33.2 Setting Up the Internet Agent in a Heartbeat Cluster

You should already have reviewed Section 15.1, Planning the Internet Agent in a Linux Cluster and filled out Section 15.5, Internet Agent Clustering Worksheet. You are now ready to complete the following tasks to set up the Internet Agent in a clustering environment:

33.2.1 Setting Up Native Heartbeat Cluster Resources for the Internet Agent

  1. Start the HA Management Client, as described in Section 31.1, Starting the HA Management Client.

  2. Create a cluster resource group for the Internet agent and its domain (Internet Agent Clustering Worksheet item 2), as described in Section 31.2, Creating a Cluster Resource Group.

  3. Create the EVMS container resource, the file system resource, and the IP address resource for the cluster resource group (Internet Agent Clustering Worksheet item 3), as described in Section 31.3, Creating Native Heartbeat Resources.

    As opposed to native Heartbeat resources, GroupWise resources for the Internet Agent and its MTA must be created after you install the Internet Agent software, so that the GroupWise script is available to enhance the capabilities of the HA Management Client. By creating native resources before you install the Internet Agent software, you can use them to conveniently fail over the nodes as you install the Internet Agent software on multiple nodes.

  4. Set up constraints on the nodes where the Internet Agent and its domain can fail over (Internet Agent Clustering Worksheet item 5), as described in Section 31.4, Creating Heartbeat Constraints

  5. Continue with Creating a Domain for the Internet Agent.

33.2.2 Creating a Domain for the Internet Agent

The Internet Agent domain will be a secondary domain. To create it, follow the instructions in Section 14.2, Creating a New Secondary Domain in a Linux Cluster, taking your information from the Internet Agent Clustering Worksheet rather than the GroupWise Clustering Worksheet, then return to this point.

Do not create any post offices in the Internet Agent domain.

After you have created the domain, continue with Installing the MTA for the Internet Agent Domain.

33.2.3 Installing the MTA for the Internet Agent Domain

The MTA for the Internet Agent domain can be installed just like any other MTA in your clustered GroupWise system. Follow the instructions in Section 14.4, Installing and Configuring the MTA and the POA in a Cluster, then return to this point.

After you have installed the MTA, continue with Installing and Configuring the Internet Agent in a Cluster.

33.2.4 Installing and Configuring the Internet Agent in a Cluster

After you have created a domain for the Internet Agent and installed the MTA for that domain, you are ready to install and configure the Internet Agent.

Running the Internet Agent Installation Program on the Initial Node

  1. Make sure that the Internet Agent software is available in the software distribution directory you created in Step 6 in Section 14.1, Setting Up a New GroupWise System in a Linux Cluster.

  2. Start the resources in the Internet Agent cluster resource group (Internet Agent Clustering Worksheet item 2) in order to mount the domain directory where the Internet Agent message queues will be located.

  3. From the software distribution directory, start the GroupWise Installation program and select Configure GroupWise for Clustering.

    Configure GroupWise for Clustering option

  4. Install the Internet Agent software, following the steps provided in Linux: Installing the Internet Agent Software in Installing the GroupWise Internet Agent in the GroupWise 7 Installation Guide.

  5. Configure the Internet Agent according to the GroupWise Internet Agent Installation Worksheet that you filled out in Section 15.1, Planning the Internet Agent in a Linux Cluster, paying special attention to the cluster resource information on the Server Information page.

    Server Information page

    The IP address is the secondary IP address associated with the Internet Agent cluster resource group (Internet Agent Clustering Worksheet item 8). The path to the cluster resource mount point is the mount point for the Internet Agent domain (Internet Agent Clustering Worksheet item 6).

    As a result of selecting Configure GroupWise for Clustering on the initial node, the following cluster-specific configuration actions are performed:

    • The Internet Agent startup file (gwia.cfg) is created in /mount_point/groupwise/agents/share on the shared storage partition so that the Internet Agent uses the same startup file regardless of which node it runs on. The --home switch includes the mount point and the path to the domain database so that the startup file is valid when mounted on each node.

    • The --cluster switch is added to the Internet Agent startup file to inform the Internet Agent that it is running in a cluster.

    • The --ip startup switch is set to the secondary IP address of the cluster resource group where the domain is located. This ensures that the Internet Agent runs with the same IP address regardless of which node it runs on.

    • The --log startup switch is set to a location on the shared storage partition (mount_point/groupwise/agents/log) so that Internet Agent logging information is written to the same log file regardless of which node the Internet Agent runs on.

    • If this is the first GroupWise agent installed on this node, the GroupWise High Availability service (GWHA) is automatically configured and its configuration file (gwha.conf) is created in the /etc/opt/novell/groupwise directory. If another GroupWise agent has already been installed on this node, the gwha.conf file is updated to include the Internet Agent.

    • If it is not already present, the OCF Resource Agent script (GroupWise) is installed in the /usr/lib/ocf/resource.d/novell) directory on the node for use by the HA Management Client.

    • The clusterimport.conf file in the gwinst subdirectory of the software distribution directory from which you ran the GroupWise Installation program is updated, so that the cluster-specific information collected when you configure the Internet Agent on the initial node is available when you install the Internet Agent on subsequent nodes.

    • The Internet Agent is not configured to start automatically on system startup. In a cluster, you do not want the Internet Agent to start automatically whenever a node restarts.

  6. For optimum security, configure the Internet Agent to run as a non-root user, as described in Running the Linux GroupWise Agents as a Non-root User in Installing GroupWise Agents in the GroupWise 7 Installation Guide.

  7. Continue with Running the Internet Agent Installation Program on Subsequent Nodes.

Running the Internet Agent Installation Program on Subsequent Nodes

  1. In the HA Management Client, select a different node where you want to run the Internet Agent (Internet Agent Clustering Worksheet item 3), then click Make the Node Active.

  2. From the software distribution directory you created in Step 6 in Section 14.1, Setting Up a New GroupWise System in a Linux Cluster, start the GroupWise Installation program and select Configure GroupWise for Clustering.

    Because of the existence of the clusterimport.conf file in the gwinst subdirectory of the software distribution directory, a new installation option, Import Clustering Data, is now available on the main GroupWise Installation program page.

    GroupWise Installation program main page

  3. Install the Internet Agent software on the node as usual, but do not use the Configure option.

    You will use the Import Clustering Data option instead of the Configure option.

  4. On the main page of the Installation program, click Import Clustering Data, then click Next.

    Import Clustering Data page

    All GroupWise agents that you have installed from the software distribution directory are listed, based on the information stored in the clusterimport.conf file.

  5. Select the GroupWise agents that you want to configure on the current node, then click OK.

    The Import Clustering Data option performs the following configuration actions for each subsequent node where you run it:

    • The grpwise script is created in the /etc/init.d directory on the current node. It is configured specifically for the agents you just selected.

    • The GroupWise High Availability service (GWHA) is automatically configured on the current node and its configuration file (gwha.conf) is created in the /etc/opt/novell/groupwise directory. It is configured specifically for the agents you just selected.

    • If it is not already present, the OCF Resource Agent script (GroupWise) is installed in the /usr/lib/ocf/resource.d/novell) directory on the node for use by the HA Management Client.

    Because the agent startup files and log files are stored on the shared storage partition, they do not need to be customized for each node.

  6. For optimum security, configure the Internet Agent to run as a non-root user, as described in Running the Linux GroupWise Agents as a Non-root User in Installing GroupWise Agents in the GroupWise 7 Installation Guide.

  7. Repeat Step 1 through Step 6 for each node where you want the Internet Agent to be able to fail over (Internet Agent Clustering Worksheet item 3).

  8. Continue with Creating and Configuring GroupWise Cluster Resources for the Internet Agent.

Creating and Configuring GroupWise Cluster Resources for the Internet Agent

Now that you have installed the Internet Agent software, you can create and configure GroupWise resources in the cluster resource group you created in Section 33.2.1, Setting Up Native Heartbeat Cluster Resources for the Internet Agent:

Creating GroupWise Resources for the Internet Agent

  1. In the HA Management Client, select a cluster resource group, then click Add New Item.

  2. In the Item Type field, select native, then click OK.

    Native Resource dialog box

  3. In the Resource ID field, specify a unique name for the GroupWise resource (Internet Agent Clustering Worksheet item 4).

  4. In the Belong to Group field, select the cluster resource group where you want to create the GroupWise resource for the Internet Agent

  5. In the Type list, select GroupWise (ocf/novell).

    The OCF Resource Agent script (GroupWise) added this item to the list.

  6. In the Parameters list, set the value of the object_name parameter to the identifier for the Internet Agent (Internet Agent Clustering Worksheet item 4).

    For the Internet Agent, the identifier is the domain name, followed by the eDirectory™ object name of the Internet Agent (Domain.GWIA).

  7. Click Add to create the GroupWise resource.

  8. Create another GroupWise resource in the cluster resource group for the Internet Agent’s MTA.

    For a domain, the identifier is the domain name.

  9. Continue with Enabling Automatic Internet Agent Restart.

Enabling Automatic Internet Agent Restart

If you want Heartbeat to automatically restart an Internet Agent that has stopped:

  1. In the HA Management Client, select the GroupWise resource for the Internet Agent, then click Operations.

    Add Operations dialog box

  2. Click Add Operation, then select monitor.

  3. Select the time interval for how often you want the Internet Agent to be polled to see if it is still running.

    The GroupWise script causes the Internet Agent to restart, using the GroupWise High Availability service. (GWHA)

  4. Click OK to save the monitoring setting.

  5. Repeat the process for the GroupWise resource for the MTA in the Internet Agent’s cluster resource group.

    Because Heartbeat can perform such agent monitoring, you do not need to set up GroupWise Monitor to perform this task, as described in Configuring the Monitor Agent to Communicate with the High Availability Service in Installing GroupWise Monitor in the GroupWise 7 Installation Guide. Heartbeat and the GroupWise High Availability Service can work together to keep the Internet Agent running on Linux.

  6. Continue with Preventing Internet Agent Failback.

Preventing Internet Agent Failback

If you do not want the Internet Agent cluster resource group to automatically fail back when the initial node is on-line again:

  1. In the HA Management Client, select the GroupWise cluster resource group for the Internet Agent, click Parameters, then click Add Parameter.

    Add Parameters dialog box

  2. In the Name field, specify resource_stickiness.

  3. In the Value field, specify INFINITY.

  4. Click Apply to save the setting.

  5. Continue with Testing Your Internet Agent Installation on Each Node.

Testing Your Internet Agent Installation on Each Node

  1. Test the Internet Agent by starting it with a user interface on the currently active node, as described in Linux: Starting the Internet Agent in Installing the GroupWise Internet Agent in the GroupWise 7 Installation Guide.

    /opt/novell/groupwise/agents/bin/gwia --show @gwia.cfg &

  2. Stop the Internet Agent by clicking File > Exit.

  3. After you can see that the Internet Agent stopped successfully, test it by starting it as a daemon, as described in Starting the Linux GroupWise Agents as Daemons in Installing GroupWise Agents in the GroupWise 7 Installation Guide.

    /etc/inet.d/grpwise start domain.gwia
/etc/inet.d/grpwise status domain.gwia

  4. Stop the Internet Agent.

    /etc/inet.d/grpwise stop domain.gwia
/etc/inet.d/grpwise status domain.gwia

  5. Also test the MTA, as described in Testing Your Agent Installation on Each Node.

  6. Repeat Step 1 through Step 4 on each node where you have installed the Internet Agent.

  7. Make sure you have completed all the tasks described in Installing the GroupWise Internet Agent in the GroupWise 7 Installation Guide.

    A few tasks, such as assigning a postmaster, are not dealt with in this cluster-oriented section.

  8. After you have tested the Internet Agent on all nodes manually, start and stop the Internet Agent resource in the HA Management Client to make sure that it is properly configured.

    If you receive the error Unmanaged on node, then you have failed to test the Internet Agent on one or more nodes. On each node, view the gwha.conf file in the /etc/opt/novell/groupwise directory. Each Internet Agent section should be preceded by the name of the domain followed by the eDirectory object name of the Internet Agent (GWIA by default). If any section is preceded by a startup file name (for example, @gwia.conf), then that Internet Agent has not yet been initialized by being run manually. To resolve the problem, you can run the Internet Agent manually on that node, or you can replace the @gwia.cnf with the appropriate domain and Internet Agent object information, being sure to follow the same format as the other Internet Agent section headings in the gwha.conf file.

  9. Continue with Configuring the Clustered Internet Agent for SSL.

Configuring the Clustered Internet Agent for SSL

If you plan to enable SSL, as described in Securing Internet Agent Connections with SSL in Internet Agent in the GroupWise 7 Administration Guide, you must make the SSL certificate file and key file available to the Internet Agent in the cluster. The default locations for the SSL certificate file and key file are on the nodes along with the Internet Agent software, rather than being located with the domain on the shared storage partition. To avoid having multiple copies of these files in multiple locations, you should set the locations in ConsoleOne®.

  1. On the shared storage partition where the Internet Agent domain is located, create the directory where you want to store the certificate file and key file required for SSL.

  2. Copy the certificate file and key file into the new directory.

    If you need assistance obtaining these files, see Server Certificates and SSL Encryption in Security Administration in the GroupWise 7 Administration Guide.

  3. In ConsoleOne, browse to and select the Domain object.

  4. Right-click the Internet Agent object, then click Properties.

  5. Click GroupWise > SSL Settings.

  6. In the Certificate File field, browse to and select the certificate file.

  7. In the SSL Key File field, browse to and select the key file.

  8. Click OK.

  9. Continue with Enabling Internet Addressing for Your Clustered GroupWise System.

Enabling Internet Addressing for Your Clustered GroupWise System

Setting up Internet addressing for a clustered Internet Agent is no different from setting it up for an Internet Agent in any other environment. Follow the instructions in Configuring Internet Addressing in Internet Agent in the GroupWise 7 Administration Guide, then return to this point.

Verifying Internet Agent Object Properties

During installation of the Internet Agent, the Internet Agent object should have been configured correctly. However, it can be helpful to verify certain cluster-specific information in order to familiarize yourself with the configuration of a clustered Internet Agent.

Accessing Internet Agent Object Properties

  1. In ConsoleOne, browse to and select the Internet Agent domain in order to display its contents.

  2. Right-click the Internet Agent object, then click Properties.

  3. Continue with Verifying Internet Agent Object Properties.

Verifying the Reference to the Internet Agent Secondary IP Address

In the Internet Agent object property page:

  1. Click SMTP/MIME > Settings.

  2. Verify the contents of the Hostname/DNS “A Record” Name field.

    It displays the hostname as currently configured in DNS. It should display the hostname that corresponds to the secondary IP address of the Internet Agent cluster resource group. For more information, see Section 15.1.5, Preparing DNS for the Clustered Internet Agent.

  3. Make changes if necessary.

  4. Continue with Verifying the Reference to the Mount Point Directory.

Verifying the Reference to the Mount Point Directory

In the Internet Agent object property page:

  1. Click Server Directories.

  2. Verify that the displayed directories match the mount point directory and the domain directory.

  3. Make changes if necessary.

  4. Continue with Verifying Post Office Links.

Verifying Post Office Links

In the Internet Agent object property page:

  1. Click Post Office Links.

  2. Verify that the Access Mode column displays C/S (for client/server mode) for all post offices serviced by the Internet Agent.

  3. Verify that the Links column displays the secondary IP addresses of the cluster resource groups that the post offices belong to, not the IP addresses of any nodes in the cluster.

  4. Make changes if necessary.

  5. Continue with Forcing Use of the Internet Agent Secondary IP Address.

Forcing Use of the Internet Agent Secondary IP Address

If you want the Internet Agent to send outgoing messages on its secondary IP address, rather than using the default of its primary IP address:

  1. In ConsoleOne, click GroupWise > Network Address.

  2. In the TCP/IP Address field, provide the secondary IP address (Internet Agent Clustering Worksheet item 6) for the Internet Agent to use for sending outgoing messages.

  3. Select Bind Exclusively to TCP/IP Address.

  4. Click OK.

  5. Continue with Testing the Internet Agent in a Linux Cluster.