installed and configured DRBD with Heartbeat.

If you get any error refer to “/var/log/messages”.

Or be free to comment if any problem occurs.

Also I have tested that the heartbeat do not work good on OpenBSD as of security reason’s OpenBSD stores the mac address and when it system changes the virtual ip, the OpenBSD starts taking it as a threat and stops interacting with it.
 

No comments: