Failover Redundancy in Ubuntu 11.10 with CARP

Failover Redundancy in Ubuntu 11.10 

1. Install ucarp:

root@master:~# apt-get install ucarp
root@slave:~#    apt-get install ucarp


2. For the primary (master) host change /etc/network/interfaces as follows:

# This file describes the network interfaces available on your system 

# and how to activate them. For more information, see interfaces(5).

# The loopback network interface

auto lo 

iface lo inet loopback

# The primary network interface

auto eth0 

iface eth0 inet static

address 192.168.1.130 

netmask 255.255.255.0 

network 192.168.1.0 

broadcast 192.168.1.255 

gateway 192.168.1.1

# The secondary network interface

auto eth1 

iface eth1 inet static 

address 192.168.2.1 

netmask 255.255.255.0 

network 192.168.2.0 

broadcast 192.168.2.255

ucarp-vid 1 

ucarp-vip 192.168.2.254 

ucarp-password secret 

ucarp-advskew 14 

ucarp-advbase 1 

ucarp-facility local1 

ucarp-master yes 

ucarp-upscript /usr/share/ucarp/vip-up 

ucarp-downscript /usr/share/ucarp/vip-down

iface eth1:ucarp inet static 

address 192.168.2.254 

netmask 255.255.255.0

3. For the secondary (slave) host change /etc/network/interfaces as follows:

# This file describes the network interfaces available on your system 

# and how to activate them. For more information, see interfaces(5).

# The loopback network interface

auto lo 

iface lo inet loopback

# The primary network interface

auto eth0 

iface eth0 inet static

address 192.168.1.130 

netmask 255.255.255.0 

network 192.168.1.0 

broadcast 192.168.1.255 

gateway 192.168.1.1

# The secondary network interface

auto eth1 

iface eth1 inet static

address 192.168.2.2 

netmask 255.255.255.0 

network 192.168.2.0 

broadcast 192.168.2.255

ucarp-vid 1 

ucarp-vip 192.168.2.254 

ucarp-password secret 

ucarp-advskew 14 

ucarp-advbase 1 

ucarp-facility local1 

ucarp-master no 

ucarp-upscript /usr/share/ucarp/vip-up 

ucarp-downscript /usr/share/ucarp/vip-down

iface eth1:ucarp inet static

address 192.168.2.254 

netmask 255.255.255.0

4. Add to the /etc/rc.local:

root@master:~# ucarp -i eth1 -s 192.168.2.1 -v 1 -p secret -a 192.168.2.254 -u /etc/vip-up.sh -d /etc/vip-down.sh -z -B

root@slave:~# ucarp -i eth1 -s 192.168.2.2 -v 1 -p secret -a 192.168.2.254 -u /etc/vip-up.sh -d /etc/vip-down.sh -z -B

5. To check if works correctly check ip addresses on the interfaces on both hosts:

ip addr show

The virtual ip assigned to the ucarp interface should be seen only on the master host.
Ping the virtual ip to check if it is reachable.
Shutdown the master and observe that the slave takes over and virtual ip now can be seen.
Again, ping the virtual ip.

Installing Virtual Hosts on Apache2 Webserver

Installing Virtual Hosts on Apache2

1. Create a folder for the domain:
mkdir -p /usr/share/tomcat/webapps/example

2. Within the /etc/apache2/sites-available/ folder create unique files for each of domains. For example, a file called “example” in that directory:
sudo nano /etc/apache2/sites-available/example

3. Copy content of default site to the newly created file:
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/example
(directories for Apache and Tomcat can be placed in a convenient place, however must be the same. For Tomcat server root folder for applications is webapps)

4. Adjust document roots as necessary and append to the file the following:
ServerName (name of the host)
JkMount /jsp/* worker1
JkMount /jsp worker1
#JkAutoAlias /usr/share/tomcat7/webapps/examples/
(appends requests for resources after webapps)

5. Enable mod_rewrite in Apache2:

sudo a2enmod rewrite

6. Now enable the site:
sudo a2ensite example

This site is now available (as in configured) and enabled (as in listening) once the Apache service is restarted:

sudo /etc/init.d/apache2 reload

sudo /etc/init.d/apache2 reload
sudo /etc/init.d/tomcat7 restart

 

Testing

7. To test your configuration you can, temporarily, configure the /etc/hosts file to point the domain to your IP address and see if your server loads up the correct site. This is only needed if the hostname or domain name does not already resolve to your IP address. Editing the /etc/hosts by adding the following line:
ip.address domain.tld (For instance 67.207.131.28 example.com)



8. Open a browser, try to access http://example and see if it loads the contents from the local DocumentRoot (from the configuration above). You might want to drop a file in the DocumentRoot to verify its pulling your local content:

sudo mv /var/www/index.html /usr/share/tomcat/webapps/examples/

9. Check PHP libraries:

sudo cp /var/www/test.php /usr/share/tomcat/webapps/examples/ or
sudo nano /usr/share/tomcat/examples/test.php

Write in it the only line:
<?php phpinfo(); ?>

10. Point the web browser to http://example/test.php and observe server’s phpinfo.

Connecting Tomcat 7.0.25 with Apache 2 (mod_jk)

Connecting Tomcat 7 with Apache2 (mod_jk)

1. Install Connector

sudo apt-get install libapache2-mod-jk

Create a file worker.properties in Tomcat directory / usr/share/tomcat7/conf/workers.properties :

sudo nano / usr/share/tomcat7/conf/workers.properties   

And add the following lines:
# workers.properties
# --------------------------------------------------------------------------
# File:        workers.properties
#
# Purpose:     AJP Bridge for Apache/Tomcat
#
# Location:    $TOMCAT_HOME/conf
#
# Certified:   Ubuntu 11.04 / Apache 2.2.17/ Tomcat 7.0 / JDK-1.7.0
#
# Note:        This file should be appended or included into jk.load
# --------------------------------------------------------------------------
#
# This file provides jk derived plugins with the needed information to
# connect to the different tomcat workers.  Note that the distributed
# version of this file requires modification before it is usable by a
# plugin.
#
# As a general note, the characters $( and ) are used internally to define
# macros. Do not use them in your own configuration!!!
#
# Whenever you see a set of lines such as:
# x=value
# y=$(x)\something
#
# the final value for y will be value\something
#
# Normaly all you will need to do is un-comment and modify the first three
# properties, i.e. workers.tomcat_home, workers.java_home and ps.
# Most of the configuration is derived from these.
#
# When you are done updating workers.tomcat_home, workers.java_home and ps
# you should have 3 workers configured:
#
# - An ajp13 worker that connects to localhost:8009
# - A jni inprocess worker.
# - A load balancer worker
#
# However by default the plugins will only use the ajp13 worker. To have
# the plugins use other workers you should modify the worker.list property.
#
# OPTIONS ( very important for jni mode )
#
# workers.tomcat_home should point to the location where you
# installed tomcat. This is where you have your conf, webapps and lib
# directories.
#
workers.tomcat_home=$CATALINA_HOME
#
# workers.java_home should point to your Java installation. Normally
# you should have a bin and lib directories beneath it.
#
workers.java_home=$JAVA_HOME
#
# You should configure your environment slash... ps=\ on NT and / on UNIX
# and maybe something different elsewhere.
#
ps=/
#
#------ ADVANCED MODE ------------------------------------------------
#---------------------------------------------------------------------
#
#------ DEFAULT worket list ------------------------------------------
#---------------------------------------------------------------------
#
# The workers that your plugins should create and work with
#
worker.list=worker1,worker2,worker3
#
#
#------ DEFAULT WORKER DEFINITION ------------------------------------
#---------------------------------------------------------------------
#
# Defining a worker named worker1 and of type ajp13
# Note that the name and the type do not have to match.
#
worker.worker1.port=8009
worker.worker1.host=localhost
worker.worker1.type=ajp13
#
# Specifies the load balance factor when used with
# a load balancing worker.
# Note:
#  ----> lbfactor must be > 0
#  ----> Low lbfactor means less work done by the worker.
worker.worker1.lbfactor=1
#
# Specify the size of the open connection cache.
#worker.worker1.cachesize
#
#------ OTHER WORKERS DEFINITION ------------------------------------
#---------------------------------------------------------------------
#
worker.worker2.port=8109
worker.worker2.host=localhost
worker.worker2.type=ajp13
#
# Specifies the load balance factor when used with
# a load balancing worker.
# Note:
#  ----> lbfactor must be > 0
#  ----> Low lbfactor means less work done by the worker.
worker.workerworker2.lbfactor=1
#
# Specify the size of the open connection cache.
#worker.workerworker2.cachesize
#
worker.worker3.port=8209
worker.worker3.host=localhost
worker.worker3.type=ajp13
#
# Specifies the load balance factor when used with
# a load balancing worker.
# Note:
#  ----> lbfactor must be > 0
#  ----> Low lbfactor means less work done by the worker.
worker.workerworker3.lbfactor=1
#
# Specify the size of the open connection cache.
#worker.workerworker3.cachesize
#
#------ DEFAULT LOAD BALANCER WORKER DEFINITION ----------------------
#---------------------------------------------------------------------
#
# The loadbalancer (type lb) workers perform wighted round-robin
# load balancing with sticky sessions.
# Note:
#  ----> If a worker dies, the load balancer will check its state
#        once in a while. Until then all work is redirected to peer
#        workers.
worker.loadbalancer.type=lb
worker.loadbalancer.balanced_workers=worker1, worker2, worker3
#
#------ DEFAULT JNI WORKER DEFINITION---------------------------------
#---------------------------------------------------------------------
#
# Defining a worker named inprocess and of type jni
# Note that the name and the type do not have to match.
#
worker.inprocess.type=jni
#
#------ CLASSPATH DEFINITION -----------------------------------------
#---------------------------------------------------------------------
#
# Additional class path components.
#
#worker.inprocess.class_path=$(workers.tomcat_home)$(ps)lib$(ps)tomcat.jar
#
# Setting the command line for tomcat.
# Note: The cmd_line string may not contain spaces.
#
#worker.inprocess.cmd_line=start
#
# Not needed, but can be customized.
# worker.inprocess.cmd_line=-config
# worker.inprocess.cmd_line=$(workers.tomcat_home)$(ps)conf$(ps)server.xml
# worker.inprocess.cmd_line=-home
# worker.inprocess.cmd_line=$(workers.tomcat_home)
#
# The JVM that we are about to use
#
# This is for Java2
#
# Windows
# worker.inprocess.jvm_lib=$(workers.java_home)$(ps)jre$(ps)bin$(ps)classic$(ps)jvm.dll
# IBM JDK1.3
# worker.inprocess.jvm_lib=$(workers.java_home)$(ps)jre$(ps)bin$(ps)classic$(ps)libjvm.so
# Unix - Sun VM or blackdown
worker.inprocess.jvm_lib=$(workers.java_home)$(ps)jre$(ps)lib$(ps)i386$(ps)classic$(ps)libjvm.so
#
# And this is for jdk1.7.X
#
# worker.inprocess.jvm_lib=$(workers.java_home)$(ps)bin$(ps)javai.dll
#
# Setting the place for the stdout and stderr of tomcat
#
#worker.inprocess.stdout=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stdout
#worker.inprocess.stderr=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stderr
#
# Setting the tomcat.home Java property
#
# worker.inprocess.sysprops=tomcat.home=$(workers.tomcat_home)
#
# Java system properties
#
# worker.inprocess.sysprops=java.compiler=NONE
# worker.inprocess.sysprops=myprop=mypropvalue
#
# Additional path components.
#
# worker.inprocess.ld_path=d:$(ps)SQLLIB$(ps)bin

2. Configuring JK to connect jk.load to workers.properties

Open /etc/apache2/modes-available/jk.load and append the following: 

# jk.load
# --------------------------------------------------------------------------
# File:        jk.load
#
# Purpose:     Configuration file for Apache/Tomcat
#
# Location:    /Apache2/mods-available/
#
# Certified:   Ubuntu 11.04 / Apache 2.2.17/ Tomcat 7.0 / JDK-1.7.0
#
# Note:        This file should be appended into jk.load module
# --------------------------------------------------------------------------
#
# Configure the jk module
## Update this path to match your conf directory location 
#
JkWorkersFile / usr/share/tomcat7/conf/workers.properties #
# Update this path to match your logs directory location (put mod_jk.log next to access_log)

JkLogFile     /var/log/apache2/mod_jk.log#

# Update this path to match your local state directory or logs directory
JkShmFile     /var/log/apache2/mod_jk.shm 
#
# Log Level: May be debug, info, error, or emerg.
# If not set, defaults to no log
#
JkLogLevel error#
# Select the timestamp log format
JkLogStampFormat "[%a %b %d  %H:%M:%S  %Y] "
#
# Root context mounts for Tomcat
#
#JkMount /*.jsp ajp13
#JkMount /servlet/* ajp13
#
# Examples delivered with Tomcat, mapped in server.xml
# Use this only for Development and Testing
#
# AutoAlias /examples "/usr/local/tomcat/webapps/examples"
# JkMount /examples/servlet/* ajp13
# JkMount /examples/*.jsp ajp13

3. Disable the default configuration file for apache with: 

sudo a2dissite default

4. If there is an error: Apache2: Could not determine the server's fully qualified domain name, using 127.0.0.1 for ServerName then:

echo "ServerName localhost" | sudo tee /etc/apache2/conf.d/fqdn

Useful Links:
http://tomcat.apache.org/connectors-doc/reference/apache.html

Installing Tomcat 7.0.25 on Ubuntu 11.10

1.  Installing Tomcat 7.0.25

1.1. cd ~/downloads

1.2. SOURCETOM=apache-tomcat-7.0.25.tar.gz

1.3. SOURCETOMWEB=http://apache.mirror.nexicom.net/tomcat/tomcat-7/v7.0.25/src/apache-tomcat-7.0.25-src.tar.gz

1.4.sudo wget $SOURCETOMWEB

1.5.sudo mkdir /usr/share/tomcat7

1.6. Unpack the source
sudo tar zxvf $SOURCETOM

1.7.Move the generated content of folder apache-tomcat-7.0.25 to /usr/share/tomcat7:
 sudo mkdir –p /usr/share/tomcat7
 sudo mv apache-tomcat-7.0.25/* /usr/share/tomcat7/  

1.8. Delete apache-tomcat-7.0.25 directory:
 sudo rm –r apache-tomcat-7.0.25

1.9. Clean up the variable (and the compressed file)
 rm –f  $SOURCETOM

1.10.            sudo nano /etc/environment

Now let's set up the directories where we have installed Java in my case this is as follows:

JAVA_HOME="/usr/lib/jvm/ jdk1.0.7/"

JRE_HOME="/usr/lib/jvm / jdk1.0.7/jre/"
PATH=”…… :$JAVA_HOME:JRE_HOME”

1.11.            Configuring Tomcat users. The changes should be made in the file "tomcat-users.xml" directory tomcat7/conf. Command to edit the file:
sudo nano /usr/share/tomcat7/conf/tomcat-users.xml

The file would be as follows (add to the end of the file):

<tomcat-users>
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="manager"/>
<role rolename="admin-gui"/>
<role rolename="admin-script"/>
<role rolename="admin"/>
<user username="ubuntu" password="ubuntu" roles="manager-gui,admin-gui,manager,admin,manager-script,admin-script"/>
</tomcat-users>

1.12.            Now we will attempt to start Tomcat7. First the server should be brought up with the following command:

sudo /usr/share/tomcat7/bin/startup.sh

The following output will be observed on console:

Using CATALINA_BASE: /usr/share/tomcat7/
Using CATALINA_HOME: /usr/share/tomcat7/
Using Catalina TMPDIR: /usr/share/tomcat7/tmp
Using JRE_HOME: /usr/lib/jvm / jdk1.0.7/jre
Using CLASSPATH: /usr/share/tomcat7/ apache-tomcat \ 7.0.25/bin/bootstrap.jar:/usr/share/tomcat7/bin/tomcat-juli.jar

Create the tomcat user and group:

sudo groupadd tomcat
sudo useradd –g tomcat –d /usr/share/tomcat7 tomcat
sudo passwd tomcat
sudo chown –R tomcat:tomcat /usr/share/tomcat7 

1.13.            Automatic starting

To make tomcat automatically start when we boot up the computer, we can add a script to make it auto-start and shutdown.

sudo touch /etc/init.d/tomcat7

sudo nano /etc/init.d/tomcat7

1.14.            Now paste in the following:

#!/ bin/sh

# Tomcat7 Autostart Script

# Description: Provides Autostart Tomcat7 Servlet Engine

# processname: tomcat

# Default start: 3 5

# Default stop: 0 1 2 6

# Pidfile: /var/run/tomcat.pid

case $1 in

start)

echo –n “Starting Tomcat7\n”

sh /usr/share/tomcat7/bin/startup.sh
echo –n “Starting Tomcat7… done\n”

;;

stop)
echo –n “Stopping Tomcat7\n”

sh /usr/share/tomcat7/bin/shutdown.sh
echo –n “Stopping Tomcat7… done\n”

;;

restart)
echo –n “Restarting Tomcat7\n”

sh /usr/share/tomcat7/bin/shutdown.sh

sh /usr/share/tomcat7/bin/startup.sh
echo –n “RestartingTomcat7… done\n”

;;

esac

exit 0

The script should be made executable by running the chmod command:

sudo chmod 755 /etc/init.d/tomcat7 or sudo chmod +x /etc/init.d/tomcat7

The last step is actually linking this script to the startup folders with a symbolic link. Execute these two commands and we should be on our way.

sudo ln -s /etc/init.d/tomcat7 /etc/rc1.d/K99tomcat

sudo ln -s /etc/init.d/tomcat7 /etc/rc2.d/S99tomcat

sudo /etc/init.d/tomcat7 restart
Tomcat should now be fully installed and operational.

Useful Links:
Securing Tomcat Server (OWASP Project)

Installing LAMP Server and JDK 1.0.7 on Ubuntu 11.10

1.  Installing LAMP

1.1. sudo tasksel install lamp-server

2.  Installing Java Development Kit (JDK)

2.1.mkdir ~/downloads

2.2.cd ~/downloads

2.3. Download the source
 SOURCEJ= jdk-7-linux-i586.tar.gz

    SOURCEJAVAWEB=http://download.oracle.com/otn-pub/java/jdk/7/jdk-7-linux-i586.tar.gz 

(for x86)

or  SOURCEJWEB=http://download.oracle.com/otn-pub/java/jdk/7/jdk-7-linux-x64.tar.gz

(for x64)

2.4. sudo wget $SOURCEJWEB

2.5. Unpack the source
 sudo tar zxfv $SOURCEJ

2.6. Clean up the variable (and the compressed file)
 rm –f  $SOURCEJ

2.7.  Move the generated content of folder jdk1.0.7 to a more appropriate directory:  

sudo mkdir –p /usr/lib/jvm/

    sudo mv jdk1.0.7 /usr/lib/jvm/

2.8.Check how many alternatives you have:
  sudo update-alternatives --config java

2.9.  To add your new JDK 7 installation into alternatives list:
sudo update-alternatives --install /usr/bin/java java /usr/lib/jvm / jdk1.0.7/jre/bin/java 1

       sudo update-alternatives --config java

       java –version

* sudo apt-get python-software-properties