correction: on DNS server hosting emea.domain.local create an A record and associated PTR records
for clusternode1.emea.domain.local 10.0.0.10 clusternode2.emea.domain.local 10.0.0.11 fileserver.emea.domain.local 10.0.0.12 Jay 2009/8/4 Jason Fitzpatrick <[email protected]> > Hi David > > my setup: > > domain name emea.domain.local > > node1 is named clusternode1.emea.domain.local with a public ip 10.0.0.10 > and joined to AD clusternode1.emea.domain.local > > node2 is named clusternode2.emea.domain.local with a public ip 10.0.0.11 > and joined to AD as clusternode2.emea.domain.local > > shared ip address presented by heartbeat is 10.0.0.12 > > clusternode1.emea.domain.local is currently hosting the virtual IP Address > and has a running smbd server configured with AD integration. > > -note- > Samba is set up so that it listens on the external (LAN) physical > interface, Heartbeat starts the virtual IP Address, followed by samba, and > as a result samba listens on the virtual ip address, > > no netbios names presented by the cluster, no automatic DNS registrations > > on DNS server hosting our emea.domain.local create an A record and > associated PTR records > > for > clusternode1.emea.domain.local 10.0.0.10 > clusternode2.emea.domain.local 10.0.0.11 > fileserver.emea.domain.local 10.0.0.12 > > Within our environment we present the share via a login script, drive Z is > mapped to a share on the Fileserver > (\\fileserver.emea.domain.local\sharename) > > so a XP client tries to connects to the Z drive, a DNS request is sent to > the server for fileserver.emea.domain.local and the IP Address that you > created above is returned. > > the client will then try to connect to this IP Address, and since this IP > Addresses is a virtual IP address hosted off clusternode1.emea.domain.local > the user connects to clusternode1, and shares are returned, > > > Jay > > > > > > > 2009/8/4 David Christensen <[email protected]> > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Jason Fitzpatrick wrote: >> > Hi David >> > >> > >> > I have the interface set to the physical interface, eth0 = heartbeat >> X-over >> > eth1 = DRBD X-over Replication eth2 = LAN >> > >> > so interfaces = eth2 >> > >> > please find attached a sanitized version of my smb.conf >> > >> > also my understanding of SRV records is that they are only for finding >> > services, and this is not a service, simply a file server, so an A >> record >> > should do the job (it is the only one that I set up and I have had no >> > issues) >> > >> > Jay >> > >> > 2009/8/4 David Christensen <[email protected]> >> > >> > Jason Fitzpatrick wrote: >> >>>> Hi David.. >> >>>> >> >>>> Bound was probably not the correct word to use.. >> >>>> >> >>>> When you modify the samba config to reflect the name of the virtual >> >>>> hostname, this is the name that samba uses to join to the domain, and >> as >> > a >> >>>> result when the other node becomes active, using the same hostname >> but a >> >>>> different ID so the computer account is not valid in AD and a rejoin >> is >> >>>> necessary. I spend 2 days trying to work around this and did not >> succeed. >> >>>> >> >>>> so i left the samba config on both nodes with the hostname of the >> local >> >>>> system >> >>>> >> >>>> smb.conf on node 1: >> >>>> node1.domain.local >> >>>> >> >>>> smb.conf on node 2: >> >>>> node2.domain.local >> >>>> >> >>>> both nodes joined to domain, and are accessable via DNS name from >> Windows >> >>>> clients >> >>>> >> >>>> after heartbeat is configured you present an IP Address, and manually >> >>>> register this IP Address to a DNS A record within your DNS >> environment. >> >>>> >> >>>> Since heartbeat is only allowing this IP address to be active on one >> node >> > at >> >>>> a time a Windows client will resolve this A record to the virtual IP >> > Address >> >>>> on the cluster, and the client will connect to the samba instance >> even >> >>>> though it is not configured with the virtual interface details, >> (should >> > you >> >>>> be presenting a banner to samba clients you will see the physical >> server >> >>>> details when connecting, you should be able to change this should you >> > wish) >> >>>> >> >>>> Hope this makes some form of sense >> >>>> >> >>>> Jay >> >>>> >> >>>> 2009/8/2 David Christensen <[email protected]> >> >>>> >> >>>> Jason Fitzpatrick wrote: >> >>>>>>> Hi David.. >> >>>>>>> >> >>>>>>> please find the doc attached, I believe that the section that is >> > relevant >> >>>> to >> >>>>>>> you is at the very end, >> >>>>>>> >> >>>>>>> also I have tried a config similar to yours, where i configured >> for >> > the >> >>>>>>> virtual interface, and ran into similar problems (after fail over >> i >> > had >> >>>> to >> >>>>>>> rejoin to the domain each time) so I failed back to samba >> configured >> > for >> >>>> the >> >>>>>>> physical interfaces and have users connect via the virtual >> address, >> >>>>>>> >> >>>>>>> Let me know how you get on as the doc is still a work in progress >> >>>>>>> >> >>>>>>> Jay >> >>>>>>> >> >>>>>>> 2009/7/31 David Christensen <[email protected]> >> >>>>>>> >> >>>>>>> Jason Fitzpatrick wrote: >> >>>>>>>>>> Hi David >> >>>>>>>>>> >> >>>>>>>>>> I am running a 2 node Heartbeat cluster with Samba and AD >> > integration, >> >>>>>>> and I >> >>>>>>>>>> ran into no end of hastle in getting it to work correctly, so >> sat >> > down >> >>>>>>> and >> >>>>>>>>>> went through it step by step and made a work instruction for >> this, >> >>>>>>>>>> Unfortunately I do not have the instructions to hand but will >> post >> >>>> them >> >>>>>>> up >> >>>>>>>>>> on Tuesday for you if this is not too late, >> >>>>>>>>>> >> >>>>>>>>>> Jay >> >>>>>>>>>> >> >>>>>>>>>> 2009/7/31 David Christensen <[email protected]> >> >>>>>>>>>> >> >>>>>>>>>> I was successful with integrating heartbeat into my existing >> samba >> >>>>>>>>>> installation for a samba HA configuration. I tested fail over >> with >> >>>>>>>>>> existing domain clients and everything was good. >> >>>>>>>>>> >> >>>>>>>>>> However the moment I tried to join a new computer to the domain >> it >> >>>>>>>>>> failed. Even though I was prompted for the admin username and >> >>>> password, >> >>>>>>>>>> I received an error that no PDC could be found for the domain. >> >>>>>>>>>> >> >>>>>>>>>> Looking at the ldap logs I can see queries when trying to join >> the >> >>>>>>>>>> domain so I am confused as to why this keeps failing. >> >>>>>>>>>> >> >>>>>>>>>> I configured samba to listen only to the virtual interface that >> is >> >>>>>>>>>> created by heartbeat and localhost. >> >>>>>>>>>> >> >>>>>>>>>> Any ideas of what to look at would be appreciated. Thanks! >> >>>>>>> Jay >> >>>>>>> >> >>>>>>> Tuesday is fine, I will keep "educating" myself until then. One >> thing >> >>>>>>> is for sure, I am learning this stuff inside and out. >> >>>>>>> >> >>>>>>> Thanks!!! >> >>>>>>> >> >>>>>>> David >> >>>>>>> >> >>>>>>> _______________________________________________ >> >>>>>>> Linux-HA mailing list >> >>>>>>> [email protected] >> >>>>>>> http://lists.linux-ha.org/mailman/listinfo/linux-ha >> >>>>>>> See also: http://linux-ha.org/ReportingProblems >> >>>>>>>>>> _______________________________________________ >> >>>>>>>>>> Linux-HA mailing list >> >>>>>>>>>> [email protected] >> >>>>>>>>>> http://lists.linux-ha.org/mailman/listinfo/linux-ha >> >>>>>>>>>> See also: http://linux-ha.org/ReportingProblems >> >>>> Jason, >> >>>> >> >>>> Thanks for the document I will give it a try!! >> >>>> >> >>>> I failed back to not running HA until I can figure out what is going >> on. >> >>>> For your config when you say you have samba bound to the physical >> >>>> interfaces and users connecting to the virtual, is this when users >> >>>> connect manually or is this when a user attempts to authenticate to >> the >> >>>> domain via the XP or Vista client? >> >>>> >> >>>> David >> >>>> >> >>>> _______________________________________________ >> >>>> Linux-HA mailing list >> >>>> [email protected] >> >>>> http://lists.linux-ha.org/mailman/listinfo/linux-ha >> >>>> See also: http://linux-ha.org/ReportingProblems >> > Jay, >> > >> > Thanks for the info and help thus far. Couple of questions. >> > >> >>>> so i left the samba config on both nodes with the hostname of the >> local >> >>>> system >> >>>> >> >>>> smb.conf on node 1: >> >>>> node1.domain.local >> >>>> >> >>>> smb.conf on node 2: >> >>>> node2.domain.local >> > Is this the netbios name or some other parameter? (e.g. netbios name = ) >> > What do you have interfaces = and bind interfaces only = set to? >> > >> >>>> after heartbeat is configured you present an IP Address, and manually >> >>>> register this IP Address to a DNS A record within your DNS >> environment. >> > how do you have the clients configured to lookup this A record? I >> > though this needed to be a SRV record? >> > >> > David >> > >> > >> > >> > >> > >> > >> > _______________________________________________ >> > Linux-HA mailing list >> > [email protected] >> > http://lists.linux-ha.org/mailman/listinfo/linux-ha >> > See also: http://linux-ha.org/ReportingProblems >> >>>> _______________________________________________ >> >>>> Linux-HA mailing list >> >>>> [email protected] >> >>>> http://lists.linux-ha.org/mailman/listinfo/linux-ha >> >>>> See also: http://linux-ha.org/ReportingProblems >> Jay, >> >> Thanks for bearing with me on this. The DNS record makes sense, how do >> you have your A record setup, what FQN are you using that the clients >> would query DNS for? >> >> David >> _______________________________________________ >> Linux-HA mailing list >> [email protected] >> http://lists.linux-ha.org/mailman/listinfo/linux-ha >> See also: http://linux-ha.org/ReportingProblems >> >> >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.9 (GNU/Linux) >> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org >> >> iEYEARECAAYFAkp4V84ACgkQ5B+8XEnAvqs8RwCfWJFoxH12c2HR6LIP0Lz4TnbG >> 1Q0An07MzeCvzDokn0hQRTOVr6p8wDPS >> =3QKJ >> -----END PGP SIGNATURE----- >> _______________________________________________ >> Linux-HA mailing list >> [email protected] >> http://lists.linux-ha.org/mailman/listinfo/linux-ha >> See also: http://linux-ha.org/ReportingProblems >> > > _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
