Following from the previous article, we can now look at setting up our Slices and installing Heartbeat.
This is a very easy process that allows for quick access to a High Availability Slice setup.
First of all, you will need two Slices. You can add more Slices from the Slicemanager - log in and then click 'Add a Slice'. We recommend using the same size Slice with the same distro.
Requesting a failover IP
Do note that you do not need a new IP address allocated to your Slice - not only are they $2 a month but there is no need as your existing IP can be used for these purposes.
All you need to do is open a Support Request from the Slicemanager (under the Help tab).
In your request, please specifically define which Slice IP you want to share and which Slice you want to share it with.
In this, and future, articles, I am going to use the Slice names of 'Master' and 'Slave'.
The process is quickly completed.
Unless specifically mentioned, all commands will need to be run on BOTH Slices.
Let's go ahead and update the Slices.
Update the Slices
I am assuming you are using Ubuntu Hardy for your Slices. Please note that these articles may not work on another distribution. However, the principle is the same and the configuration files should be the same.
Log into the Slice and issue this command:
sudo aptitude update
Once you have done that, have a check to see if anything needs upgrading on the Slice:
sudo aptitude safe-upgrade
Note that we will be using version 2.1.3 for this article. Version 1 has very different configuration files.
Now we are ready to install Heartbeat (again, note this is to be done on BOTH Slices):
sudo aptitude install heartbeat
Well, that's it really.
There are three files that need to be created and configured for this to work.
They are located in the /etc/heartbeat/ folder.
The first file is called 'authkeys'. Perhaps discernible from the file name, but this will hold our authorisation keys so only our heartbeat installs will talk to each other.
This file will be exactly the same on BOTH Slices:
sudo nano /etc/heartbeat/authkeys
The contents are as simple as this:
auth 1 1 sha1 YourSecretPassPhrase
The first line defines the auth number (you can have multiple failover IPs that need more than one authkey).
The second simply defines your passphrase and uses sha1 to encrypt it.
Again, the file need to be the same on both Slices.
You must change the permissions of this file - it must not be 'world' readable (Heartbeat will fail if it is).
On both Slices change the permissions:
sudo chmod 600 /etc/heartbeat/authkeys
The second file that needs changing is the 'haresources' file. As with the authkeys, this needs to be exactly the same on BOTH Slices:
sudo nano /etc/heartbeat/haresources
The contents are very simple:
The name 'master' is the hostname of the MASTER Slice and the IP address (126.96.36.1990) is the IP address of the MASTER Slice.
Note the '/24' after the MASTER Slice IP address.
To drive this home, this file needs to be the same on BOTH Slices.
MASTER Slice ha.cf
The third file that needs creating is named 'ha.cf'.
This file is different on each of the Slices.
Lets deal with the contents of this file for the MASTER Slice:
sudo nano /etc/heartbeat/ha.cf
The contents would be as follows:
logfacility daemon keepalive 2 deadtime 15 warntime 5 initdead 120 udpport 694 ucast eth1 188.8.131.52 # The Private IP address of your SLAVE slice. auto_failback on node master # The hostname of your MASTER Slice. node slave # The hostname of your SLAVE slice. respawn hacluster /usr/lib/heartbeat/ipfail use_logd yes
Note the three lines that have comments on them:
ucast eth1 184.108.40.206 # The Private IP address of your SLAVE slice.
As this is the ha.cf on the Master Slice it references the private IP of the Slave Slice. In other words, it is telling the Master Slice where the Slave Slice is.
The other two lines to note are these:
node master # The hostname of your MASTER Slice. node slave # The hostname of your SLAVE slice.
These must be set to the exact hostname of each of the two Slices.
If you are not sure of the hostnames, you can find out by entering this command:
on my demoslice.com Slice the answer would be:
Restart the service:
sudo /etc/init.d/heartbeat restart
SLAVE Slice ha.cf
The third file (the ha.cf file) needs to be created on the Slave Slice. It is similar but has some differences that are worth noting.
Let's open the file on the Slave Slice:
sudo nano /etc/heartbeat/ha.cf
The contents will need to be:
logfacility daemon keepalive 2 deadtime 15 warntime 5 initdead 120 udpport 694 ucast eth1 220.127.116.11 # The Private IP address of your MASTER slice. auto_failback on node master # The hostname of your MASTER Slice. node slave # The hostname of your SLAVE Slice. respawn hacluster /usr/lib/heartbeat/ipfail use_logd yes
Hmmm, that looks familiar...
In fact, they are the same EXCEPT for this line:
ucast eth1 18.104.22.168 # The Private IP address of your MASTER slice.
Note it is the opposite to the Master Slice configuration. This time, as we are working on the Slave Slice, we need to reference the Master Slice's private IP address.
Once done, save the file and restart Heartbeat on the Slave Slice:
sudo /etc/init.d/heartbeat restart
Is that it?
Yup. Sure, we spent a bit of time in this article going through the settings in the configuration files, but it is as simple as that.
Let's have a little test of the system.
Start off with both Slices running and ping the main IP (the IP we have set to be the failover) on the Master Slice:
ping -c2 22.214.171.1240
The '-c2' option simply tells ping to 'ping' twice. You will get a standard reply.
For example, if I were to ping the demo Slice I would get this response (remember I am in the UK):
ping -c2 126.96.36.199 PING 188.8.131.52 (184.108.40.206): 56 data bytes 64 bytes from 220.127.116.11: icmp_seq=0 ttl=49 time=122.765 ms 64 bytes from 18.104.22.168: icmp_seq=1 ttl=49 time=122.863 ms --- 22.214.171.124 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 122.765/122.814/122.863/0.049 ms
So my Slice is up and responding to pings.
Now shutdown the Master Slice:
sudo shutdown -h now
Without the failover IP, there would be no response from the ping request as the Slice is down.
However, assuming you have installed Heartbeat you will notice that the IP is still responding to pings (because the Slave Slice noticed the Master was down and simply took over the role of serving that IP address).
A simple, yet effective demonstration of the IP failover in action.
Installing Heartbeat on both Master and Slave Slices is very easy. Configuration files are also very easy to create. Just be careful to ensure you use the correct IPs and hostnames as shown in the examples above.
The facility to offer HA sites using failover IPs is a great boost to busy and vital websites.