I know there is probably a million answers but being new to ha and drbd
I was hoping to get a little "Best Practices" feedback.
------------INTERNET-----------
| |
FIREWALL DMZ-FIREWALL
| |
LAN SWITCH DMZ SWITCH
| /\
/-------eth0-------\ / \
node1-------Serial-------node2 / \
\ \--eth1/crossover--/ / HTTP MTA
\ / | |
\--------eth2-------/ | |
\ | |
\------------------- PRIVATE SWITCH
Here's what I'm thinking. Heartbeat 2.0.8 and DRBD 8.0.6 with crm off.
Active/Passive MySQL on drbd (node1/node2) [cluster also has other
services for the LAN] located on a LAN for local access but connected on
a private network to a DMZ web/mta server so it has access to the same
data for web applications. (MySQL isolated from the Internet.) I'm
using a ping node on the LAN and PRIVATE network so Heartbeat(HA) can
rollover if the cluster has networking problems. I was wondering if I
could use eth2 for the drbd data link or if it's just best/easiest for
the drbd data link to be a crossover cable and keep eth2 for the private
LAN traffic. I've tried setting up my test system with just 2 nics each
but ipfail doesn't have the desired effect. Maybe someone knows why.
If just the drbd/PRIVATE net (eth2) dies on node1 (assuming a model
without a eth1), dopd outdates the secondary on node2 (as it's suppose
to to prevent split brain) but heartbeat can't bring up the the node
with 2 working nic's and take down the node with a defective nic (eth2)
so node1 stays active but only the LAN side can see it because eth2 is
broken.
I've drawn it with eth1 as a crossover because I'm gathering from what
I've read that it's the best way to achieve what I want. Perhaps there
is a way with crm and pingd but XML makes me cross-eyed and I'd rather
not get that complicated.
Any thoughts or insights on the subject would be greatly appreciated.
Rois
_______________________________________________
Linux-HA mailing list
[email protected]
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems
