Novell Documentation: Novell Linux Point of Service - Creating Objects for High Availability Branch Servers in LDAP

7.2 Creating Objects for High Availability Branch Servers in LDAP

Before you can configure and deploy a high availability Branch Server pair, you must first create the necessary objects in the LDAP directory. HA Branch Servers require the same LDAP objects as standard Branch Servers, with the following differences:

The scNetworkcard objects include a virtual IP address (eth1:0) that represents both servers.
The scHAService objects must reference the virtual IP address.
Branch Server services are configured with scHAService objects instead of scService objects.

NOTE:Each LDAP object has two types of attributes: must and may attributes. The must attributes are required for an object; the may attributes are optional.

7.2.1 Creating Branch Objects

This section outlines the steps to add the necessary HA branch objects to the LDAP directory. The posAdmin command examples are based on the sample configuration shown in Figure 7-1. Modify the commands as necessary for your particular scenario.

NOTE:For ease of reference, the following procedure refers to the active node as BS1 and the standby node as BS2.

The branch objects you will create include:

One or more organizationalUnit objects to represent your organizational structure.
An scLocation object for each site where a Branch Server is located.
An scServerContainer to contain all the Branch Server objects for a given site.
An scBranchServer object and its associated configuration objects for the active and static Branch Servers (BS1 and BS2) in your HA configuration.

Create an organizationalUnit object.

For example:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret  
--base o=mycorp,c=us --add --organizationalUnit --ou boston

Create the scLocation object.

For example:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base ou=boston,o=mycorp,c=us --add --scLocation --cn branch 
--ipNetworkNumber 192.168.1.0 --ipNetmaskNumber 255.255.255.0 
--scDhcpRange 192.168.1.4,192.168.1.99 
--scDhcpFixedRange 192.168.1.100,192.168.1.199 
--scDefaultGw 192.168.1.1 --scDynamicIp TRUE 
--scWorkstationBasename CR --scEnumerationMask 000

Create an scServerContainer object.

For example:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=branch,ou=boston,o=mycorp,c=us --add --scServerContainer --cn server

In the new server container, create two Branch Server objects.

For example:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scBranchServer --cn bs1

and

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scBranchServer --cn bs2

Define the network interface cards for each Branch Server.

Depending on network traffic and the desired performance, you can configure one to four network interface cards per Branch Server. The recommended four-card configuration is illustrated in Figure 7-1. For more information on entering the network interface card configuration in YaST, see Network Interfaces.

Table 7-1 summarizes the command options which correspond to the scNetworkcard object attributes.

Table 7-1 Attributes for scNetworkcard objects

Attribute	Type	Explanation
--scDevice	must	Specifies the name of network device of the card. For example, eth0 or eth1.
--ipHostNumber	must	Specifies the IP address. For example, 192.168.1.1.
--macAddress	may	Specifies the MAC address of the network interface card.
--scModul	may	Specifies the name of the Linux kernel module for the network interface card.
--scModulOption	may	Specifies the module options of the Linux kernel module for the network interface card.
--ipNetmaskNumber	may	Adds the netmask belonging to the IP address assigned to the network interface card, if the ipHostNumber is not inside the defined subnet of the location.

The following examples demonstrate how to add network interface cards for the Branch Server, drbd, and heartbeat interfaces.

Branch Server 1 Network Interface Card Configuration

eth0 on BS1 for the public interface:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password novell 
--base cn=bs1,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scNetworkcard --scDevice eth0 --ipHostNumber 151.155.173.111

eth1 on BS1 for the Branch Server interface:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs1,cn=server,cn=east,ou=boston,o=mycorp,c=us
--add --scNetworkcard --scDevice eth1 --ipHostNumber 192.168.1.1 
--ipNetmaskNumber 255.255.255.0

eth2 on BS1 for the drbd interface:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs1,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scNetworkcard --scDevice eth2 --ipHostNumber 192.168.2.1

eth3 on BS1 for the heartbeat interface:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs1,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scNetworkcard --scDevice eth3 --ipHostNumber 192.168.3.1

eth1:0 on BS1 for the Branch Server interface virtual IP:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs1,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scNetworkcard --scDevice eth1:0 --ipHostNumber 192.168.1.3

Branch Server 2 Network Interface Card Configuration

eth0 on BS2 for the public interface:

posAdmin.pl --user cn=admin,o=a35,c=us --password secret 
--base cn=bs2,cn=server,cn=branch,ou=provo,o=a35,c=us 
--add --scNetworkcard --scDevice eth0 --ipHostNumber 151.155.173.112

eth1 on BS2 for the Branch Server interface:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret
--base cn=bs2,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scNetworkcard --scDevice eth1 --ipHostNumber 192.168.1.2 
--ipNetmaskNumber 255.255.255.0

eth2 on BS2 for the drbd interface:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs2,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scNetworkcard --scDevice eth2 --ipHostNumber 192.168.2.2

eth3 on BS2 for the Heartbeat interface:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs2,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scNetworkcard --scDevice eth3 --ipHostNumber 192.168.3.2

eth1:0 on BS1 for the Branch Server interface virtual IP:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs2,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scNetworkcard --scDevice eth1:0 --ipHostNumber 192.168.1.3

Add DHCP, DNS, and TFTP as HA services.

Table 7-2 summarizes the command options which correspond to the scHAService object attributes.

Table 7-2 Attributes for scHAService objects

Attribute	Type	Explanation
--cn	must	Specifies the common name of the service.
--ipHostNumber	must	Specifies the virtual IP address of the HA service.
--scDnsName	must	Specifies the DNS name of the service.
--scServiceName	must	Specifies the name of the service. For example: tftp, dns, dhcp.
--scServiceStartScript	must	Specifies the name of the init script in /etc/init.d. For example, atftpd for the tftp service.
--scServiceStatus	must	The status of the service. TRUE or FALSE are possible values.
--scPrimaryService	must	This flag is used to describe if this a primary service or not. TRUE or FALSE are the possible values. If you define a primary server, this flag is always TRUE. On a secondary server, this flag is always FALSE.

The following commands demonstrate how to add DHCP, DNS, and TFTP as HA services in the example scenario.

Branch Server 1 HA Services Configuration

For DHCP on BS1 as the primary service:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs1,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scHAService --cn dhcp --ipHostNumber 192.168.1.3 
--scDnsName dhcp --scServiceName dhcp --scServiceStartScript dhcpd
--scServiceStatus TRUE --scPrimaryService TRUE

For DNS on BS1 as the primary service:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs1,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scHAService --cn dns --ipHostNumber 192.168.1.3 
--scDnsName dns --scServiceName dns --scServiceStartScript named 
--scServiceStatus TRUE --scPrimaryService TRUE

For TFTP on BS1 as the primary service:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs1,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scHAService --cn tftp --ipHostNumber 192.168.1.3 
--scDnsName tftp --scServiceName tftp --scServiceStartScript atftpd
--scServiceStatus TRUE --scPrimaryService TRUE

Branch Server 2 HA Services Configuration

For DHCP on bs2 as the backup service:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs2,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scHAService --cn dhcp --ipHostNumber 192.168.1.3 
--scDnsName dhcp --scServiceName dhcp --scServiceStartScript dhcpd
--scServiceStatus TRUE --scPrimaryService FALSE

For DNS on BS2 as the backup service:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs2,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scHAService --cn dns --ipHostNumber 192.168.1.3 
--scDnsName dns --scServiceName dns --scServiceStartScript named
--scServiceStatus TRUE --scPrimaryService FALSE

For TFTP on BS2 as the backup service:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs2,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scHAService --cn tftp --ipHostNumber 192.168.1.3
--scDnsName tftp --scServiceName tftp --scServiceStartScript atftpd
--scServiceStatus TRUE --scPrimaryService FALSE

7.2.2 Creating Point of Service Terminal Objects

Before you can boot the Point of Service terminals associated with a Branch Server, you must create additional objects in the branch portion of the LDAP directory. These include an scCashRegister object and its associated configuration objects for each type of Point of Service terminal in your system, and scPosImage objects for the client image files you want the Branch Server to distribute to Point of Service terminals.

For instructions on how to create these objects, see Section 11.2, Creating the LDAP Objects Required for the Point of Service Terminals.