Another example of a load balanced apache cluster, this time active-active using Pacemaker/Corosync/ldirectord.
This example is using CentOS.
10.11.1.40 – fixed IP of server1
10.11.1.41 – fixed IP of server 2
10.11.1.80 – apache site 1 (virtual IP)
10.11.1.50 – apache site 1 server 1
10.11.1.51 – apache site 1 server 2
10.11.1.90 – apache site 2 (virtual IP)
10.11.1.60 – apache site 2 server 1
10.11.1.61 – apache site 2 server 2
Munin – its pretty handy for monitoring stuff over time to view trends. Some notes to get it up and running with a minimal config:
Install munin on monitoring server:
apt-get install munin
vi /etc/munin/munin.conf
Add something like:
[Webservers;webserver-01]
address 2.11.1.40
use_node_name yes
[Webservers;webserver-01]
address 2.11.1.40
use_node_name yes
Group by something sensible, i.e server type, location, domain?
A few LVM notes to jog the brain
A. Steps to create the logical volume..
List the current physical volumes. In this instance, were interested in a blank 20GB SATA – /dev/sdb. You can extend a logical volume by adding additional phyical volumes later.
fdisk -l
Disk /dev/sda: 21.5 GB, 21474836480 bytes
255 heads, 63 sectors/track, 2610 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000b5a0f
Just a quick example of setting up a Linux HA failover environment for an Apache/MySQL web server. This runs through a Ubuntu installation, however RedHat shouldn’t vary too much.
2.11.1.24 – fixed IP of server1
2.11.1.25 – fixed IP of server2
2.11.1.30 – apache site1 (virtual IP)
2.11.1.31 – apache site2 (virtual IP)
Make sure both servers have a sensible hostname and ensure their hosts files relate to this:
etc/hosts
127.0.0.1 localhost
2.11.1.24 ubuntu-server-1.mydomain.com ubuntu-server-1
2.11.1.25 ubuntu-server-2.mydomain.com ubuntu-server-2
A few notes on configuring NFS on RedHat or Ubuntu
The server packages to install are:
Ubuntu:
apt-get-install nfs-kernel-server nfs-common quota
RedHat:
yum install nfs-utils nfs-utils-lib quota
The client Packages are:
Ubuntu:
apt-get install nfs-common
RedHat:
yum install nfs-utils nfs-utils-lib
A few things to configure on the server:
/etc/hosts.allow
Any hosts listed here will be granted access to everything i.e
ALL: 2.11.1.2[4-5]
ALL: 192.168.1.*
Just a quick and basic example IPTables ruleset to secure a web/mail server:
# Allow outgoing traffic and disallow any passthroughs
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
# Allow traffic already established to continue
iptables -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
Sigh 
today I made a schoolboy error – making config changes to a live firewall on a remote server without giving myself any kind of safety net! Anyway, this is an example of where you should really use something like the at command to bail you out should anything go wrong:
get the current system time:
date
Schedule at to run a command 5 minutes from now:
at -m 13:50
service iptables stop
ctrl-d
With phones getting smarter and smarter, its now possible to monitor servers and perform basic administration tasks from your android handset. Here are a few tools I find useful.
Connectbot is a great SSH client for the Android. It is fully functional, supporting SSH keys and copy/paste etc.
For Windows RDP connections, I found PocketCloud to be the nicest to use free app, but at the time of writing there was a keyboard bug on Samsung handsets. Remote RDP Lite does the same thing in a less elegant way.
Screen is something I’ve never been interested in using previously, but to be honest, it has many benefits. Screen is basically a window manager that allows you to run many windows from your SSH session. By doing this you don’t need to initiate several SSH sessions to a box when running complex tasks. Also if your connection is terminated in the middle of your task, you can resume your screen session.
Basics:
Start screen:
screen
Create new screen window:
CTRL + A + C
Very busy right now, so here’s a quick and dirty writeup for install Java 1.6 on centos5.
To install the JDK
yum install -y jpackage-utils
wget http://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/VerifyItem-Start/jdk-6u14-linux-x64-rpm.bin?BundledLineItemUUID=KxWJ_hCuwSUAAAEvTWRZB8TT&OrderID=WeuJ_hCuedUAAAEvLGRZB8TT&ProductID=tPxIBe.oz2IAAAEhmh0zLjfT&FileName=/jdk-6u14-linux-x64-rpm.bin
chmod +x jdk-6u14-linux-i586-rpm.bin
./jdk-6u14-linux-i586-rpm.bin
