1 Load Balancing/High Availability Configuration for neoninsight Server Introduction: This document provides details on the configuration and the components used for a two node load balancing system with the neoninsight server. This white paper provides a workable solution to customers who want to deploy a fault-tolerant system with load-balancing at minimal cost and complexity. Below are the steps to create the configuration. Software used: Debian (Etch and Lenny distributions) GNU/Linux: balance (http://www.inlab.de/balance.html): available in Debian Lenny distribution package Balance is a load balancing solution; it is a simple but powerful generic TCP proxy with round robin load balancing and failover mechanisms. nfs-kernel-server nfs-common neoninsight : Definitions: The neon A server is running Debian Lenny, neoninsight Server, and the balance software. All mail request activity is routed to this server. The neoninsight Server installation is only for the convenience of LDAP installation and maintenance. All other processes of neoninsight Server are not needed and should be stopped. This scenario could be further simplified by installing a standalone LDAP server and importing the data from a running neoninsight Server. For the purpose of this document, this server also is simulating a SAN or some other network attached storage by exporting an NFS share to the other servers. The use of the nfs-kernel-server package is encouraged over the nfs-user-server. The neon B1 and neon B2 servers are running either Debian Etch or Lenny and neoninsight Server. As traffic passes through neon A, it is forwarded ( proxy) onto neon B1 and neon B2. neon B1 and neon B2 are configured to use a remote LDAP server and remote storage for mail. 4/3/2009 1
2 Figure 1 Load Balanced Network with HA Failover Considerations: When configuring NFS, it is important to have lockd and statd running. Installing the nfs-kernelserver provides the lockd and statd services. To verify that lockd is running, type the following command: ps ax grep lockd <enter> 11133? S 0:00 [lockd] This output shows that lockd is running. To verify that statd is running, type the following command: ps ax grep rpc <enter> 11451? Ss 0:00 /sbin/rpc.statd This output shows that statd is running. The nfs-common package also provides these processes. Make sure that Neon A, neon B1, and neon B2 are running both lockd and statd. Without them, neoninsight Server will not be able to obtain a proper lock on the shared mail storage files. balance is available as a Debian package in the Lenny or Sid distributions but not in Etch. It is also available in source code form from the 'balance' website (http://www.inlab.de/balance.html). The test environment in this paper is intended to demonstrate how load balancing and failover function. It is not intended to be a Best Practices configuration. In this example, there are three single failure points (OpenLDAP, Balance, and the NFS store). In a real-world environment, redundancy is necessary for each of these points. It is also worth noting that each networked environment is unique. It is not be possible to address every kind of failover scenario in this article. 4/3/2009 2
3 Configuration: neon B1 and neon B2 1. Install neoninsight server on neon B1 and neon B2. 2. Enter the neoninsight change root shell by typing: neoninsight shell <enter> 3. The user ID (UID) and group ID (GID) of the neon user (system user created during the neoninsight server installation process) will be needed when configuring neon A. Enter the following command to display the UID and group ID (GID) of the neon user. id neon <enter> Results should resemble the following: uid=102(neon) gid=104(neon) groups=104(neon) neon A NOTE: Make note of the UID and GID for use in the next section. 1. Install neoninsight server on neon A. 2. Log into neon A and configure some neoninsight user accounts for testing. 3. Stop neon, ejabberd, apache2, amavis, clamav, spamassassin, and all other neoninsight server services except LDAP. a. To stop the individual services, follow the below steps: i. Log into the neoninsight shell neoninsight shell <enter> ii. Change directories to the /etc/init.d directory: cd /etc/init.d <enter> iii. Run the list command to see a list of all the services running under init.d: ls <enter> iv. Among the services listed is apache2. To stop the apache2 service (or any of the neon services), type the following command: /etc/init.d/apache2 stop <enter> v. Repeat step iv for each service that is to be stopped. The only neoninsight service that needs to continue running is slapd. 4. Configure the NFS server on neon A. Allow neon B1 and neon B2 to access the share as in this example: (Using vi or the text editor of your choice) vi /etc/exports: /mnt/exports (rw) (rw) 5. Create a user named neon (system user) on the NFS server (neon A). Make sure that the UID is the same as the neon user account on the neon B1 and neon B2 servers. NOTE: In this example, neon A is serving multiple roles. One of those roles is as an NFS server. The neon user account is configured on neon A for the purpose of granting write access from neon B1 and neon B2 to the shared storage. 6. Create a group named neon (system group) on the NFS server (neon A). Make sure that the GID is the same as the neon group on the neon B1 and neon B2 servers. 4/3/2009 3
4 NFS 1. Mount the NFS share on neon B1 and neon B2 under the neoninsight Server change root. Test read and write access as the neon user account created in step 5 of the previous section. (Configuration neon A) On the server command line type: # neoninsight shell <enter> # mkdir /mnt/neon <enter> # chown neon.neon /mnt/neon <enter> # mount -t nfs neona.example.net:/mnt/exports /mnt/neon <enter> # su neon -s /bin/bash <enter> $ touch /mnt/neon/testfile <enter> $ ls -l /mnt/neon/ <enter> If you can create the testfile as shown above and see it in the directory listing, the NFS read and write access is working. 2. Create an entry in /opt/neoninsight/etc/fstab for the NFS mount on neon B1 and neon B2. Example: neona.example.net:/mnt/exports /mnt/neon nfs rw,user,auto Stop neoninsight Server on neon B1 and neon B2 by issuing the following command on each server: neoninsight stop <enter> 4. While in the neoninsight Server changeroot (neoninsight shell) on neon B1, copy the following directories to the NFS share: # cp -a /etc/neon /mnt/neon/ <enter> # cp -a /var/neon/storage /mnt/neon/ <enter> # cp -a /var/neon/local-mb /mnt/neon/ <enter> 5. Move /etc/neon to /etc/neon_local and replace it with a symbolic link to the copy on the NFS share with the following commands: # mv /etc/neon /etc/neon local <enter> # ln -s /mnt/neon/neon /etc/neon <enter> 6. Repeat steps 4 and 5 on neon B2. 7. Edit neonconfig.xml on the NFS share (neon A) from either neon B1 or neon B2: # vi /mnt/neon/neon/neonconfig.xml <enter> Make the following changes to the file: Locate this line: <define name="ldapserver" value="localhost"/> Replace "localhost" with the IP address or hostname of neon A (where the LDAP service is running). Replace all instances of "file:///var/neon/local-mb" with "file:///mnt/neon/local-mb". This change directs neoninsight server on neon B1 and neon B2 to use the NFS copy of localmb instead of the local copy. 4/3/2009 4
5 Replace all instances of "/var/neon/storage/" with "/mnt/neon/storage/". This directs neoninsight Server on neon B1 and neon B2 to use the NFS copy of storage instead of the local copy. Save the file. 8. Edit /var/www/config/conf.php on neon B1 and neon B2 and locate the following line: $conf['insight'][ldap']['server'] = 'localhost'; Change 'localhost' above to the hostname or IP address of neon A (where the LDAP service is running). 9. Start neoninsight Server on neon B1 and neon B2. neoninsight start <enter> Log into the web admin service on neon B1 and neon B2 and view the users that were added to the LDAP on neon A in step 2 (under Configuration neon A). 10. Send a test message to a local user and verify that the incoming message is visible on both neon B1 and neon B2. If an error occurs, check /var/neon/log/logneon.log for error messages and check the write permissions of the NFS share directories. Make sure that 'rpc.statd' and 'lockd' are running on all three servers. Install Balance 1. Install balance on neon A using the apt-get command: apt-get install balance <enter> 2. Start balance on neon A to test the SMTP service: # balance -f smtp neonb1 neonb2 Testing 1. Watch the neoninsight Server logs on both neon B1 and neon B2 using the command, tail: # tail -f /var/neon/log/logneon.log 2. Test sending an . You can use the WebClient or use the command line via telnet. To test via the command line with telnet, follow these steps: # telnet neona 25 Trying Connected to Escape character is '^]'. 220 Neon ESMTP Server at etch.bynari.net SMTP Server at etch.bynari.net HELO 250 neona.example.net MAIL FROM: 250 OK RCPT TO: 250 user11 OK 4/3/2009 5
6 DATA 354 Start mail input, end with <CRLF>.<CRLF> From: Test User To: User 11 Subject: Just a test. This is a test message. 250 OK queued for delivery, 332 bytes ^] telnet> 3. Observe the logs on neon B1 and neon B2. One of them should show that it has received and stored the test message. Repeat the test and observe the logs again. This time the other server should show activity as balance alternates between the two servers. 4. Write a script to start balance covering SMTP, IMAP, WWW, and others and deploy it on neon A: balance smtp neonb1 neonb2 balance imap neonb1 neonb2 balance www neonb1 % neonb2 Note: The '%' is used as a separator for client requests. Rather than a simple round-robin algorithm, a hash distribution based on the client IP address, is used to determine which server gets the request. This feature ensures that client http sessions always route to the correct server. With all those steps complete, any IMAP, SMTP, or WWW requests to neon A will be distributed by balance between neon B1 and neon B2. Any LDAP changes on either machine will be instantly available on the other machine as will as any incoming mail or IMAP operations. Failure of a service on neon B1 or neon B2 will go unnoticed by the client/users except in the case of WWW. If WWW fails, the users will be asked to log in again, and a new HTTP session will be created. 4/3/2009 6
Barracuda Load Balancer Administrator s Guide Version 2.3 Barracuda Networks Inc. 3175 S. Winchester Blvd. Campbell, CA 95008 http://www.barracuda.com Copyright Notice Copyright 2004-2008, Barracuda Networks
Scalable Linux Clusters with LVS Considerations and Implementation, Part II Eric Searcy Tag1 Consulting, Inc. firstname.lastname@example.org May 2008 Abstract Whether you are perusing mailing lists or reading
FileMaker Server 13 FileMaker Server Help 2010-2013 FileMaker, Inc. All Rights Reserved. FileMaker, Inc. 5201 Patrick Henry Drive Santa Clara, California 95054 FileMaker and Bento are trademarks of FileMaker,
Pertino HA Cluster Deployment: Enabling a Multi- Tier Web Application Using Amazon EC2 and Google CE A Pertino Deployment Guide 1 Table of Contents Abstract... 2 Introduction... 3 Before you get Started...
Linux Virtual Server Administration 5.0 Linux Virtual Server (LVS) for Red Hat Enterprise Linux 5.0 ISBN: N/A Publication date: Linux Virtual Server Administration Building a Linux Virtual Server (LVS)
NEFSIS TRAINING SERIES Nefsis Dedicated Server version 5.2.0.XXX (DRAFT Document) Requirements and Implementation Guide (Rev5-113009) REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER Nefsis
bbc Configuring LiveCycle Application Server Clusters Using WebSphere 6.0 Adobe LiveCycle June 2007 Version 7.2 2007 Adobe Systems Incorporated. All rights reserved. Adobe LiveCycle 7.2 Configuring LiveCycle
Ser vi cepr ovi deredi t i on Cl i entusergui de Introduction What is StoreGrid? Very simply, Vembu StoreGrid is an extremely versatile Backup Software that works with your Existing Hardware! StoreGrid
FUNAMBOL Installing and Configuring a DS Server Legal Information Contents copyright 2007 Funambol, Inc. All rights reserved. The information contained in this publication is subject to US and international
Getting Started Guide Cloud Server powered by Mac OS X Getting Started Guide Page 1 Getting Started Guide: Cloud Server powered by Mac OS X Version 1.0 (02.16.10) Copyright 2010 GoDaddy.com Software, Inc.
Web Application Hosting Cloud Architecture Executive Overview This paper describes vendor neutral best practices for hosting web applications using cloud computing. The architectural elements described
Red Hat Enterprise Linux 6 Load Balancer Administration Load Balancer Add-on for Red Hat Enterprise Linux Load Balancer Administration Red Hat Enterprise Linux 6 Load Balancer Administration Load Balancer
IceWarp Unified Communications VoIP Service Reference Version 10.4 Printed on 13 April, 2012 Contents VoIP Service 1 Introduction... 1 The Big Picture... 4 Reference... 5 General... 5 Dial Plan... 7 Dial
Appliance Administration Manual v6.21 This document covers all required administration information for Loadbalancer.org appliances Copyright 2014 Loadbalancer.org, Inc. Table of Contents Section A Introduction...7
Best Practices for Deploying and Managing Linux with Red Hat Network Abstract This technical whitepaper provides a best practices overview for companies deploying and managing their open source environment
M86 MailMarshal Exchange USER GUIDE Software Version: 7.1 M86 MAILMARSHAL EXCHANGE USER GUIDE 2011 M86 Security All rights reserved. Published November 2011 for software release 7.1 No part of this Documentation
Basic System Administration ESX Server 3.0 and VirtualCenter 2.0 Basic System Administration Revision: 20090213 Item: VI-ENG-Q206-219 You can find the most up-to-date technical documentation at: http://www.vmware.com/support/pubs
4. Client-Level Administration Introduction to Client Usage The Client Home Page Overview Managing Your Client Account o Editing Your Client Record View Account Status Report Domain Administration Page
Parallels Cloud Server 6.0 Installation Guide November 11, 2014 Copyright 1999-2014 Parallels IP Holdings GmbH and its affiliates. All rights reserved. Parallels IP Holdings GmbH Vordergasse 59 8200 Schaffhausen
Red Hat Cluster Suite Overview Red Hat Cluster Suite for Red Hat Enterprise Linux 5.2 Cluster_Suite_Overview ISBN: N/A Publication date: May 2008 Red Hat Cluster Suite Overview Red Hat Cluster Suite Overview
HP Open Source Middleware Stacks Blueprint: Database Server on HP Server Platforms with MySQL and SUSE Linux Enterprise Server Version 10 HP Part Number: 5991 7432 Published: August 2007 Edition: 2.0 Copyright
InterWorx Clustering Guide by InterWorx LLC Contents 1 What Is Clustering? 3 1.1 What Does Clustering Do? What Doesn t It Do?............................ 3 1.2 Why Cluster?...............................................
Iomega EZ Media and Backup Center User Guide Table of Contents Setting up Your Device... 1 Setup Overview... 1 Set up My Iomega StorCenter If It's Not Discovered... 2 Discovering with Iomega Storage Manager...