One of the problems I’ve encountered with clustered resources is that a number of them make use of Apache and in certain circumstances, running multiple instances of Apache just isn’t practical.
As Apache will not load if it can’t find a directory specified in it’s configuration, this can be a problem in a clustered environment where all resources may not currently be available to any particular server.
An example of this situation is where a folder in a shared area on the server is published to the intranet using the Apache instance on the server. If the volume were failed over to the second server, this shared resource wouldn’t be available to the web server on the new server, and when the original server reboots, Apache would fail to load as it wouldn’t be able to access that folder.
The solution for this is to use a dynamic configuration directory in Apache and have the cluster load/unload scripts add and delete files from this directory on demand, and then restart Apache with the new configuration.
The copying of files will be done using TOOLBOX.NLM which can be found here: Toolbox 2.17
This document assumes that TOOLBOX.NLM is already installed on every server in the cluster.
TOOLBOX.NLM requires eDirectory authentication, so I suggest creating a user account that only had permissions to each of the folders that are discussed in this document.
For this example, we’re going to assume that we have a folder on a cluster volume that we want to show up in Apache. This can easily be extended out to an entire virtual server or even adding secondary IP address support to Apache for a mounted resource.
First, we must first create a folder into the Apache tree on the SYS volume to hold these dynamic files that we’ll call SYS:\APACHE2\CONF\DYNAMIC (This needs to be done on each server in the cluster.)
Next, we make the following addition to the end of the httpd.conf file located in SYS:\APACHE2\CONF (This needs to be done on each server in the cluster.):
Now, we’ll make a folder on the cluster volume to hold the dynamic configuration files. We’ll call this VOLUME:\ETC\APACHE2\CONF
In that folder, we’ll create a file called myfiles.conf
Alias /myfiles "VOLUME:/share/myfiles" <Directory "VOLUME:/share/myfiles"> AllowOverride None Options IncludesNoExec AddOutputFilter Includes html Order allow,deny Allow from all </Directory>
Now that the files are in place, we’ll modify the cluster load script to copy the new configuration file into place. To do this, we’ll create a couple of NCF files to control the process and call these from the cluster load and unload scripts.
NOTE: Please keep in mind that these NCF files will have a plaintext password in them for the user account we created earlier. For this reason it is EXTREMELY important that you limit this user to only having access to the dynamic configuration file directories. In my configuration, I give it read/write access to the SYS:\apache2\conf\dynamic directories on all servers, and read-only access to the configuration file directories on the resource volumes.
We’re going to save these files to VOLUME:/etc/scripts
# -- Remove the authentication to the tree for TOOLBOX in case someone else had been using it AUTH treename /d # -- Authenticate for the copy operation. AUTH treename username.context password # -- Copy the configuration file COPY VOLUME:\ETC\APACHE2\CONF\myfiles.conf SYS:\APACHE2\CONF\DYNAMIC # -- Unload Apache ap2webdn # -- Delay 10 seconds to allow Apache shutdown to complete DELAY 10 # -- Restart Apache ap2webup
Now, we need to reverse this process to delete the file from the configuration as the resource is removed from the server. Again, we can either put this into the resource unload script or we can put it into an NCF file.
# -- Remove the authentication to the tree for TOOLBOX in case someone else had been using it AUTH treename /d # -- Authenticate for the copy operation. AUTH treename username.context password # -- Delete the configuration file DEL SYS:\APACHE2\CONF\DYNAMIC # -- Unload Apache ap2webdn # -- Delay 10 seconds to allow Apache shutdown to complete DELAY 10 # -- Restart Apache ap2webup
Now that these files are created, we’ll modify the load script and add the following line at the END:
We’ll also modify the unload script and add the following line at the BEGINNING:
Finally, we need to make add the following lines to the AUTOEXEC.NCF file to make sure that the DYNAMIC folder we created earlier is emptied upon reboot of the server:
# -- Load TOOLBOX.NLM TOOLBOX.NLM # -- Remove the authentication to the tree for TOOLBOX in case someone else had been using it AUTH treename /d # -- Authenticate for the copy operation. AUTH treename username.context password # -- Delete the configuration file DEL SYS:\APACHE2\CONF\DYNAMIC\*.conf
Now, assuming that you have DNS set up correctly, you should be able to go to http://resourcedns/myfiles to view the content. It should also be available at http://servername/myfiles
If you make the appropriate Apache configuration changes on all of the servers in your cluster, your resource can now float between servers without issue.
You should be able to extend this to any Apache configuration you can think of. This works perfectly for virtual servers as well.