This configuration is for a high-availability server which provides two IP addresses (1.2.3.4, and 1.2.3.5) to be failed over between the nodes of our cluster, and an Apache server for each IP address. We will set this up as an active/active configuration.
logfacility daemon # Log to syslog as facility "daemon" node paul silas # List our cluster members keepalive 1 # Send one heartbeat each second warntime 3 # Warn when heartbeats are late deadtime 10 # Declare nodes dead after 10 seconds bcast eth0 eth1 # Broadcast heartbeats on eth0 and eth1 interfaces ping 1.2.3.254 # Ping our router to monitor ethernet connectivity auto_failback yes # Keep resources on their "preferred" hosts - needed for active/active respawn hacluster /usr/lib/heartbeat/ipfail # Failover on network failures
See the ipfail page for more information on ipfail.
paul 1.2.3.4 apache::/apache1dir/httpd.cf silas 1.2.3.5 apache::/apache2dir/httpd.cf
The first word (paul or silas) on the line represents the "preferred" host for the service. The remainder of the line is the list of resources (services) which are part of this ResourceGroup. In this case, each ResourceGroup consists of only two resources -- an IP address, and the apache web server. 1.2.3.4 is a shorthand notation for IPaddr::1.2.3.4, and 1.2.3.5 is a similar shorthand for IPaddr::1.2.3.5.
Because auto_failback was enabled, when paul joins the cluster it will regain the 1.2.3.4 address. Similarly, when silas joins the cluster, it will regain its (1.2.3.5) service address. If an active/passive configuration is desired, then simply change auto_failback to no.
The apache resource agent which comes with Heartbeat supports starting multiple instances of Apache by command-line parameters. The parameter which we've given it tells it where to find its configuration file. So, for our example, we've put the files for the 1.2.3.4 server (normally paul) under /apache1dir, and those for the 1.2.3.5 server (normally silas) under /apache2dir.
/etc/ha.d/authkeys must be mode 600. See the section on GeneratingAuthkeysAutomatically for information how to generate good keys automatically.
auth 1 1 sha1 PutYourSuperSecretKeyHere
To get the different Apache instances to bind to the correct IP addresses, you have to tell them which IP addresses they should bind to.
This is done by the Apache Listen directive. In /apache1dir/httpd.cf, this directive should be included
Listen 1.2.3.4:port-number
In /apache2dir/httpd.cf, this directive should be included
Listen 1.2.3.5:port-number
It is important that you not let Apache be started by init at boot time. If you do that, then both init and Heartbeat will "fight" for control of Apache, and it won't work. You have to let Heartbeat control all resources that you include in haresources. To disable Apache from starting at boot time, issue the following command on both paul and silas:
/sbin/chkconfig apache off
or if you're using the httpd service script instead of the apache script:
/sbin/chkconfig httpd off
For the purposes of this example, we assume that somehow both sets of Apache configuration files, and both web sites content are being "magically" maintained on both machines and are sufficiently similar that no one will complain when failovers occur between nodes. You can use periodic rsync for this if that meets your needs. Alternatively, one can use shared disk or DRBD when they need to be truly identical to the millisecond.