download http://www.winton.org.uk/zebedee/download.html

server side :

zebedee -s -u # udp mode

zebedee -s # tcp mode

zebedee -s -d -v 5 # d=detach v=verbose

client side :

zebedee 8080:server-ip:80  # listen 8080 forward to server-ip:80

zebedee -u 5353:server-ip:53 -z 0 -k 0 -d -v 5 # z=compress k=encrypt d=detach v=verbose

iptables -t nat -A OUTPUT -p udp -d server-ip –dport 53 -j REDIRECT –to-ports 5353

stunnel

cd /etc/stunnel

openssl req -new -x509 -days 3650 -nodes -out stunnel.pem -keyout stunnel.pem

vi test.conf

cert=/etc/stunnel/stunnel.pem

debug=7

foreground=yes

[test]

accept=2525

connect=25

DÀNH CHO CON NHẢ NGHÈO

VIRTUAL SERVER IS SLACKWARE

I. Mô hình:

Mô hình HEART BEAT

II. BONDING

 Bonding is the same as port trunking. allows you to create multi-gigabit pipes to transport traffic through the highest traffic areas  of your network. Linux bond or team multiple network interfaces (NIC) into single interface

You can use it wherever you need redundant links, fault tolerance or load balancing networks. It is the best way to have a high availability network segment. A very useful way to use bonding is to use it in connection with 802.1q VLAN support

 

 

 

 

 

è  Redundancy trên connection

 

/usr/src/linux/Documentation/networking

gcc -Wall -O -I/usr/src/linux/include ifenslave.c -o ifenslave

cp ifenslave /sbin/ifenslave

vi rc.bond

#!/bin/sh

#

        case “$1″ in

          ’start’)

            echo “start bond0″

            #modprobe bonding mode=balance-alb miimon=100

            modprobe bonding mode=balance-rr miimon=100

            modprobe tg3

            ifconfig bond0 up

            ifenslave bond0 eth0

            ifenslave bond0 eth1

            #TODO need to be changed

            ifconfig bond0 hw ether 00:16:3e:aa:aa:aa

          ;;

          ’stop’)

            ifconfig bond0 down

            rmmod bonding

            rmmod tg3

          ;;

          *)

            echo “Usage: $0 {start|stop}”

          ;;

        esac

vi rc.M

before ““#Initialize the networking hardware””

# If script rc.bond is executeable then start it

if [ -x /etc/rc.d/rc.bond ]; then

  . /etc/rc.d/rc.bond start

fi

 

vi rc.inet1.conf

 

And add these lines to it before the default gateway gets assigned:

IFNAME[4]=”bond0″

IPADDR[4]=”XXX.XX.XX.XX”

NETMASK[4]=”255.255.255.0″

USE_DHCP[4]=”"

DHCP_HOSTNAME[4]=”"

 

cat /proc/net/bonding/bond0

III.  DRBD:

Mục đích Mirror 2 Virtual Disk của 2 Virtual Server trên 2 Physical server qua NIC.

Mô hình họat động của DRDB

KERNEL 2.6

 

Device Drivers,Connector - unified userspace <-> kernelspace linker

 

modprobe cn

 

download http://oss.linbit.com/drbd/

 

make; make install

 

/etc/drbd.conf

 

syncer {

    rate 10M;

}

 

cram-hmac-alg €œsha1€;

shared-secret “shared-string”;

 

on drbd-one {

device /dev/drbd0;

disk /dev/hdd1;

address 192.168.0.240:8888;

meta-disk internal;

}

 

on drbd-two {

 

device /dev/drbd0;

disk /dev/hdd1;

address 192.168.0.241:8888;

meta-disk internal;

}

STEP BY STEP CONFIGURE

 

 

1.  Before starting the primary node, you should create the metadata for the devices:

root-shell> drbdadm create-md all

 

root-shell> /etc/init.d/drbd start

 

root-shell> drbdadm — –overwrite-data-of-peer primary all

 

root-shell> mkfs.ext3 /dev/drbd0

 

root-shell> mount /dev/drbd0 /mnt/drbd

 

 

 

 

1.  To set up a secondary node:

 

        A. Copy the /etc/drbd.conf file from your primary node to your secondary node.

B.  root-shell> drbdadm create-md all

C. root-shell> /etc/init.d/drbd start

 

 

 

Command test việc vận hành mirror các virtual HDD

cat /proc/drbd à /*(Kiểm tra tình trạng kết nối của 2 HDD virtuak trên 2 virtual server)*/

 

root-shell> drbdadm primary all

 

root-shell> drbdadm secondary all

 

root-shell> drbdadm disconnect all

 

root-shell> drbdadm connect all

 

//if split brain - run this on failed node

 

drbdadm – –discard-my-data connect all

 

//and do connect on order side

 

 

IV.         High Availability (HeartBeat)

 

 

Heartbeat is a daemon that provides cluster infrastructure (communication and membership) services to its clients. This allows clients to know about the presence (or disappearance!) of peer processes on other machines and to easily exchange messages with them

Architect Heart Beat

Clip for Newbie

 

download http://www.slackware.com/~alien/slackbuilds/libnet/pkg/11.0/libnet-1.1.2.1-i486-1.tgz

 

download http://hg.linux-ha.org/lha-2.1/archive/STABLE-2.1.4.tar.bz2

 

tar -jxvf heartbeat.tar.bz2

 

./ConfigureMe configure

 

make; make install

//Edit file ha.cf

vi ha.cf

logfacility local0

keepalive 500ms

deadtime 10

warntime 5

initdead 30

mcast bond0 225.0.0.1 694 2 0

auto_failback off

node drdb-one

node drdb-two

ping 10.10.50.254 10.10.50.50

respawn hacluster /usr/lib/heartbeat/ipfail

apiauth ipfail gid=haclient uid=hacluster

deadping 5

//Edit haresources

vi haresources

drdb-two drbddisk Filesystem::/dev/drbd0::/raid1::ext3 mysql 10.10.50.28

vi resource.d/mysql.resource

#!/bin/bash

#

# This script is inteded to be used as resource script by heartbeat

#

# Mar 2006 by Monty Taylor

#

###

. /etc/ha.d/shellfuncs

case "$1" in

    start)

        res=`/etc/init.d/mysql start`

        ret=$?

        ha_log $res

        exit $ret

        ;;

    stop)

        res=`/etc/init.d/mysql stop`

        ret=$?

        ha_log $res

        exit $ret

        ;;

    status)

        if [ `ps -ef | grep '[m]ysqld'` ] ; then

           echo "running"

        else

           echo "stopped"

        fi

        ;;

    *)

        echo "Usage: mysql {start|stop|status}"

        exit 1

        ;;

esac

exit 0