33.1 Planning the Internet Agent in a Heartbeat Cluster

A major system configuration difference between the Internet Agent in a clustering environment and the Internet Agent in a regular environment is that you need to create a separate domain to house each GroupWise gateway, including the Internet Agent.

The Internet Agent Clustering Worksheet lists the information you need to set up the Internet Agent in a Heartbeat cluster. You should print the worksheet and fill it out as you complete the tasks listed below:

33.1.1 Planning a Cluster Resource Group for the Internet Agent

As with the MTA and the POA, the Internet Agent needs cluster nodes, native Heartbeat resources, GroupWise resources, and a cluster resource group in order to function in your Heartbeat cluster. For a review of these cluster components, see Section 13.1, Installing Novell Cluster Services on Linux.

INTERNET AGENT LUSTERING WORKSHEET

Under Item 1: Internet Agent Nodes, list the nodes that you want to use for the Internet Agent. Identify each node by its DNS hostname and the IP address that it is physically configured with.

Under Item 2: Internet Agent Cluster Resource Group, specify the name of the cluster resource group to hold the native Heartbeat and GroupWise resources associated with the Internet Agent.

Under Item 3: Native Heartbeat Resources, list the resource names and parameters for the EVMS shared storage partition, the file system, and the secondary IP address that you want to use for the Internet Agent and its domain.

Under Item 4: GroupWise Resources, list the resource names and parameters for the Internet Agent and the MTA.

33.1.2 Planning a Domain for the Internet Agent

The considerations involved in planning a domain for the Internet Agent are much the same as planning any other domain. In preparation, review Planning a New Domain, then print and fill out the Domain Worksheet in Domains in the GroupWise 7 Administration Guide.

Keep in mind the following cluster-specific details:

  • When you specify the location for the domain directory on the Domain Worksheet, remember that it is on the shared storage partition, not on the node where you run the GroupWise Installation program.

  • Do not concern yourself with the GroupWise agent information on the Domain Worksheet. You can stop with item 10. You will plan the MTA installation later.

When you have completed the Domain Worksheet, transfer the key information from the Domain Worksheet to the Internet Agent Clustering Worksheet.

INTERNET AGENT CLUSTERING WORKSHEET

Under Item 6: Internet Agent Domain Name, transfer the domain name and domain directory to the Internet Agent Clustering Worksheet. Also specify the mount point directory where each node will mount the Internet Agent domain.

IMPORTANT:Do not create the new domain until you are instructed to do so in Section 15.2.1, Creating a Domain for the Internet Agent.

33.1.3 Recording the Internet Agent Secondary IP Address

As with the MTA and the POA, the Internet Agent needs a secondary IP address that remains the same no matter which node in the cluster it is running on. You can place the Internet Agent and its domain in a cluster resource group where a domain or post office already reside, which means that the Internet Agent shares the same secondary IP address as that domain or post office and fails over along with that domain or post office. Or you can place the Internet Agent and its domain in its own cluster resource group, which means that it has its own secondary IP address and fails over independently.

INTERNET AGENT CLUSTERING WORKSHEET

Under Item 7: MTA Network Information, select an IP address resource from the Heartbeat Clustering Worksheet (item 5) and record the secondary IP address associated with the resource on the Internet Agent Internet Agent Clustering Worksheet.

Under Item 8: Internet Agent Network Information, copy the same secondary IP address.

33.1.4 Determining Appropriate Heartbeat Constraints for the Internet Agent

By default, a Heartbeat cluster is configured to have all nodes in the cluster available for failover. Only one node at a time can have a particular cluster resource group mounted and active. If a cluster resource group’s initial node fails, the resource group fails over to another node in the cluster.

You should customize the Heartbeat constraints for each GroupWise cluster resource group based on the fan-out-failover principle. As with the MTA and the POA, you need to select the nodes in the cluster where the Internet Agent cluster resource group can fail over. You must install the Internet Agent software on all of the nodes where you want the Internet Agent to be able to fail over. For a review of the fan-out-failover principle, see Section 13.6.2, Determining Appropriate Failover Lists for the Agents, which describes the issues in the context of planning MTA and POA installations.

INTERNET AGENT CLUSTERING WORKSHEET

Under Item 3: Internet Agent Cluster Resource Group Constraints, list the nodes where you want the Internet Agent to be able to fail over.

33.1.5 Preparing DNS for the Clustered Internet Agent

In order for the Internet Agent to be recognized on your network, DNS must have an MX record that includes the hostname corresponding to the secondary IP address of the Internet Agent. A DNS A record associates the secondary IP address with the hostname.

33.1.6 Preparing Your Firewall for the Clustered Internet Agent

The Internet Agent receives incoming messages on it secondary IP address, not the physical IP address of the node where it is running. Your firewall configuration must be modified to allow inbound TCP/IP traffic from the Internet to the Internet Agent secondary IP address on the following standard ports:

Table 33-1 Standard Ports

Protocol

Standard Port

IMAP4

143

LDAP

389

POP3

110

SMTP

25

By default, the Internet Agent sends outgoing messages on the primary IP address of the node where it is running. If you decide to use this default configuration, your firewall must be configured to allow outbound TCP/IP traffic from all nodes where the Internet Agent could fail over.

If the Internet Agent has a large number of nodes available, you could configure the Internet Agent to send outgoing messages to a relay host, which then sends them out through the firewall using its own IP address rather than the IP address of the particular node where the Internet Agent was running. This reduces the amount of modification to your firewall required to set up the Internet Agent. However, if the relay host goes down, outgoing messages are delayed.

As another alternative, you can configure the Internet Agent to use its secondary IP address for sending as well as receiving messages. Setup instructions for this configuration are provided in Forcing Use of the Internet Agent Secondary IP Address, which you can complete after installing the Internet Agent software.

In preparation for installing the Internet Agent, configure your firewall as needed to handle the Internet Agent’s use of primary and secondary IP addresses when sending and receiving messages.

33.1.7 Planning the MTA Installation

Follow the instructions in Section 13.6.4, Planning the Linux Agent Installation, then return to this point. After you follow the instructions, you will have a filled-out System Clustering Worksheet to use when you install the MTA.

IMPORTANT:Do not install the Linux MTA until you are instructed to do so in Section 15.2, Setting Up the Internet Agent in a Linux Cluster.

33.1.8 Planning the Internet Agent Installation

Aside from the cluster-specific issues discussed in the preceding sections, the considerations involved in planning to install the Internet Agent are the same in a clustering environment as for any other environment. Review the installation instructions in Linux: Installing the Internet Agent Software in Installing the GroupWise Internet Agent in the GroupWise 7 Installation Guide. Use the GroupWise Internet Agent Installation Worksheet to record the planning information you will need as you install the Internet Agent in your cluster.

IMPORTANT:Do not install the Internet Agent software until you are instructed to do so in Setting Up the Internet Agent in a Linux Cluster.