The Perfect Small Business Server(+Failover)
In this guide, we will be building ourselves a 'redundant/Highly Available' Home/Small Business server(Cluster). We will be using two physical nodes(computers)running the same exact services in an 'active/passive'(master/slave/Failover) HeartBeat "cluster". We will refer to these two computers as "node1" & "node2". As I am writing this guide the latest Arch Linux install image is Arch_2010_05(I am using the 32bit/i686 image) though I imagine we are soon due for a new image. Again, this article was written on: 08/14/2011, August 14th, 2011. I will personally speak for the accuracy of this article, I developed this guide step-by-step on my own personal servers and I have since re-built both machines following this guide to the letter, they are 100% functional, fairly secure, and my "Highly Available" services have not had a single moment of downtime since being initially powered on.
- I am personally working on the following translations of this guide: Italian, French, German, Spanish. Anyone with the linguistic skills to help/provide other translations PLEASE feel free do so.
--GaryMaurizi 20:01, 14 August 2011 (EDT)
On each node we will be installing & setting up the following services/daemons:
- DNS: Bind in a Chroot, with ProBIND PHP Web GUI To edit DNS Zones.
- Web: Apache, With SSL.
- PHP: PHP5.
- Database: MySQL(i), With PHPMyAdmin Web GUI To create/edit/delete Databases & Users.
- IMAP/POP3/(S): Dovecot for Incoming Mail/accounts (w/ Secure IMAP/POP3(?S).
- SMTP/(S): Postfix for Outgoing Mail (+Dovecot-SSL w/ PostfixAdmin Web GUI).
- RoundCubeMail: Simple, Sleek WebMail/Web GUI with sieve/spam filters & identities.
- Horde: OpenSource GroupWare & Mail Web GUI Similiar to M$ Exchange in Features/Functionality.
- Firewall: IPTables with the UFW: Uncomplicated Firewall FrontEnd, (optionally: with UFW'S GTK GUI: GUFW).
Following are the IP Adresses, Hostnames, & Domain Name we'll use to refer to our machines, change these to suit your own needs, for this guide we will have TWO "virtual/shared Highly Available/Failover IP Addresses & Hostnames/Domains, we do this because some DNS registrars require a MINIMUM of TWO unique NameServers, if yours does NOT, you may use a single HA Address as such: 'ha.example.com==>192.168.1.200', for this guide our addresses will be:
- node1.example.dom ==> 192.168.1.101 (Hostname / IP of our 1st Machine)
- node2.example.dom ==> 192.168.1.102 (Hostname / IP of our 2nd Machine)
- ha1.example.dom ====> 192.168.1.201 (Hostname / IP of our 1st "Virtual/H.A" Address)
- ha2.example.dom ====> 192.168.1.202 (Hostname / IP of our 2nd "Virtual/H.A" Address)
Arch Linux Installation:
Here is a quick overview of instructions for a very basic arch linux installation that will work with this guide, if you already have arch linux setup, chances are you only need to change your hostname in /etc/rc.conf & edit: /etc/hosts, here we go:
Boot from CD & begin the Arch Linux Installation (AIF):
Perform A regular Installation, with the following options (NOT IN ORDER):
- TIMEZONE: Your Local Time (Regular/Hardware Clock, NOT NTP)
- NET INSTALL: We will use DHCP initially, and input our static info after reboot (optionally, set up static now).
- MIRROR: Choose the fastest IN-SYNC mirror, see: http://www.archlinux.org/mirrors/status/
- PACKAGES: Select BOTH Base & Base-Devel Package/Groups (MANDATORY)
- PARTITIONING: Use GUIDED/Entire Disk Partitioning, Make Swap 1/2 the of amount of RAM. Use Defaults for /boot, /home, /
- CONFIGURATION: After Package install, DON'T configure anything, just set ROOT PASSWORD
- BOOTLOADER: USE/SET UP GRUB boot loader(Usually you will install on SDA)
REBOOT: the machine, and REMOVE the installation disc.
We will now go over basic Networking setup so we can bring both our nodes online, get them up-to-date, and connect to them from another location via SSH, if your machine is already up & running with networking, please feel free to skip this section, just make sure you have the proper definitions in /etc/hosts & the proper hostname in /etc/rc.conf, now, here we go:
EDIT: /etc/rc.conf so that it reflects the proper hostnames, your hostnames should be: node1 for your first machine, node2 for the second:
EDIT: /etc/hosts so that it reflects the proper hostnames, domain names & IP addresses for our cluster:
REBOOT: To set the proper HostNames / DomainNames & bring up networking:
We will now Upgrade our pacman package manager database, check that we are using the proper repositories & insure that our system is up-to-date, we will only be using the stable repo's for our two nodes, please do not enable any of the testing repositories and complain that something is not working! you've been warned! ;P here we go:
INPUT: the following commands to upgrade our pacman-database:
EDIT: the /etc/pacman.conf file to make sure that we are using the proper repositories:
INPUT: the following command to download our enabled repositories & insure that our system is fully up-to-date:
REBOOT: Once more, just for good measure(probably not neccesary):
You should now have a very basic Arch Linux installation up & running on both of your machines/nodes, if you have any trouble installing Arch Linux, or need further assistance, see the OFFICIAL Arch Linux INSTALLATION Guide here: https://wiki.archlinux.org/index.php/Beginners%27_Guide
Install & Configure SSH:
We will now install SSH/OpenSSH so that we may connect to our nodes from a 3rd machine & manage the rest of our installation/configuration from one(single) keyboard/mouse/monitor, you may continue to work in your current environment if you like however, but you should still install & configure ssh:
INPUT: the following command to install SSH/OpenSSH:
EDIT: the file: /etc/ssh/sshd_config and make sure it reflects that the following lines are UNCOMMENTED/MADE ACTIVE: Template:File
INPUT: the following command to test & make sure ssh/sshd is working:
EDIT: the file: /etc/rc.conf and add sshd to the END of your daemons array so that our SSH Server starts at boot-time: Template:File
You should now have your SSH server/daemon up and running, continue on to the next step!
Install & Configure Apache:
We will now install & configure Apache with PHP & MySQL, We will do this in two sections, first will we install & configure the basic apache settings, then we will install PHP & create a number of "vhost.conf" style files apache needs for a PROPER setup of: RoundCubeMail, PHPMyAdmin, PHP, ProBIND, mysql, etc...Because we will be telling apache to use things like PHP, PHPMyAdmin, RoundCubeMail, ProBIND, MySQL, PostfixAdmin, Horde, etc, it (may not) start UNTIL all of the previously mentioned packages are downloaded, unpackaged, and installed in the proper places. IF YOU DECIDE NOT TO USE A SPECIFIC WEBAPP/PACKAGE DESCRIBED IN THIS GUIDE, SIMPLY DO NOT PUT AN "Include packagename" LINE for it IN: /etc/httpd/conf/httpd.conf here we go!:
INPUT: the following command to install apache, php & MySQL:
EDIT: the file: /etc/httpd/conf/httpd.conf and uncomment the following, we will UNCOMMENT/MAKE ACTIVE the ENTIRE LoadModule LIST, we will also add a LoadModule line for PHP5 at the end of the load module list:
EDIT: the file: /etc/httpd/conf/httpd.conf: We will now ADD Include LINES to include 'supplementary configurations' in /etc/httpd/conf/extra/httpd-*packagename*.conf files, for all of the Web Apps we will install(E.G RoundCubeMail), and uncomment some already existing Include Lines, in the Include list, The lines in bold have been ADDED, so it should look like this:
EDIT: the file: /etc/httpd/conf/mime.types: We must now ADD a "Mime Type" FOR: PHP / PHP5 in the mime.types file, this file is in ALPHABETICAL ORDER, Add the php mime.type line as I have, in the proper alphabetical location shown:
We must now CREATE all of the 'vhost style files' we have defined in httpd.conf with Include conf/extra/* lines, inside the directory: /etc/httpd/conf/extra/, here we go: