Cover V10, I04
Article
Figure 1
Figure 2
Figure 3

apr2001.tar


Configuring Red Hat's High-Availability Server

Rafeeq Ur Rehman

This is a 24x7 world, and many businesses need around-the-clock, reliable processing of data. Many UNIX vendors provide high-availability systems for their machines. With a gradual market shift towards Linux, demand for Linux-based, high-availability solutions has also increased. This article takes a quick look at how to configure the Red Hat High-Availability Server, which runs with Red Hat Linux 6.2 and provides a failover clustering and load balancing solution.

There have been many definitions for the term high availability (HA). For simplicity, high availability is a solution that minimizes downtime for a system. High availability can be achieved in many ways, including fault tolerance and computer clustering. To achieve high availability, computer clusters are usually used in a failover server (FOS) configuration where one computer (the backup or failover server) backs up another one (the primary server). The primary server provides some service to end users in normal circumstances.

All servers in a failover cluster use two type of network addresses. Private, or heartbeat, addresses are used to monitor each other; public addresses are used for end users. Initially, all public addresses are configured on the primary server. If the primary server fails (hardware or software), the backup server takes over the job of primary server. This process is transparent to the end user, as public network addresses are migrated from primary server to the backup server. The end user still connects to the same address and sees no difference as the same services and data are also available on the backup server. One example is a Web server where two identical machines, with the same data back up each other. Most of the time, primary and backup servers are connected to a RAID or other storage solution, such as the one provided by EMC Corporation. A failover, high-availability cluster configuration is shown in Figure 1.

A virtual IP (VIP) address is configured on the public network, which is visible to clients. All services are provided using this virtual IP address. This VIP address can be moved from primary to backup server, and vice versa, when required. The active server always keeps the VIP address so the clients always connect to the active server. When the primary server fails, the backup server takes up the VIP and configures it on one of its network adapters connected to the public network. The private network is usually used for heartbeat monitoring, a term used to monitor the health of the other system in a cluster. The heartbeat and public networks may physically be the same network or different ones.

The Red Hat high-availability server can be used in two different configurations. First is the failover server (FOS) configuration, which I describe in this article, and the other one is the Linux virtual server (LVS) configuration. In LVS configuration, the Red Hat server can be used with servers running any operating system to monitor and load balance. This is a much broader application than a simple failover server. In the LVS configuration, multiple FOS clusters can be used to add another layer of reliability to the system.

System Requirements

System requirements for the server depend upon the application that will run on the participating machines. Although it is not necessary for both machines participating in failover configuration to be identical, it helps. You should have as much RAM and CPU power available as you can, but the minimum recommended RAM is 64 MB. Red Hat documentation recommends 1.2 GB disk space for the HA server, but I was able to install it on as little as 300 MB. I believe that with some effort, this may be decreased. You may need additional space for your applications and data.

Installation

When you purchase the High-Availability Server from Red Hat, you get a box with three CDs and an installation guide. The first CD contains Red Hat Linux 6.2 along with the Red Hat High-Availability Server. This is all you need to install the server. The installation process is well explained in the accompanying guide. However, it is not much different from the installation of a simple Red Hat Linux distribution on a PC or server. The only difference is in some options and background images. When you are asked about "Install or Upgrade", you have to select "Cluster Server", which is the default choice. The rest is the same familiar process of installing Linux, which is briefly explained below.

To start the installation, install the first CD and reboot the system. Your machine will start booting from Red Hat Linux 6.2. Here you can choose one of the available installation methods. I always select the "Expert" method, because it allows more flexibility. After that, you have to make Language, Keyboard and Mouse selections. After a welcoming screen, you have to select "Cluster Server". Then there are the usual processes of partitioning the disk, selecting mount points, formatting the partitions, and so on. You then will go to lilo configuration, time zone selection, and setting the root password. In the "Package Group Selection", you can select packages according to your needs. The amount of required disk space depends upon what you select for installation. If you install everything, the disk requirement may go up to 1.5 GB. To configure the server using the Web interface, you must install Apache Web server and Netscape Communicator, both of which are bundled with the installation CD and are selected for installation by default.

There are other installation methods available for the server, but the easiest one is through a bootable CD-ROM. Anybody who has installed Red Hat 6.2 will not find any difficulty in installing the HA server.

Configuration

After completing the installation process, the major part is to configure the High-Availability server. The basic requirement is that you should have TCP/IP networking already configured and working on both primary and backup servers. Thus, you should be able to ping one server from the other. I used IP address 192.168.2.100 for the primary server and 192.168.2.200 for the backup server. These addresses are used for the heartbeat check of the servers. After that you must configure both servers so that the root user can rlogin to the other server without a password. You should block the rest of the world from gaining access to the servers with rlogin. The first step is to configure /etc/hosts.allow and /etc/hosts.deny files on both of the systems. For example, these files on my primary server look like the following: 

There is only one line in /etc/hosts.deny file as shown below:

#
# This file describes the names of the hosts which are
# not allowed to use the local INET services.
#
ALL: ALL
This line disables access for all hosts except those mentioned in /etc/hosts.allow file, which is listed below: 

#
# This file describes the names of the hosts which are
# allowed to use the local INET services.
#
ALL: 192.168.2.200
This file allows access to host 192.168.2.200, which is the failover server for cluster. Having done that, you should create .rhosts (dot rhosts) file in the home directory of the root user on both of the systems. This will allow access of root user from both of the systems without typing a password. In the simplest case, you can just add the host name of the other server in this file. You also need to edit the /etc/hosts file that maps host names to IP addresses such that the host name of both of the servers can be resolved.

The /etc/lvs.cf file controls failover cluster bootup and who takes control of the primary server. Before going into detail about what is inside this file and how it is configured, look at a sample /etc/lvs.cf file that I created on my test environment: 

primary = 192.168.2.100
service = fos
rsh_command = rsh
backup_active = 1
backup = 192.168.2.200
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = direct
failover Web_Server {
     address = 192.168.2.11 eth0:1
     active = 1
     port = 80
     timeout = 6
     send = "GET / HTTP/1.0\r\n\r\n"
     expect = "HTTP"
     start_cmd = "/etc/rc.d/init.d/httpd start"
     stop_cmd = "/etc/rc.d/init.d/httpd stop"
}
The first part of this file, which is not indented, is a general setup that lists primary and backup server heartbeat IP addresses, the type of high-availability server (in this case, failover designated by "fos"), heartbeat port numbers, and keepalive times. The second part shows a failover configuration for the Web server using port number 80. It shows that the Web server is using the IP address 192.168.2.11, which is configured on interface eth0:1. This is the virtual IP known to end users through DNS. For testing this configuration, I used only one network interface, but I strongly recommend using a separate network interface for heartbeat. For all external users, the public IP address for the Web server is 192.168.2.11, which is initially configured on the primary server. If the primary server fails, the backup server detects it by using heartbeat, configures the same IP address on its eth0:1 interface, and starts the Web server. As shown, the server start and stop scripts are also included in the configuration file.

The syntax of the configuration file must be strictly followed. There should not be any space on any side of the equal sign. A complete list of keywords that can be used in this file is present in the installation guide that comes with the high-availability server.

Once you have finalized this file, it needs to be copied on both of the servers participating in the cluster. After copying this file, you can restart the machines for changes to take effect, or you can use the following command to start the cluster pulse-monitoring daemon: 

/etc/rc.d/init.d/pulse start
Whenever you make any change to this file, it should be copied to all of the participating servers. Once the cluster is running, you can list the available Ethernet adapters and configured IP addresses by using the ifconfig -a command. Output similar to the following will be observed in response to this command: 

eth0      Link encap:Ethernet  HWaddr 00:E0:29:89:28:59  
          inet addr:192.168.2.100  Bcast:192.168.2.255  Mask:255.255.255.0
          inet6 addr: fe80::e0:2989:2859/10 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1389 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2891 errors:0 dropped:0 overruns:0 carrier:0
          collisions:5 txqueuelen:100
          Interrupt:11 Base address:0xe800 

eth0:1    Link encap:Ethernet  HWaddr 00:E0:29:89:28:59  
          inet addr:192.168.2.11  Bcast:192.168.2.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:11 Base address:0xe800 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:1408 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1408 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
Interface eth0:1 comes up as soon as one of the nodes in the cluster takes the role of master server.

Using the Web Interface to Configure the Cluster

The beauty of the configuration process is that it is easy (even for not-so-experienced administrators), with the help of the Web interface. The configuration file (/etc/lvs.cf) shown previously is not generated manually. I used the Web interface to configure the cluster that automatically generates this configuration file. To configure the cluster, start Netscape communicator and go the following URL: 

http://localhost/piranha
Your browser screen will look something like the one shown in Figure 2. Using this screen, login to the cluster administration system. The login name is "piranha", and the password for this login ID is created by using the following command: 

/usr/sbin/piranha-passwd <password>
After you are logged into the system, the main configuration screen appears as shown in Figure 3 where you can specify heartbeat addresses and other configuration addresses for both of the servers. You can also configure services that are to be monitored by the failover server. Different settings can be changed by using four of the links provided under the "CONTROL/MONITORING" label in the screen shot shown in Figure 3. I hope you find these configuration tips useful.

Price and Availability

The high-availability server can be purchased for $1995 from the Red Hat online store at: http://www.redhat.com.

Rafeeq U. Rehman received his bachelors and masters degrees in Electrical Engineering from the University of Engineering and Technology, Lahore. He is the author of many articles on Linux, and a book on HP-UX system and network administration. His interests include network management, security, and C programming. He can be contacted at: rurehman@yahoo.com.


 

© 2002 CMP Media LLC. All Rights Reserved.
www.samag.com