Novell Cool Solutions

Using a Dynamic Apache Configuration in a NetWare Cluster



By:

May 30, 2008 9:22 am

Reads:5,738

Comments:0

Score:Unrated

Print/PDF

One of the problems I’ve encountered with clustered resources is that a number of them make use of Apache and in certain circumstances, running multiple instances of Apache just isn’t practical.

As Apache will not load if it can’t find a directory specified in it’s configuration, this can be a problem in a clustered environment where all resources may not currently be available to any particular server.

An example of this situation is where a folder in a shared area on the server is published to the intranet using the Apache instance on the server. If the volume were failed over to the second server, this shared resource wouldn’t be available to the web server on the new server, and when the original server reboots, Apache would fail to load as it wouldn’t be able to access that folder.

The solution for this is to use a dynamic configuration directory in Apache and have the cluster load/unload scripts add and delete files from this directory on demand, and then restart Apache with the new configuration.

The copying of files will be done using TOOLBOX.NLM which can be found here: Toolbox 2.17

This document assumes that TOOLBOX.NLM is already installed on every server in the cluster.

TOOLBOX.NLM requires eDirectory authentication, so I suggest creating a user account that only had permissions to each of the folders that are discussed in this document.

For this example, we’re going to assume that we have a folder on a cluster volume that we want to show up in Apache. This can easily be extended out to an entire virtual server or even adding secondary IP address support to Apache for a mounted resource.

First, we must first create a folder into the Apache tree on the SYS volume to hold these dynamic files that we’ll call SYS:\APACHE2\CONF\DYNAMIC (This needs to be done on each server in the cluster.)

Next, we make the following addition to the end of the httpd.conf file located in SYS:\APACHE2\CONF (This needs to be done on each server in the cluster.):

Include sys:/apache2/conf/dynamic/*.conf

Now, we’ll make a folder on the cluster volume to hold the dynamic configuration files. We’ll call this VOLUME:\ETC\APACHE2\CONF

In that folder, we’ll create a file called myfiles.conf

Alias /myfiles "VOLUME:/share/myfiles"

<Directory "VOLUME:/share/myfiles">
   AllowOverride None
   Options IncludesNoExec
   AddOutputFilter Includes html
   Order allow,deny
   Allow from all
</Directory>

Now that the files are in place, we’ll modify the cluster load script to copy the new configuration file into place. To do this, we’ll create a couple of NCF files to control the process and call these from the cluster load and unload scripts.

NOTE: Please keep in mind that these NCF files will have a plaintext password in them for the user account we created earlier. For this reason it is EXTREMELY important that you limit this user to only having access to the dynamic configuration file directories. In my configuration, I give it read/write access to the SYS:\apache2\conf\dynamic directories on all servers, and read-only access to the configuration file directories on the resource volumes.

We’re going to save these files to VOLUME:/etc/scripts

loadconf.ncf

# -- Remove the authentication to the tree for TOOLBOX in case someone else had been using it
AUTH treename /d
# -- Authenticate for the copy operation.
AUTH treename username.context password
# -- Copy the configuration file
COPY VOLUME:\ETC\APACHE2\CONF\myfiles.conf SYS:\APACHE2\CONF\DYNAMIC
# -- Unload Apache
ap2webdn
# -- Delay 10 seconds to allow Apache shutdown to complete
DELAY 10
# -- Restart Apache
ap2webup

Now, we need to reverse this process to delete the file from the configuration as the resource is removed from the server. Again, we can either put this into the resource unload script or we can put it into an NCF file.

unldconf.ncf

# -- Remove the authentication to the tree for TOOLBOX in case someone else had been using it
AUTH treename /d
# -- Authenticate for the copy operation.
AUTH treename username.context password
# -- Delete the configuration file
DEL SYS:\APACHE2\CONF\DYNAMIC
# -- Unload Apache
ap2webdn
# -- Delay 10 seconds to allow Apache shutdown to complete
DELAY 10
# -- Restart Apache
ap2webup

Now that these files are created, we’ll modify the load script and add the following line at the END:

VOLUME:/etc/scripts/loadconf.ncf

We’ll also modify the unload script and add the following line at the BEGINNING:

VOLUME:/etc/scripts/unldconf.ncf

Finally, we need to make add the following lines to the AUTOEXEC.NCF file to make sure that the DYNAMIC folder we created earlier is emptied upon reboot of the server:

# -- Load TOOLBOX.NLM
TOOLBOX.NLM
# -- Remove the authentication to the tree for TOOLBOX in case someone else had been using it
AUTH treename /d
# -- Authenticate for the copy operation.
AUTH treename username.context password
# -- Delete the configuration file
DEL SYS:\APACHE2\CONF\DYNAMIC\*.conf

Now, assuming that you have DNS set up correctly, you should be able to go to http://resourcedns/myfiles to view the content. It should also be available at http://servername/myfiles

If you make the appropriate Apache configuration changes on all of the servers in your cluster, your resource can now float between servers without issue.

You should be able to extend this to any Apache configuration you can think of. This works perfectly for virtual servers as well.

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.
Loading...Loading...

Categories: Uncategorized

0

Disclaimer: This content is not supported by Novell. It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test it thoroughly before using it in a production environment.

Comment

RSS