On 11/15/2012 10:11 AM, Digimer wrote: > On 11/15/2012 02:52 AM, [email protected] wrote: >> Hello,
>> I have to secure a "homemade" monitoring solution mainly based on Nagios 2.x >> and MySQL 5.1. >> >> I must deploy an "active / passive" cluster with automated switch of >> services. 2 servers will be located on two different datacentres and >> connected by an optical fiber (which will be channeled through the lifeline >> + cluster replication data). > > What you are trying to do is called a "stretch cluster". If you want > automatic failover, you will have some significant challenges. Mainly, > when a node stops responding, it needs to be put into a known state to > ensure that the same service isn't offered twice or that shared storage > is not happening without coordination. > > This is done using fencing, and fencing only really useful when it uses > an independent network path. So dual links are needed. Now that > probability of failing both links at the same time is real (someone digs > without looking, for example) would break the cluster's fencing, leaving > the nodes hung until there is human intervention. > > Stretch clustering requires very careful planning and rarely is worth it. So where do nagios and mysql come into the picture? >> Tests were carried out with products DRBD (8.3.7) & Heartbeat (3.0.3) using >> the official Debian mirrors. > > DRBD 8.3.7 is *very* old. Heartbeat is deprecated and has no future > development planned. Which doesn't mean you shouldn't use heartbeat for "simple stupid" 2-node active/passive 'haresources' cluster. You shouldn't use *if* you need more than simple stupid. The good news is it's not changing to something not entirely dissimilar every 18 months, unlike everything that's been developed since. DRBD is old but our public servers have been running 8.3 for quote some time now without problems. (Our centos 5 servers have been running heartbeat 2.1.4 and drbd 8.3.8 for years now.) >> I wanted to get your opinion on the various security products such cluster >> (HA / Pacemaker / Corosync / keepalived / OpenSVC ...) to point me towards >> the most efficient and adapted according to my needs. Where'd "security products" come from? Do you mean you nagios+mysql setup is doing some sort of security monitoring? The good thing about heartbeat is it's not being developed anymore. So what you've learned about it remains relevant. > The future of open source clustering is on corosync + pacemaker. I would > start by learning more about them. I would wait a year. They'll come up with something else and you'll have to unlearn the old busted coronary+zapper and learn about the new shiny+hotness instead. But for the most part: what is you're trying to actually do? Using drbd for database replication is suboptimal, especially over non-local links. You really want transactional replication and if mysql doesn't do it, switch to the one that does. As for nagios, why not set up two independent ones monitoring everything and each other? I suspect you can go a lot with a few lines of perl to make sure you don't get double the e-mail. -- Dimitri Maziuk Programmer/sysadmin BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
