hey guys, we have some servers in datacenter#1: ns1, ns2, web1(mail/sql). we also have ns3 and web2 outside this web.
how can we make this working?
ok, we can copy the data by cron, no problem.
but can i give ns3 another ip for an a record?
what`s your solution?
greets, sebastian
Hi,
we have some servers in datacenter#1: ns1, ns2, web1(mail/sql). we also have ns3 and web2 outside this web.
how can we make this working?
ok, we can copy the data by cron, no problem.
Not a problem for static content, but in case of webmail and a database, its not that easy anymore. Assuming, I read my email during failover to the other datacenter, the cronjob has to know, that the master of the storage resides in the backup datacenter.
but can i give ns3 another ip for an a record?
I would personally define ns1 as master and ns2/ns3 as slaves. ns2/ns3 are the A records for the various domains, but you only edit your zonefiles on ns1.
kind regards
Robert
hi sebastian
ns1 = master ns2/3 = slaves (which are public to the customers)
sql stuff are solved by master-master replication setups (quite easy for mysql), web can be solved by using rsync or other stuff (dont use NFS ,-))
-steven
-----Original Message----- From: swinog-bounces@lists.swinog.ch [mailto:swinog-bounces@lists.swinog.ch] On Behalf Of . . Sent: Tuesday, August 04, 2009 4:12 AM To: swinog@swinog.ch Subject: [swinog] datacenter failover?
hey guys, we have some servers in datacenter#1: ns1, ns2, web1(mail/sql). we also have ns3 and web2 outside this web.
how can we make this working?
ok, we can copy the data by cron, no problem.
but can i give ns3 another ip for an a record?
what`s your solution?
greets, sebastian
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
I perfer to do the "Unison" way. I have some identical sites, that people are uploading web stuff to it. when one server get's updated, they will just keep the files updated
http://www.cis.upenn.edu/~bcpierce/unison/
is deprecated, and will be replaced by harmony, but right now serves it's purpose.
for other stuff I sometimes use either iSCSI (Target=Solaris, love it) with oracleFS on it or I just do DRBD and read and write to a small shared network drive by just "tar" into it ;)
this could be a idea for a talk at the next Swinog meeting, is there an interest? I could present a bit about it...
lg silvan
Am 04.08.2009 um 09:18 schrieb Steven.Glogger@swisscom.com:
hi sebastian
ns1 = master ns2/3 = slaves (which are public to the customers)
sql stuff are solved by master-master replication setups (quite easy for mysql), web can be solved by using rsync or other stuff (dont use NFS ,-))
-steven
Hi, I can publish a small piece of software, named ABcg (for Azylog Bind config generator) which is able to take records from a SQL database and generate the zone files for Bind.
This is intended for internal use but coded with an OSS mind.
We're using it to generate zones for our DNS servers around the Europe with mysql master/master replication.
It handles reverse zones, second level domain names (like something.asso.fr) and SPF records but come with no interface, you'll have to develop your own (ours is far too specific).
At your disposal for a tarball of the whole thing (and a few advices for deployment) but also for feedback and contributions.
* regards from France and frnog *
Julien Escario
Silvan M. Gebhardt a écrit :
I perfer to do the "Unison" way. I have some identical sites, that people are uploading web stuff to it. when one server get's updated, they will just keep the files updated
http://www.cis.upenn.edu/~bcpierce/unison/
is deprecated, and will be replaced by harmony, but right now serves it's purpose.
for other stuff I sometimes use either iSCSI (Target=Solaris, love it) with oracleFS on it or I just do DRBD and read and write to a small shared network drive by just "tar" into it ;)
this could be a idea for a talk at the next Swinog meeting, is there an interest? I could present a bit about it...
lg silvan
Am 04.08.2009 um 09:18 schrieb Steven.Glogger@swisscom.com:
hi sebastian
ns1 = master ns2/3 = slaves (which are public to the customers)
sql stuff are solved by master-master replication setups (quite easy for mysql), web can be solved by using rsync or other stuff (dont use NFS ,-))
-steven
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Hi,
Here is attached the tinydns export script for sauron following an off- list request, with many domains (100's/1000's) this is _MUCH_ faster (never looked exactly) than the built in sauron tinydns export.
Thomas
Yeah, thank you. Pretty big script as I'm really not a python user (Perl is better ... ok, i'm feeding the trolls).
Julien
Thomas Mangin a écrit :
Hi,
Here is attached the tinydns export script for sauron following an off-list request, with many domains (100's/1000's) this is _MUCH_ faster (never looked exactly) than the built in sauron tinydns export.
Thomas
two redundant Layer4 switches with VRRP would help. You can deploy some expensive boxes like Alteon, or try building your own from open source. Actually two Cisco boxes with some tricky NAT would help too.
Basically you need to redirect the requests for a single public IP address into several private IP addresses in your datacenter.
----- Original Message ----
From: . . localhostdevnull@gmail.com To: swinog@swinog.ch Sent: Tuesday, August 4, 2009 4:11:38 AM Subject: [swinog] datacenter failover?
hey guys, we have some servers in datacenter#1: ns1, ns2, web1(mail/sql). we also have ns3 and web2 outside this web.
how can we make this working?
ok, we can copy the data by cron, no problem.
but can i give ns3 another ip for an a record?
what`s your solution?
greets, sebastian
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
can be done at nearly no cost with two ALIX boards (depends on the load but often is enough) that are kept redundant with CARP on an interface, and then just do failover/loadbalancing with PFsense installed.
an alixboard has 3 interfaces, fits perfect:
1) Carp Sync 2) inside 3) outside
lg silvan
Am 04.08.2009 um 09:24 schrieb Stanislav Sinyagin:
two redundant Layer4 switches with VRRP would help. You can deploy some expensive boxes like Alteon, or try building your own from open source. Actually two Cisco boxes with some tricky NAT would help too.
Basically you need to redirect the requests for a single public IP address into several private IP addresses in your datacenter.
----- Original Message ----
From: . . localhostdevnull@gmail.com To: swinog@swinog.ch Sent: Tuesday, August 4, 2009 4:11:38 AM Subject: [swinog] datacenter failover?
hey guys, we have some servers in datacenter#1: ns1, ns2, web1(mail/sql). we also have ns3 and web2 outside this web.
how can we make this working?
ok, we can copy the data by cron, no problem.
but can i give ns3 another ip for an a record?
what`s your solution?
greets, sebastian
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
----- Original Message ----
From: Per Jessen per.jessen@enidan.ch
Stanislav Sinyagin wrote:
Basically you need to redirect the requests for a single public IP address into several private IP addresses in your datacenter.
One acronym: LVS.
yep, that is. I'm just not familiar with all those acronyms :)
Hi,
TLA are your friends :)
When it comes to DNS having a hidden master and then public slave to serve your zone is common, or you can have your zone in a DB an push the update on change. You may want to have a look at which DNS you want to use : Bind, NSD, PowerDNS, MaraDNS, djbdns .. one may be better than the other for your setup. There is as well plenty of tools to keep you DNS data in SQL. I really liked NameSurfer[1] when I used it (back around 2000) but it was _horribly_ expensive back then. I have used happily Sauron[2] , the interface is not really pretty but it works well.
If the reason for having two DC is not resilience then LVS, or HAProxy[3] (never looked at PFsense) are good, I would be tempted to use HAProxy with apache mod_rpaf. It detects dead backend and I think it is simpler to configure, for failover you can as well have a look at spread/wackamole [4]
I would love to see browser use SRV records for web but lost hope so unless you can unicast your network (very unlikely) the second DC is more a pain than anything for web.
For webmail, as long as it uses imap as a backend it should not be an issue. Roundcube[4] for example use a DB for storing attachment and can be load balanced easily.
I will stop here as if we start looking at DB replication or Mail clusters, the mail risk to be very long :D
Thomas
[1] http://www.nixusoftware.com/products_nss.html [2] http://sauron.jyu.fi/ [3] http://haproxy.1wt.eu/ [4] http://www.backhand.org/wackamole/ http://www.google.com/search?q=spread+wackamole
Salut,
On Tue, Aug 04, 2009 at 04:11:38AM +0200, . . wrote:
ok, we can copy the data by cron, no problem.
Synchronize data as it is written. (In whatever way is appropriate; DNS NOTIFY, whatever works for the mails, etc.)
but can i give ns3 another ip for an a record?
what`s your solution?
For services other than DNS, which is totally distributed, use a separate network with an IP for every publically reachable IP. Map this network to the actual IPs of hosts in every datacenter. Use OSPF to direct this network to either datacenter.
Tonnerre
-
. . -
Julien Escario -
Per Jessen -
Robert Meyer -
Silvan M. Gebhardt -
Stanislav Sinyagin -
Steven.Glogger@swisscom.com -
Thomas Mangin -
Tonnerre LOMBARD