Monthly Archives: February 2008

Feb 19 2008

High Availability (heartbeat)

Sesuai dengan request ini tak tulisken piye cara-carane konfigurasi High Availability dengan “heartbeat”.
Sesuai request juga dikataken bahwa heartbeat sudah terinstall dengan menggunakan keluarga debian dan konfigurasi fisik sudah kayak gini :

High Availability

Contoh berikut ini yang ingin di fail over adalah service apache.
Jadi kalo web1 mati otomatis akan ditake over oleh web2

Keterangan :

web1 : nama host mesin pertama
web2 : nama host mesin kedua

Berikut ini daftar konfigurasi yang diperlukan :
• Konfigurasi web1
/etc/hosts
127.0.0.1 localhost
202.xxx.xxx.18 web1 web1.domainapasaja.com
202.xxx.xxx.19 web2 web2.domainapasaja.com
202.xxx.xxx.20 www http://www.domainapasaja.com domainapasaja.com

/etc/hostname
web1

/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
auto eth0:0
iface eth0:0 inet static
address 202.xxx.xxx.20
netmask 255.xxx.xxx.248
# The primary network interface
auto eth0
iface eth0 inet static
address 202.xxx.xxx.18
netmask 255.xxx.xxx.248
network 202.xxx.xxx.16
broadcast 202.xxx.xxx.23
gateway 202.xxx.xxx.17
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 202.xxx.xxx.10 202.xxx.xxx.20
dns-search domainapasaja.com
auto eth1
iface eth1 inet static
address 192.168.1.1
netmask 255.255.255.0

• Konfigurasi web2
Setting Up the Primary Server (web2) :
/etc/hosts
127.0.0.1 localhost
202.xxx.xxx.18 web1 web1.domainapasaja.com
202.xxx.xxx.19 web2 web2.domainapasaja.com
202.xxx.xxx.20 www http://www.domainapasaja.com domainapasaja.com

/etc/hostname
web2

/etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 202.xxx.xxx.19
netmask 255.255.255.248
network 202.xxx.xxx.16
broadcast 202.xxx.xxx.23
gateway 202.xxx.xxx.17
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 202.xxx.xxx.10 202.xxx.xxx.20
dns-search domainapasaja.com
auto eth1
iface eth1 inet static
address 192.168.1.2
netmask 255.255.255.0

/etc/ha.d/ha.cf
# Time between heartbeats in seconds
keepalive 1
# Node is pronounced dead after 15 seconds
deadtime 5
# Prevents the master node from re-acquiring cluster resources after a failover
auto_failback on
# Device for serial heartbeat
serial /dev/ttyS0
# Speed at which to run the serial line (bps)
baud 19200
# Port for udp (default)
udpport 694
# Use a udp heartbeat over the eth0 interface
udp eth1
debugfile /var/log/ha/ha.debug
logfile /var/log/ha/ha.log
# First node of the cluster (must be uname -a)
node web1
# Second node of the cluster (must be uname -a)
node web2

/etc/ha.d/authkeys
auth 1
1 crc
2 sha1 HI!
3 md5 Hello!

/etc/ha.d/haresources
web1 IPaddr::202.xxx.xxx.20 apache2

/etc/ha.d/ha.cf
# Time between heartbeats in seconds
keepalive 1
# Node is pronounced dead after 15 seconds
deadtime 5
# Prevents the master node from re-acquiring cluster resources after a failover
auto_failback on
# Device for serial heartbeat
serial /dev/ttyS0
# Speed at which to run the serial line (bps)
baud 19200
# Port for udp (default)
udpport 694
# Use a udp heartbeat over the eth0 interface
udp eth1
debugfile /var/log/ha/ha.debug
logfile /var/log/ha/ha.log
# First node of the cluster (must be uname -a)
node web1
# Second node of the cluster (must be uname -a)
node web2

/etc/ha.d/authkeys
auth 1
1 crc
2 sha1 HI!
3 md5 Hello!

/etc/ha.d/haresources
web2 IPaddr::202.xxx.xxx.20 apache2

Feb 8 2008

*BSD mode on

Kembali kepada tuntutan, kali ini tuntutan jatuh kepada harus menggunakan OpenBSD, karena si admin lain mengharuskan pake OpenBSD, wah gimana neh… belum pernah ngulik OpenBSD euy….

Halah… musti nyobain neh, kalo ga dicoba gimana mau jatuh hati.

  root on rd0a swap on rd0b dump on rd0b
  erase ^?, werase ^W, kill ^U, intr ^C, status ^T
  (I)nstall, (U)pgrade or (S)hell? i
  Welcome to the OpenBSD/i386 4.2 install program.

  This program will help you install OpenBSD. At any prompt except password
  prompts you can escape to a shell by typing '!'. Default answers are shown
  in []'s and are selected by pressing RETURN.  At any time you can exit this
  program by pressing Control-C, but exiting during an install can leave your
  system in an inconsistent state.

  Terminal type: [vt220] Enter
  kbd(8) mapping? ('L' for list) [none] Enter
Feb 6 2008

Port forward (iptables)

Ini contoh port forward pake iptables

contoh :

xxx.xxx.xxx.xxx IP address gateway server koneksi ke internet

192.168.1.2 ,  IP address internal machine.

Misal kita ingin web server ( httpd ) yang ada di 192.168.1.2 port 80 agar dapat dibuka dari internet maka kita dapat melakukan forward port 80 yang ada di xxx.xxx.xxx.xxx  ke 192.168.0.2  port 80.

Source: xxx.xxx.xxx.xxx:80 — forwarded ke -> 192.168.1.2:80

bisa juga dari sembarang port  contoh :

Source: xxx.xxx.xxx.xxx:8888 — forwarded ke -> 192.168.1.2:80

Ini contoh penerapannya di iptables :

/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d xxx.xxx.xxx.xxx
		 --dport 8888 -j DNAT --to 192.168.1.2:80
/sbin/iptables -A FORWARD -p tcp -i eth0 -d 192.168.1.2 --dport 80 -j ACCEPT
By yans008 Posted in Uncategorized
2