Link Search Menu Expand Document

date: 2014-08-29

WAF Conversion to cluster

Please bear in mind that # is the cli prompt and do not include —bof— and —eof— in your configs.

clone off vm and set network to disconnected, then start.

change the hostname with x being the node number

# nano /etc/hostname


add under ‘  localhost’

# nano /etc/hosts



# nano /etc/network/interfaces

update the IP.

reboot node, then check settings like IP etc.

enable and connect virtual nic.

at this point it is better to ssh onto the box rather than use vmware console.

nano /etc/apache2/mod-enabled/status.conf

find the line ‘#  allow from’ and change to ‘ allow from’

# apt-get install heartbeat pacemaker wget

# nano /etc/cron.daily/clean-archived-logs

-– bof —–


cd /var/log

rm *.gz

-–eof —–

# chmod 777 /etc/cron.daily/clean-archived-logs

# nano /etc/ha.d/

-– bof —–

#debugfile             /var/log/ha-debug

logfile                     /var/log/ha-log

logfacility              local0

keepalive               2

deadtime               30

warntime               10

initdead 120

udpport                  694

# IP address of the other node (change it in every node)

ucast                      eth1

#Tell what nodes are in the cluster, must match uname -n


#Enable pacemaker

crm respawn

-— eof —–

# nano /etc/ha.d/authkeys


auth 1

1 crc

-–eof —-

# chmod 600 /etc/ha.d/authkeys

# service heartbeat restart

only need to run crm commands on a single node once cluster has had time to communicate, check with 

# crm status

# crm configure property stonith-enabled=false

# crm configure property expected-quorum-votes=”2”

# crm configure property no-quorum-policy=ignore

Adding our virtual IP’s here

# crm configure primitive VIP61-www-site1-co-uk ocf:IPaddr2 params ip= cidr_netmask=32 nic=eth0 op monitor interval=15s

# crm configure primitive VIP59-wildcard-site2-co-uk ocf:IPaddr2 params ip= cidr_netmask=32 nic=eth0 op monitor interval=15s

# crm configure primitive VIP58-www-site3-co-uk ocf:IPaddr2 params ip= cidr_netmask=32 nic=eth0 op monitor interval=15s

Adding our service

# crm configure primitive SRV-apache-rproxy-dotDefender lsb::apache2 op monitor interval=15s

Binding our VIP to the Service

# crm configure colocation SRV-apache-rproxy-dotDefender-VIP61 INFINITY: VIP61-www-site1-co-uk SRV-apache-rproxy-dotDefender

# crm configure colocation SRV-apache-rproxy-dotDefender-VIP59 INFINITY: VIP59-wildcard-site2-co-uk SRV-apache-rproxy-dotDefender

# crm configure colocation SRV-apache-rproxy-dotDefender-VIP58 INFINITY: VIP58-www-site3-co-uk SRV-apache-rproxy-dotDefender

Configure service startup order, ensure VIP’s are started first

# crm configure order ip-apache mandatory: VIP58-www-site3-co-uk VIP59-wildcard-site2-co-uk VIP61-www-site1-co-uk SRV-apache-rproxy-dotDefender

setup subversion

# apt-get install subversion

Somescript i wrote using svn, to get stuff into svn run # svn import –username Some.Admin sourceDir  DestinationServer

you then need to checkout the folder before you can commit changes.



svn co –username Some.Admin –force https://vm-svn.somecompany.local/svn/Infrastructure/0WebApplicationFirewall/apache2/@head /etc/apache2/



svn commit /etc/apache2/