== Pound with heartbeat on 64bit CentOS 5 [client] 10.1.1.24 | ------------------------------------------------------------------- | 10.1.1.10 (VIP for web) | | | | | |10.1.1.2(eth0) |10.1.1.3(eth0)       [Pound1] [Pound2] |192.168.2.241(eth1) |192.168.20.109(eth1) | | | 192.168.20.240(VIP of pound gw) | | | | | ---------------------------------------------------------------------------- | | | | | | |192.168.2.236(eth0) | 192.168.2.237(eth0) |192.168.2.238(eth0) [web1] [web2] [web3] == Install heartbeat 2回yumを実行 yum -y install heartbeat yum -y install heartbeat cp /usr/share/doc/heartbeat-2.1.3/ha.cf /etc/ha.d/. cp /usr/share/doc/heartbeat-2.1.3/haresources /etc/ha.d/. cp /usr/share/doc/heartbeat-2.1.3/authkeys /etc/ha.d/. 外側と内側のケーブルが抜けた時を想定し、両インタフェースをucastで監視する。 [# test1] vi /etc/ha.d/ha.cf logfacility local0 ucast eth0 10.1.1.3 #<------- other server's IP ucast eth1 192.168.2.242 #<------- other server's IP auto_failback on node test1.com node test2.com respawn hacluster /usr/lib64/heartbeat/ipfail [# test2] vi /etc/ha.d/ha.cf logfacility local0 ucast eth0 10.1.1.2 #<------- other server's IP ucast eth1 192.168.2.241 #<------- other server's IP auto_failback on node test1.com node test2.com respawn hacluster /usr/lib64/heartbeat/ipfail chmod 600 /etc/ha.d/authkeys vi /etc/ha.d/authkeys auth 2 2 sha1 PASSWORD 以下のtest1.comはプライマリーにするサーバーを設定 vi /etc/ha.d/haresources test1.com IPaddr::10.1.1.1/24/eth0 IPaddr::192.168.2.240/24/eth1 pound == Pound /etc/yum.repos.d/CentOS-Base.repo [dag] name=Dag RPM Repository for Red Hat Enterprise Linux baseurl=http://ftp.riken.jp/Linux/dag/redhat/el$releasever/en/$basearch/dag wget http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt rpm --import RPM-GPG-KEY.dag.txt yum -y install pound vi /etc/pound.cfg User "nobody" Group "nobody" #RootJail "/var/pound/jail" #Alive 60 ListenHTTP Address 10.1.1.10 Port 80 End Service HeadRequire "Host: .*test.com.*" BackEnd Address 192.168.2.236 Port 80 Priority 5 End BackEnd Address 192.168.2.237 Port 80 Priority 5 End BackEnd Address 192.168.2.238 Port 80 Priority 5 End End heartbeatで Poundが起動するので、PoundはOFFにしておく。 # chkconfig --list | grep pound pound 0:off 1:off 2:off 3:off 4:off 5:off 6:off # chkconfig --list | grep heartbeat heartbeat 0:off 1:off 2:on 3:on 4:on 5:on 6:off 以下で起動 /etc/rc.d/init.d/heartbeat start 以下でインタフェースに割り振られたIPを確認 #ip addr show 設定変更後 /etc/rc.d/init.d/pound reload でセッションは切れる。 内側のサーバーからPoundを通してNATで外にいくには以下masueradeの設定必要。 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [53:4708] :OUTPUT ACCEPT [706:49104] -A INPUT -i lo -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A INPUT -p esp -j ACCEPT -A INPUT -p ah -j ACCEPT -A INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -p udp -m udp --dport 631 -j ACCEPT -A INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT *nat :PREROUTING ACCEPT [26:3695] :POSTROUTING ACCEPT [288:17280] :OUTPUT ACCEPT [289:17372] -A POSTROUTING -o eth0 -j MASQUERADE COMMIT