Technical Diary - With Andrii Grytsenko

There is the description of concept of simple HA for Linux consist of 2 nodes .

Week ago I start to read book about Linux clustering. When I learned about high available cluster I have decided to made some script which will be able to implement it.

THEORY:
We have 2 Linux machine, local network, Internet connection and border gateway.

As you can see at Figure.1.
Node1 and Node2 have internal IPs 10.0.30.1 and 10.0.30.2 respectively. Default route has ip 10.0.30.254. And it provide PAT(Port Address Translation) support . In other words translates all request from internet web clients to web server into localnet virtual ip 10.0.30.3 which always assigned to active node. I will skip how to install PAT support but share my knowledge’s in rest part of project.

PRACTICE:
First of all we need machine with preinstalled Linux OS, web server, rsync and ssh. In this example I used CentOS and apache but it does not metter.

Try to build network connections.
Network configuration for Node #1 :

#cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=08:00:27:7B:7E:03
ONBOOT=yes
IPADDR=10.0.30.2
GATEWAY=10.0.30.254

For node #2:

#cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=08:00:27:B9:50:94
ONBOOT=yes
IPADDR=10.0.30.1

GATEWAY=10.0.30.254

In next step you need to enable rsync in xinted config:

#cat /etc/xinetd.d/rsync
service rsync
{
        disable = no
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/bin/rsync
        server_args     = --daemon
        log_on_failure  += USERID
}

And restart it:

/etc/init.d/xinted restart

Also you need to enable some SELinux bool:

#setsebool -P rsync_export_all_ro=on

Add user rsync in group root for both nods and generate ssh keys for they. Below described step-by-step actions:

For Node #1 :
Add user:

#useradd -g root rsycn 

Login as rsync

#su - rsync 

Generate new rsa key:

#ssh-keygen -t rsa -b 2048 -f rsync.key

When ssh-keygen asks you to provide passprase. Hit Enter twice to get non-password access in the future.

Copy public key to the remote host:

#scp rsync.key.pub root@10.0.30.2:/root/.ssh

For node #2 :

#useradd -g root rsycn
#mv ~/.ssh/rsync.key.pub  ~rsync/.ssh/authorized_keys
#chown rsync ~rsync/.ssh/authorized_keys
#chmod 600 ~rsync/.ssh/authorized_keys
#su - rsync
#ssh-keygen -t rsa -b 2048 -f rsync.key
#scp rsync.key.pub root@10.0.30.1:/root

Back to Node #1 and perform next actions:

#mv ~/rsync.key.pub  ~rsync/.ssh/authorized_keys
#chown rsync ~rsync/.ssh/authorized_keys
#chmod 600 ~rsync/.ssh/authorized_keys

To check if the keys and rsync works properly. Run this on Node #2:

#rsycn -e ssh rsync@10.0.30.1:/var/www/html /var/www/

After that if you have done everything right. The web files from Node #1 should be transfered to your local web directory.

Let’s check our config file:

#cat node.conf
another_node_addr=10.0.30.1
# this is comment
virtual_addr=10.0.30.3
max_sleep_time=10
max_ping_cnt=5
log_facility=local6
debug=1

All lines begging from “#” interpreted as a comments. Therefore it’s ignored by script.

another_node_addr – defined internal ip of other node
virtual_addr – defined common virtual ip for both node
max_sleep_time – max value for sleep(in seconds) between pings
max_ping_cnt – max amount of ping attempts
log_facility – the syslog facility for the logging
sycn_time – time for syncronization web documents from master to slave web-server. “d” – for day, “h” – hours, “min” – minutes, “mon” – months. For example:
sync_time=50min – means that files have to be syncronized every 50 minutes.
debug – the value “1″ is turn on debug

Be careful the maximum migration time you can calculate in next way:
max_sleep_time*(max_ping_cnt+1)+crontab ,
by default it’s 10*(5+1)= 60 + 60 (crontab) =120 seconds.

Download main script and config file and put these into the your nodes.

You can see a little bit of explanation about how to script works in block scheme below.

After these steps you are ready to tune your syslog and crontab configuration. Actions described below should be done on both node’s.
Put into the /etc/syslog.conf:

log_facility.*                                                -/var/log/node.log

Where log_facility is log facility defined at node.conf.

Put this into crontab to make script run by crontab every minute:

#crontab -e
*/1 * * * *     /PATH/TO/check_node.pl /PATH/TO/node.conf

I suppost it will be worked for you as well as for me.
The End.