Hi David my setup:
domain name emea.domain.local node1 is named clusternode1.emea.domain.local with a public ip 10.0.0.10 and joined to AD clusternode1.emea.domain.local node2 is named clusternode2.emea.domain.local with a public ip 10.0.0.11 and joined to AD as clusternode2.emea.domain.local shared ip address presented by heartbeat is 10.0.0.12 clusternode1.emea.domain.local is currently hosting the virtual IP Address and has a running smbd server configured with AD integration. -note- Samba is set up so that it listens on the external (LAN) physical interface, Heartbeat starts the virtual IP Address, followed by samba, and as a result samba listens on the virtual ip address, no netbios names presented by the cluster, no automatic DNS registrations on DNS server hosting our emea.domain.local create an A record and associated PTR records for clusternode1.emea.domain.local 10.0.0.10 clusternode1.emea.domain.local 10.0.0.11 fileserver.emea.domain.local 10.0.0.12 Within our environment we present the share via a login script, drive Z is mapped to a share on the Fileserver (\\fileserver.emea.domain.local\sharename) so a XP client tries to connects to the Z drive, a DNS request is sent to the server for fileserver.emea.domain.local and the IP Address that you created above is returned. the client will then try to connect to this IP Address, and since this IP Addresses is a virtual IP address hosted off clusternode1.emea.domain.local the user connects to clusternode1, and shares are returned, Jay 2009/8/4 David Christensen <[email protected]> > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Jason Fitzpatrick wrote: > > Hi David > > > > > > I have the interface set to the physical interface, eth0 = heartbeat > X-over > > eth1 = DRBD X-over Replication eth2 = LAN > > > > so interfaces = eth2 > > > > please find attached a sanitized version of my smb.conf > > > > also my understanding of SRV records is that they are only for finding > > services, and this is not a service, simply a file server, so an A record > > should do the job (it is the only one that I set up and I have had no > > issues) > > > > Jay > > > > 2009/8/4 David Christensen <[email protected]> > > > > Jason Fitzpatrick wrote: > >>>> Hi David.. > >>>> > >>>> Bound was probably not the correct word to use.. > >>>> > >>>> When you modify the samba config to reflect the name of the virtual > >>>> hostname, this is the name that samba uses to join to the domain, and > as > > a > >>>> result when the other node becomes active, using the same hostname but > a > >>>> different ID so the computer account is not valid in AD and a rejoin > is > >>>> necessary. I spend 2 days trying to work around this and did not > succeed. > >>>> > >>>> so i left the samba config on both nodes with the hostname of the > local > >>>> system > >>>> > >>>> smb.conf on node 1: > >>>> node1.domain.local > >>>> > >>>> smb.conf on node 2: > >>>> node2.domain.local > >>>> > >>>> both nodes joined to domain, and are accessable via DNS name from > Windows > >>>> clients > >>>> > >>>> after heartbeat is configured you present an IP Address, and manually > >>>> register this IP Address to a DNS A record within your DNS > environment. > >>>> > >>>> Since heartbeat is only allowing this IP address to be active on one > node > > at > >>>> a time a Windows client will resolve this A record to the virtual IP > > Address > >>>> on the cluster, and the client will connect to the samba instance even > >>>> though it is not configured with the virtual interface details, > (should > > you > >>>> be presenting a banner to samba clients you will see the physical > server > >>>> details when connecting, you should be able to change this should you > > wish) > >>>> > >>>> Hope this makes some form of sense > >>>> > >>>> Jay > >>>> > >>>> 2009/8/2 David Christensen <[email protected]> > >>>> > >>>> Jason Fitzpatrick wrote: > >>>>>>> Hi David.. > >>>>>>> > >>>>>>> please find the doc attached, I believe that the section that is > > relevant > >>>> to > >>>>>>> you is at the very end, > >>>>>>> > >>>>>>> also I have tried a config similar to yours, where i configured for > > the > >>>>>>> virtual interface, and ran into similar problems (after fail over i > > had > >>>> to > >>>>>>> rejoin to the domain each time) so I failed back to samba > configured > > for > >>>> the > >>>>>>> physical interfaces and have users connect via the virtual address, > >>>>>>> > >>>>>>> Let me know how you get on as the doc is still a work in progress > >>>>>>> > >>>>>>> Jay > >>>>>>> > >>>>>>> 2009/7/31 David Christensen <[email protected]> > >>>>>>> > >>>>>>> Jason Fitzpatrick wrote: > >>>>>>>>>> Hi David > >>>>>>>>>> > >>>>>>>>>> I am running a 2 node Heartbeat cluster with Samba and AD > > integration, > >>>>>>> and I > >>>>>>>>>> ran into no end of hastle in getting it to work correctly, so > sat > > down > >>>>>>> and > >>>>>>>>>> went through it step by step and made a work instruction for > this, > >>>>>>>>>> Unfortunately I do not have the instructions to hand but will > post > >>>> them > >>>>>>> up > >>>>>>>>>> on Tuesday for you if this is not too late, > >>>>>>>>>> > >>>>>>>>>> Jay > >>>>>>>>>> > >>>>>>>>>> 2009/7/31 David Christensen <[email protected]> > >>>>>>>>>> > >>>>>>>>>> I was successful with integrating heartbeat into my existing > samba > >>>>>>>>>> installation for a samba HA configuration. I tested fail over > with > >>>>>>>>>> existing domain clients and everything was good. > >>>>>>>>>> > >>>>>>>>>> However the moment I tried to join a new computer to the domain > it > >>>>>>>>>> failed. Even though I was prompted for the admin username and > >>>> password, > >>>>>>>>>> I received an error that no PDC could be found for the domain. > >>>>>>>>>> > >>>>>>>>>> Looking at the ldap logs I can see queries when trying to join > the > >>>>>>>>>> domain so I am confused as to why this keeps failing. > >>>>>>>>>> > >>>>>>>>>> I configured samba to listen only to the virtual interface that > is > >>>>>>>>>> created by heartbeat and localhost. > >>>>>>>>>> > >>>>>>>>>> Any ideas of what to look at would be appreciated. Thanks! > >>>>>>> Jay > >>>>>>> > >>>>>>> Tuesday is fine, I will keep "educating" myself until then. One > thing > >>>>>>> is for sure, I am learning this stuff inside and out. > >>>>>>> > >>>>>>> Thanks!!! > >>>>>>> > >>>>>>> David > >>>>>>> > >>>>>>> _______________________________________________ > >>>>>>> Linux-HA mailing list > >>>>>>> [email protected] > >>>>>>> http://lists.linux-ha.org/mailman/listinfo/linux-ha > >>>>>>> See also: http://linux-ha.org/ReportingProblems > >>>>>>>>>> _______________________________________________ > >>>>>>>>>> Linux-HA mailing list > >>>>>>>>>> [email protected] > >>>>>>>>>> http://lists.linux-ha.org/mailman/listinfo/linux-ha > >>>>>>>>>> See also: http://linux-ha.org/ReportingProblems > >>>> Jason, > >>>> > >>>> Thanks for the document I will give it a try!! > >>>> > >>>> I failed back to not running HA until I can figure out what is going > on. > >>>> For your config when you say you have samba bound to the physical > >>>> interfaces and users connecting to the virtual, is this when users > >>>> connect manually or is this when a user attempts to authenticate to > the > >>>> domain via the XP or Vista client? > >>>> > >>>> David > >>>> > >>>> _______________________________________________ > >>>> Linux-HA mailing list > >>>> [email protected] > >>>> http://lists.linux-ha.org/mailman/listinfo/linux-ha > >>>> See also: http://linux-ha.org/ReportingProblems > > Jay, > > > > Thanks for the info and help thus far. Couple of questions. > > > >>>> so i left the samba config on both nodes with the hostname of the > local > >>>> system > >>>> > >>>> smb.conf on node 1: > >>>> node1.domain.local > >>>> > >>>> smb.conf on node 2: > >>>> node2.domain.local > > Is this the netbios name or some other parameter? (e.g. netbios name = ) > > What do you have interfaces = and bind interfaces only = set to? > > > >>>> after heartbeat is configured you present an IP Address, and manually > >>>> register this IP Address to a DNS A record within your DNS > environment. > > how do you have the clients configured to lookup this A record? I > > though this needed to be a SRV record? > > > > David > > > > > > > > > > > > > > _______________________________________________ > > Linux-HA mailing list > > [email protected] > > http://lists.linux-ha.org/mailman/listinfo/linux-ha > > See also: http://linux-ha.org/ReportingProblems > >>>> _______________________________________________ > >>>> Linux-HA mailing list > >>>> [email protected] > >>>> http://lists.linux-ha.org/mailman/listinfo/linux-ha > >>>> See also: http://linux-ha.org/ReportingProblems > Jay, > > Thanks for bearing with me on this. The DNS record makes sense, how do > you have your A record setup, what FQN are you using that the clients > would query DNS for? > > David > _______________________________________________ > Linux-HA mailing list > [email protected] > http://lists.linux-ha.org/mailman/listinfo/linux-ha > See also: http://linux-ha.org/ReportingProblems > >> > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org > > iEYEARECAAYFAkp4V84ACgkQ5B+8XEnAvqs8RwCfWJFoxH12c2HR6LIP0Lz4TnbG > 1Q0An07MzeCvzDokn0hQRTOVr6p8wDPS > =3QKJ > -----END PGP SIGNATURE----- > _______________________________________________ > Linux-HA mailing list > [email protected] > http://lists.linux-ha.org/mailman/listinfo/linux-ha > See also: http://linux-ha.org/ReportingProblems > _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
