15.2 Setting Up the Internet Agent in a Linux Cluster

You should already have reviewed Section 15.1, Planning the Internet Agent in a Linux Cluster and filled out Section 15.5, Internet Agent Clustering Worksheet. You are now ready to complete the following tasks to set up the Internet Agent in a clustering environment:

15.2.1 Creating a Domain for the Internet Agent

The Internet Agent domain will be a secondary domain. To create it, follow the instructions in Section 14.2, Creating a New Secondary Domain in a Linux Cluster, taking your information from the Internet Agent Clustering Worksheet, rather than the System Clustering Worksheet, then return to this point.

Do not create any post offices in the Internet Agent domain.

After you have created the domain, continue with Installing the MTA for the Internet Agent Domain.

15.2.2 Installing the MTA for the Internet Agent Domain

The MTA for the Internet Agent domain can be installed just like any other MTA in your clustered GroupWise system. Follow the instructions in Section 14.4.1, Installing and Setting Up the Agents in Your Cluster, then return to this point.

You do not need to edit the MTA startup file. You do not need to modify the Cluster Resource object properties until after you have installed the Internet Agent.

After you have installed the MTA, continue with Installing and Configuring the Internet Agent in a Cluster.

15.2.3 Installing and Configuring the Internet Agent in a Cluster

After you have created a domain for the Internet Agent and installed the MTA for that domain, you are ready to install and configure the Internet Agent.

Installing and Setting Up the Internet Agent Software in Your Cluster

The Internet Agent must be installed on each node in its failover list (Internet Agent Clustering Worksheet item 3).

Running the Internet Agent Installation Program on the Preferred Node
  1. Make sure that the Internet Agent software is available in the software distribution directory you created in Step 6 in Section 14.1, Setting Up a New GroupWise System in a Linux Cluster.

  2. Mount the Internet Agent partition (Internet Agent Clustering Worksheet item 1) where the Internet Agent message queues are located.

  3. From the software distribution directory, start the GroupWise Installation program and select Configure GroupWise for Clustering.

    Configure GroupWise for Clustering option
  4. Install the Internet Agent software, following the steps provided in Linux: Installing the Internet Agent Software in Installing the GroupWise Internet Agent in the GroupWise 8 Installation Guide.

  5. Configure the Internet Agent according to the GroupWise Internet Agent Installation Summary Sheet that you filled out in Section 15.1, Planning the Internet Agent in a Linux Cluster, paying special attention to the cluster resource information on the Server Information page.

    Server Information page

    As a result of selecting Configure GroupWise for Clustering on the preferred node, the following cluster-specific configuration actions are performed:

    • The Internet Agent startup file (gwia.cfg) is created in mount_point/groupwise/agents/share on the shared resource so that the Internet Agent uses the same startup file regardless of which cluster node it is running on. The --home switch includes the mount point and the path to the database so that the startup file is valid when mounted to each cluster node.

    • The --cluster switch is added to the Internet Agent startup file to inform the Internet Agent that it is running in a cluster.

    • The --ip startup switch is set to the secondary IP address of the shared resource where the domain is located. This ensures that the Internet Agent runs with the same IP address regardless of which cluster node it is running on.

    • The --log startup switch is set to a location on the shared resource (mount_point/groupwise/agents/log) so that Internet Agent logging information is written to the same log file regardless of which cluster node it is running on.

    • If this is the first GroupWise agent installed on this cluster node, the GroupWise High Availability service is automatically configured and its configuration file (gwha.conf) is created in the /etc/opt/novell/groupwise directory. If another GroupWise agent has already been installed on this cluster node, the gwha.conf file is updated to include the Internet Agent.

    • The clusterimport.conf file in the gwinst subdirectory of the software distribution directory from which you ran the GroupWise Installation program is updated, so that the cluster-specific information collected when you configured the Internet Agent on the preferred node is available when you install the Internet Agent on subsequent nodes.

    • The Internet Agent is not configured to start automatically on system startup. In a cluster, you do not want the Internet Agent to start automatically whenever a node restarts.

  6. Configure the Internet Agent to run as a non-root user, as described in the applicable section of the GroupWise 8 Installation Guide:

  7. Continue with Running the Internet Agent Installation Program on Subsequent Nodes.

Running the Internet Agent Installation Program on Subsequent Nodes
  1. On the next node in the Internet Agent failover list, mount the Internet Agent partition (Internet Agent Clustering Worksheet item 1) where the Internet Agent message queues are located.

  2. From the software distribution directory you created in Step 6 in Section 14.1, Setting Up a New GroupWise System in a Linux Cluster, start the GroupWise Installation program and select Configure GroupWise for Clustering.

    Because of the existence of the clusterimport.conf file in the gwinst subdirectory of the software distribution directory, a new installation option, Import Clustering Data, is now available on the main GroupWise Installation program page.

    GroupWise Installation program main page
  3. Install the Internet Agent software on the cluster node as usual, but do not use the Configure option.

  4. On the main page of the Installation program, click Import Clustering Data, then click Next.

    Import Clustering Data page

    All GroupWise agents that you have installed from the software distribution directory are listed, based on the information stored in the clusterimport.conf file.

  5. Select the GroupWise agents that you want to configure on the current cluster node, then click OK.

    The Import Clustering Data option performs the following configuration actions for each subsequent node where you run it:

    • The grpwise script is created in the /etc/init.d directory on the current cluster node. It is configured specifically for the agents you just selected.

    • The GroupWise High Availability service is automatically configured on the current cluster node and its configuration file (gwha.conf) is created in the /etc/opt/novell/groupwise directory. It is configured specifically for the agents you just selected.

    Because the agent startup files and log files are stored on the shared resource, they do not need to be customized for each cluster node.

  6. Configure the Internet Agent to run as a non-root user, as described in the applicable section of the GroupWise 8 Installation Guide:

  7. Repeat Step 1 through Step 6 for each cluster node in the Internet Agent failover list.

    After you install and configure the Internet Agent on each node in its failover list, the cluster node is ready for the Internet Agent to fail over to it.

  8. Continue with Testing Your Internet Agent Installation on Each Node.

Testing Your Internet Agent Installation on Each Node
  1. Test the Internet Agent by starting it with a user interface, as described in Linux: Starting the Internet Agent in Installing the GroupWise Internet Agent in the GroupWise 8 Installation Guide.

    /opt/novell/groupwise/agents/bin/gwia --show @gwia.cfg &

  2. Stop the Internet Agent by clicking File > Exit.

  3. After you can see that the Internet Agent stopped successfully, test it by starting it as a daemon, as described in Starting the Linux GroupWise Agents as Daemons in Installing GroupWise Agents in the GroupWise 8 Installation Guide.

    /etc/inet.d/grpwise start domain.gwia
    /etc/inet.d/grpwise status domain.gwia
    
  4. Stop the Internet Agent.

    /etc/inet.d/grpwise stop domain.gwia
    /etc/inet.d/grpwise status domain.gwia
    
  5. Make sure you have completed all the tasks described in Installing the GroupWise Internet Agent in the GroupWise 8 Installation Guide.

    A few tasks, such as assigning a postmaster, are not dealt with in this cluster-oriented section.

  6. Repeat the steps in Running the Internet Agent Installation Program on the Preferred Node for each node in the Internet Agent failover list.

When you have installed the Internet Agent on all of the nodes in the Internet Agent failover list, continue with Configuring the Clustered Internet Agent for SSL.

Configuring the Clustered Internet Agent for SSL

If you plan to enable SSL, as described in Securing Internet Agent Connections with SSL in Internet Agent in the GroupWise 8 Administration Guide, you must make the SSL certificate file and key file available to the Internet Agent in the cluster. The default locations for the SSL certificate file and key file are on the cluster nodes along with the GroupWise software, rather than being located with the domain and post office on one or more GroupWise partitions. To avoid having multiple copies of these files in multiple locations, you should set the locations in ConsoleOne.

  1. On the Internet Agent partition, create the directory where you want to store the certificate and key file required for SSL.

  2. Copy the certificate file and key file into the new directory.

    If you need assistance obtaining these files, see Server Certificates and SSL Encryption in Security Administration in the GroupWise 8 Administration Guide.

  3. In ConsoleOne, browse to and select the Domain object.

  4. Right-click the Internet Agent object, then click Properties.

  5. Click GroupWise > SSL Settings.

  6. In the Certificate File field, browse to and select the certificate file.

  7. In the SSL Key File field, browse to and select the key file.

  8. Click OK.

  9. Continue with Configuring the Internet Agent Cluster Resource to Load and Unload the Internet Agent and Its MTA.

Configuring the Internet Agent Cluster Resource to Load and Unload the Internet Agent and Its MTA

The properties of the Cluster Resource object define how the Internet Agent partition functions within the cluster, how the Internet Agent is loaded and unloaded, and how failover and failback situations are handled. Complete the following tasks for the Internet Agent cluster resource:

Modifying the Cluster Resource Load Script for the Internet Agent and Its MTA

The cluster resource load script executes whenever the Internet Agent cluster resource comes online.

To set up the load script in iManager:

  1. Expand Clusters, then click Cluster Options.

  2. In the Cluster field, browse to the Cluster object where the Internet Agent cluster resource is located.

  3. Click the Cluster object to display the cluster resources that belong to the cluster.

  4. Select the Internet Agent cluster resource that you created when you set up the Internet Agent partition, then click Details.

  5. Click Scripts > Load Script.

  6. (Conditional) If this is an NSS volume or a shared pool, use a load script similar to the following example, depending on the configuration of your cluster and nodes:

    #!/bin/bash 
    . /opt/novell/ncs/lib/ncsfuncs
    
    # mount filesystem
    exit_on_error ncpcon mount /opt="noatime,nodiratime" volume_name=volume_ID
    
    # add IP address
    exit_on_error add_secondary_ipaddress gwia_partition_ip_address
    
    # start service
    exit_on_error /etc/init.d/grpwise start domain
    exit_on_error /etc/init.d/grpwise start domain.gwia
    
    1. In the mount filesystem section, specify the volume name and volume ID of the GWIA partition that you are clustering (System Clustering Worksheet item 5):

    2. In the add IP address section, specify the secondary IP address of the GWIA partition (System Clustering Worksheet item 7)

    3. In the start service section, provide the commands to start the MTA first, following by the GWIA.

  7. (Conditional) If this is a traditional Linux volume, use a load script similar to the following example, depending on the configuration of your cluster and nodes:

    #! /bin/bash
    . /opt/novell/ncs/lib/ncsfunc
    
    # define IP address
    RESOURCE_IP=gwia_partition_ip_address
    
    # define filesystem type
    MOUNT_FS=filesystem
    
    # define device (if using EVMS)
    exit_on_error evms -f /var/opt/novell/ncs/ContainerActivate -rl
                                                     Share ‘uname -n‘
    MOUNT_DEV=/dev/evms/Share/dat
    
    # define mount point
    MOUNT_POINT=/mnt/mount_point_directory
    
    # mount filesystem
    exit_on_error mount -t $MOUNT_FS $MOUNT_DEV $MOUNT_POINT -o noatime,nodiratime
    
    # add IP address
    exit_on_error add_secondary_ipaddress $RESOURCE_IP
    
    # start service
    exit_on_error /etc/init.d/grpwise start domain
    exit_on_error /etc/init.d/grpwise start domain.gwia
    
    exit 0
    
    1. In the define IP address section, specify the secondary IP address of the GWIA partition (Internet Agent Clustering Worksheet item 1).

    2. In the define filesystem type section, specify the filesystem type that is in use in use on the nodes in the cluster (System Clustering Worksheet item 5).

    3. In the define mount point section, specify the mount point directory in use for the nodes in the cluster (System Clustering Worksheet item 5).

    4. In the start service section, provide the commands to start the MTA first, following by the GWIA.

  8. If this is an NSS volume or a shared pool, make the following changes to set up the Internet Agent load script:

    1. As needed, in the mount command, change reiserfs to whatever file system type is in use on nodes in the cluster.

    2. In the mount command, change vol to the actual device name in use on nodes in the cluster.

    3. In the mount command, change /mnt/generic to the mount point directory in use on nodes in the cluster.

    4. In the add_secondary_ipaddress command, change a.b.c.d to the secondary IP address of the Internet Agent partition (Internet Agent Clustering Worksheet item 1)

    5. In the start service command, change myservice start to the command to start the Internet Agent and its MTA.

      /etc/init.d/grpwise start domain
      /etc/init.d/grpwise start domain.gwia
      
  9. If this is a traditional Linux volume, use the following load script:

    #! /bin/bash
    . /opt/novell/ncs/lib/ncsfunc
    
    # define the IP address
    RESOURCE_IP=123.123.1.
    
    # define the file system type
    MOUNT_FS=reiserf
    
    # define the device
    exit_on_error evms -f /var/opt/novell/ncs/ContainerActivate -rl
                                                     Share ‘uname -n‘
    MOUNT_DEV=/dev/evms/Share/dat
    
    # define the mount point
    MOUNT_POINT=/mnt/mount_point
    
    # mount the file system
    exit_on_error mount -t $MOUNT_FS $MOUNT_DEV $MOUNT_POINT
    
    # add the IP address
    exit_on_error add_secondary_ipaddress $RESOURCE_IP
    
    /etc/init.d/grpwise start domain
    /etc/init.d/grpwise start domain.gwia
    
    exit 0
    

    Make the following changes to set up the load script for the Internet Agent:

    1. On the RESOURCE_IP line, change 123.123.1.1 to the secondary IP address of the GroupWise partition (Internet Agent Clustering Worksheet item 1).

    2. As needed on the MOUNT_FS line, change reiserfs to whatever file system type is in use on nodes in the cluster.

    3. On the MOUNT_DEV line, change /dev/evms/Share/dat to the actual device name in use on nodes in the cluster.

    4. On the MOUNT_POINT line, change /mnt/mount_point to the mount point directory in use on nodes in the cluster.

    5. If you created a domain on the partition, use the following command to start the MTA:

      /etc/init.d/grpwise start domain
      
    6. Use the following commands to start the Internet Agent and its MTA:

      /etc/init.d/grpwise start domain
      /etc/init.d/grpwise start domain.gwia
      
  10. Click OK to save the load script.

Modifying the Cluster Resource Unload Script for the Internet Agent and Its MTA

The cluster resource unload script executes whenever the Internet Agent cluster resource goes offline. Programs should be unloaded in the reverse order of how they were loaded. This ensures that supporting programs are not unloaded before programs that rely on them in order to function properly.

  1. On the Cluster Resource Properties page of the Internet Agent cluster resource, click Scripts > Unload Script.

  2. If this is an NSS volume or a shared pool, use an unload script similar to the following example, depending on the configuration of your cluster and nodes:

    #!/bin/bash
    . /opt/novell/ncs/lib/ncsfuncs
    
    # request service stop
    ignore_error /etc/init.d/grpwise stop domain.gwia
    ignore_error /etc/init.d/grpwise stop domain
    
    # stop service otherwise
    sleep 8
    ignore_error pkill -fx "/opt/novell/groupwise/agents/bin/gwia
         @/media/nss/volume_name/groupwise/agents/share/gwia.cfg"
    ignore_error pkill -fx "/opt/novell/groupwise/agents/bin/gwmta
         @/media/nss/volume_name/groupwise/agents/share/domain_name.mta"
    
    # delete IP address
    ignore_error del_secondary_ipaddress gwia_partition_ip_address
    
    # unmount filesystem
    exit_on_error umount /mnt/mount_point_directory
    
    # return status
    exit 0
    
    1. In the request service stop section, provide the commands to stop the GWIA first, followed by the MTA.

    2. In the stop service otherwise section, adjust the sleep command as needed so that the agents can shut down normally on your system without being inadvertently killed by the pkill command the follows.

    3. In the delete IP address section, specify the secondary IP address of the GWIA partition.

    4. In the unmount filesystem section, specify the mount point directory in use for the nodes in the cluster.

    5. (Conditional) If you are running the GroupWise High Availability service (gwha), stop it before the script stops the agents, then start it again at the end of the unload script.

      This prevents the GroupWise High Availability service from trying to restart the agents while the script is trying to stop them.

      Add the following section before the commands to stop the agents:

      # Temporarily disable the gwha service under xinetd
      ignore_error /sbin/chkconfig -s gwha off
      ignore_error kill -HUP `pidof xinetd`
      

      Add the following section before the return status section:

      # Restart the gwha service under xinetd
      ignore_error /sbin/chkconfig -s gwha on
      ignore_error kill -HUP `pidof xinetd`
      
  3. If this is a traditional Linux volume, use an unload script similar to the following example, depending on the configuration of your cluster and nodes:

    #!/bin/bash
    . /opt/novell/ncs/lib/ncsfuncs
    
    # request service stop
    ignore_error /etc/init.d/grpwise stop domain.gwia
    ignore_error /etc/init.d/grpwise stop domain
    
    # stop service otherwise
    sleep 8
    ignore_error pkill -fx "/opt/novell/groupwise/agents/bin/gwia
         @/media/nss/volume_name/groupwise/agents/share/gwia.cfg"
    ignore_error pkill -fx "/opt/novell/groupwise/agents/bin/gwmta
         @/media/nss/volume_name/groupwise/agents/share/domain_name.mta"
    
    # define IP address
    RESOURCE_IP=gwia_partition_ip_address
    
    # define mount point
    MOUNT_POINT=/mnt/mount_point_directory
    
    # delete IP address
    ignore_error del_secondary_ipaddress $RESOURCE_IP
    
    # unmount filesystem
    exit_on_error umount $MOUNT_POINT
    
    # return status
    exit 0
    
    1. In the request service stop section, provide the commands to stop the GWIA first, followed by the MTA.

    2. In the stop service otherwise section, adjust the sleep command as needed so that the agents can shut down normally on your system without being inadvertently killed by the pkill command the follows.

    3. In the define IP address section, specify the secondary IP address of the GWIA partition.

    4. In the define mount point section, specify the mount point directory in use for the nodes in the cluster.

    5. (Conditional) If you are running the GroupWise High Availability (gwha) service, stop it before the script stops the agents, then start it again at the end of the unload script.

      This prevents the GroupWise High Availability service from trying to restart the agents while the script is trying to stop them.

      Add the following section before the request service stop section:

      # Temporarily disable the gwha service under xinetd
      ignore_error /sbin/chkconfig -s gwha off
      ignore_error kill -HUP `pidof xinetd`
      

      Add the following section before the return status section:

      # Restart the gwha service under xinetd
      ignore_error /sbin/chkconfig -s gwha on
      ignore_error kill -HUP `pidof xinetd`
      
  4. Click OK to save the unload script.

Setting the Failover List and Policies for the Internet Agent and Its MTA
  1. On the Cluster Resource Properties page of the Internet Agent cluster resource, click General.

    The default policy settings are often appropriate. By default, a cluster resource:

    • Fails over automatically if the node it is running on fails

    • Starts automatically on the next node in its failover list

    • Continues running at its failover location, even after its most preferred node is again available

      If you are considering changing these defaults, see the OES 11 Novell Cluster Services 2 for Linux Administration Guide.

  2. Under Preferred Nodes, arrange the nodes in the cluster into the desired failover list for the Internet Agent (Internet Agent Clustering Worksheet item 3).

  3. Click OK.

Enabling Internet Addressing for Your Clustered GroupWise System

Setting up Internet addressing for a clustered Internet Agent is no different from setting it up for an Internet Agent in any other environment. Follow the instructions in Configuring Internet Addressing in Internet Agent in the GroupWise 8 Administration Guide, then return to this point.

Forcing Use of the Internet Agent Secondary IP Address

If you want the Internet Agent to send outgoing messages on its secondary IP address, rather than using the default of its primary IP address:

  1. Click GroupWise > Network Address.

  2. In the TCP/IP Address field, provide the secondary IP address (Internet Agent Clustering Worksheet item 1) for the Internet Agent to use for sending outgoing messages.

  3. Select Bind Exclusively to TCP/IP Address.

  4. Click OK.

  5. Continue with Verifying Internet Agent Object Properties.

Verifying Internet Agent Object Properties

During installation of the Internet Agent, the Internet Agent object should have been configured correctly. However, it can be helpful to verify certain cluster-specific information in order to familiarize yourself with the configuration of a clustered Internet Agent.

Accessing Internet Agent Object Properties
  1. In ConsoleOne, browse to and select the Internet Agent domain in order to display its contents.

  2. Right-click the Internet Agent object, then click Properties.

  3. Continue with Verifying the Reference to the Internet Agent Cluster Resource.

Verifying the Reference to the Internet Agent Cluster Resource

In the Internet Agent object properties pages:

  1. Click SMTP/MIME > Settings.

  2. Verify the contents of the Hostname/DNS “A Record” Name field.

    It displays the hostname as currently configured in DNS. It should display the hostname that corresponds to the secondary IP address of the Internet Agent cluster resource. For more information, see Section 15.1.5, Preparing DNS for the Clustered Internet Agent.

  3. Make changes if necessary.

  4. Continue with Verifying the Reference to the Mount Point Directory.

Verifying the Reference to the Mount Point Directory

In the Internet Agent object properties pages:

  1. Click Server Directories.

  2. Verify that the displayed directories match the mount point directory and the domain directory.

  3. Make changes if necessary.

  4. Continue with Verifying Post Office Links.

Verifying Post Office Links

In the Internet Agent object properties pages:

  1. Click Post Office Links.

  2. Verify that the Access Mode column displays C/S (for client/server mode) for all post offices serviced by the Internet Agent.

  3. Verify that the Links column displays the secondary IP addresses of the GroupWise partitions where post offices reside, not the IP addresses of any nodes in the cluster.

  4. Make changes if necessary.

  5. Continue with Forcing Use of the Internet Agent Secondary IP Address.