Two Apache Web Servers in an Active/Active Configuration

This configuration is for a high-availability server which provides two IP addresses (1.2.3.4, and 1.2.3.5) to be failed over[1] between the node[2]s of our cluster[3], and an Apache server for each IP address. We will set this up as an active/active[4] configuration.

/etc/ha.d/ha.cf file

logfacility daemon         # Log to syslog as facility "daemon"
node paul silas            # List our cluster members
keepalive 1                # Send one heartbeat each second
warntime  3                # Warn when heartbeats are late
deadtime 10                # Declare nodes dead after 10 seconds
bcast eth0 eth1            # Broadcast heartbeats on eth0 and eth1 interfaces
ping 1.2.3.254             # Ping our router to monitor ethernet connectivity
auto_failback yes          # Keep resources on their "preferred" hosts - needed for active/active
respawn hacluster /usr/lib/heartbeat/ipfail  # Failover on network failures

See the ipfail[5] page for more information on ipfail[5].

/etc/ha.d/haresources file

paul    1.2.3.4  apache::/apache1dir/httpd.cf
silas   1.2.3.5  apache::/apache2dir/httpd.cf

The first word (paul or silas) on the line represents the "preferred[6]" host for the service. The remainder of the line is the list of resource[7]s (services) which are part of this ResourceGroup[8]. In this case, each ResourceGroup[8] consists of only two resource[7]s -- an IP address, and the apache web server. 1.2.3.4 is a shorthand notation for IPaddr::1.2.3.4, and 1.2.3.5 is a similar shorthand for IPaddr::1.2.3.5.

Because auto_failback[9] was enabled, when paul joins the cluster it will regain the 1.2.3.4 address. Similarly, when silas joins the cluster, it will regain its (1.2.3.5) service address. If an active/passive[10] configuration is desired, then simply change auto_failback[9] to no.

The apache resource agent which comes with Heartbeat[11] supports starting multiple instances of Apache by command-line parameters. The parameter which we've given it tells it where to find its configuration file. So, for our example, we've put the files for the 1.2.3.4 server (normally paul) under /apache1dir, and those for the 1.2.3.5 server (normally silas) under /apache2dir.

/etc/ha.d/authkeys file

/etc/ha.d/authkeys[12] must be mode 600. See the section on GeneratingAuthkeysAutomatically[13] for information how to generate good keys automatically.

auth 1
1 sha1 PutYourSuperSecretKeyHere

Apache Directives

To get the different Apache instances to bind to the correct IP addresses, you have to tell them which IP addresses they should bind to.

This is done by the Apache Listen[14] directive. In /apache1dir/httpd.cf, this directive should be included

Listen 1.2.3.4:port-number

In /apache2dir/httpd.cf, this directive should be included

Listen 1.2.3.5:port-number

Init Directives

It is important that you not let Apache be started by init at boot time. If you do that, then both init and Heartbeat[11] will "fight" for control of Apache, and it won't work. You have to let Heartbeat[11] control all resources that you include in haresources[15]. To disable Apache from starting at boot time, issue the following command on both paul and silas:

/sbin/chkconfig apache off

or if you're using the httpd service script instead of the apache script:

/sbin/chkconfig httpd off

Special Considerations

For the purposes of this example, we assume that somehow both sets of Apache configuration files, and both web sites content are being "magically" maintained on both machines and are sufficiently similar that no one will complain when failovers[1] occur between nodes. You can use periodic rsync for this if that meets your needs. Alternatively, one can use shared disk or DRBD[16] when they need to be truly identical to the millisecond.

---

This information provided courtesy of the Linux-HA project at http://linux-ha.org/