Document Actions
6.7. Detailed Instructions on Heartbeat Configuration
Configuration of Heartbeat for ThinLinc HA operations is quite easy, and can be done either by editing some files, or with the Heartbeat module for Webmin.
Heartbeat is configured by editing three files in the directory /etc/ha.d/: ha.cf, haresources, and authkeys.
ha.cf contains global configuration parameters for Heartbeat. Most important, it contains information about what nodes are in the HA cluster. The hostnames of the nodes must concur with the hostname that is written when running the command uname -n.
An example ha.cf file follows:
logfile /var/log/ha-log keepalive 1 deadtime 5 warntime 3 initdead 10 bcast eth0 node tlha-primary.example.com node tlha-secondary.example.com
Note that in a ThinLinc HA configuration, there should, quite opposite to what is normally recommended, be only one path between the two nodes for Heartbeat to use. No serial connection nor any extra ethernet path is of value.
authkeys contains authentication data that allows the two nodes to trust that they are actually talking to eachother, and not to some malicious node on the network. If there were no authentication between the nodes, a malicious party on the network could instruct both nodes to shut down the ThinLinc service, creating a Denial of Service situation.
An example authkeys file follows:
auth 1 1 sha1 <password>
Exchange <password> with a password of your own.
haresources contains information about what resources are handled by heartbeat. In a ThinLinc HA setup, no resources are handled except the HA IP address.
An exmaple haresources file follows:
tlha-primary.example.com 10.0.0.4
The first token on the line is the host name of the primary node in the cluster. The second is the HA ip address.
The configuration files are identical on both nodes, so after configuring one node, copy the files to the other node. Don't forget to restart heartbeat after making changes to the configuration.
There is a Webmin module available for configuring Heartbeat. In this section we will show how to use it to configure Heartbeat so it can be used in a ThinLinc HA configuration.
Begin by connecting to webmin by pointing your web browser to the primary node, port 10000. In our example, the URL would be http://tlha-primary:10000. Login, and from the menu on the top of the page, select "Cluster". Now select the "Heartbeat" icon. That will take you to the Heartbeat Webmin module, as illustrated in Figure 6.3
If the Webmin module tells you that there are no configuration files available in /etc/ha.d/, you need to create empty configuration files in that directory. The files that need to be created are authkeys, ha.cf, and haresources.
[root@tlha-primary root] touch /etc/ha.d/authkeys /etc/ha.d/ha.cf /etc/ha.d/haresources
Webmin is paranoid about the permissons on the /etc/ha.d/authkeys file, it must be readable only by root. This can be accomplished by running:
[root@tlha-primary root] chmod 600 /etc/ha.d/authkeys
Now enter the authentication configuraton submodule, by clicking the Authentication Keys icon. This will bring you a view like the one illustrated in Figure 6.4.
Select SHA1 with password and enter a password.
Exit the Authentication Keys view, and enter the Cluster Resources view, as illustrated in Figure 6.5.
There are no cluster resources defined. Click Add a cluster resource. That will bring you the view illustrated in Figure 6.6.
Enter the name of the primary HA node, and the IP address of the HA ip as illustrated, then press the Save button.
Exit the resources view, and enter the Configuration Options view. This view is illustrated in Figure 6.7.
Configure a Ethernet heartbeat interface, set Time before node is considered dead to 5 seconds, set Initial dead time to 10 seconds.
Enter the node names of both nodes in the cluster in the Hosts in cluster textbox. The node names of the cluster members can be found by running uname -n on each node.
Press Save Options when done.
Finally, exit the Configuration Options view, and press the button Start Heartbeat Monitor.
Either repeat all steps on the secondary node, or copy the configuration files ha.cf, haresources, and authkeys from /etc/ha.d on the primary node to /etc/ha.d on the secondary node, and start heartbeat on the secondary node.