Mod cluster Installation: Difference between revisions
No edit summary |
|||
Line 139: | Line 139: | ||
ManagerBalancerName mycluster | ManagerBalancerName mycluster | ||
ServerAdvertise On | ServerAdvertise On | ||
AdvertiseGroup 224.0.1.105:23364 | |||
AdvertiseFrequency 5 | AdvertiseFrequency 5 | ||
Line 145: | Line 146: | ||
Allow from all | Allow from all | ||
</Location> | </Location> | ||
224.0.1.105:23364 | |||
</VirtualHost> | </VirtualHost> |
Revision as of 05:57, 9 January 2016
TODO deplete https://home.feodorov.com:9443/wiki/Wiki.jsp?page=Mod_clusterInstallation
Internal
Download
Compiled bundles are available here: http://mod-cluster.jboss.org/downloads
Native Components Installation on Linux
This procedure assumes httpd was already installed, configured, and it works well without mod_cluster.
At the time of the writing, the pre-compiled native components to be installed within an existing httpd are published on the download page as "mod_cluster modules for httpd". For example, the mod_cluster binaries for Linux x86 httpd are listed as "linux-x86_64 mod_cluster binaries". The file name is mod_cluster-1.3.1.Final-linux2-x64-so.tar.gz. It contains the pre-compiled httpd dynamic libraries (mod_advertise.so, mod_cluster_slotmem.so, mod_manager.so and mod_proxy_cluster.so).
Place the Dynamic Libraries in the modules Directory
Identify the httpd instance's module directory, by looking at the existing LoadModule directives specified in the configuration. It is usually /etc/httpd/modules.
It is good practice to include the mod_cluster version in the name of the dynamic library files, to make it obvious what version is used.
cp mod_advertise.so /etc/httpd/modules/mod_advertise-1.3.1.Final.so cp mod_cluster_slotmem.so /etc/httpd/modules/mod_cluster_slotmem-1.3.1.Final.so cp mod_manager.so /etc/httpd/modules/mod_manager-1.3.1.Final.so cp mod_proxy_cluster.so /etc/httpd/modules/mod_proxy_cluster-1.3.1.Final.so
Make sure the newly copied files have the same ownership and permissions as the existing modules.
Load Modules at Startup
A standard RHEL httpd installation has its modules configured in /etc/httpd/conf.modules.d. All files present in that directory are automatically included from httpd.conf:
... Include conf.modules.d/*.conf ...
Follow the same pattern to configure mod_cluster.
Add a new 99-mod_cluster.conf file in /etc/httpd/conf.modules.d with the following content:
# # This file configures mod_cluster # LoadModule cluster_slotmem_module modules/mod_cluster_slotmem-1.3.1.Final.so LoadModule manager_module modules/mod_manager-1.3.1.Final.so LoadModule proxy_cluster_module modules/mod_proxy_cluster-1.3.1.Final.so LoadModule advertise_module modules/mod_advertise-1.3.1.Final.so
Insure mod_proxy Dependencies are Present and Loaded
mod_cluster needs mod_proxy to work. More details about mod_cluster dependency on mod_proxy are found here.
Make sure mod_proxy.so and mod_proxy_ajp.so are loaded. For a standard httpd installation, those modules are loaded in /etc/httpd/conf.modules.d/00-proxy.conf:
... LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_ajp_module modules/mod_proxy_ajp.so ...
Remove undesired mod_proxy Dependencies
mod_cluster's mod_proxy_cluster cannot work correctly if mod_proxy's mod_proxy_balancer, so mod_proxy_balancer must be removed from the httpd configuration.
For a standard httpd deployment, mod_proxy_balancer is loaded in /etc/httpd/conf.modules.d/00-proxy.conf.
SELinux Configuration
If the host has SELinux enabled, we will need to install additional policies to allow httpd to write mod_cluster-related files in /var/log/httpd and also to perform multicast socket operations.
Start with a mod_cluster_1.te policy file:
module mod_cluster_1 1.0; require { type httpd_log_t; type httpd_t; type unreserved_port_t; class file { write unlink }; class dir remove_name; class udp_socket name_bind; } #============= httpd_t ============== allow httpd_t httpd_log_t:dir remove_name; allow httpd_t httpd_log_t:file unlink; allow httpd_t httpd_log_t:file write; allow httpd_t unreserved_port_t:udp_socket name_bind;
Compile the policy:
checkmodule -M -m -o mod_cluster_1.mod mod_cluster_1.te
Create the module package:
semodule_package -o mod_cluster_1.pp -m mod_cluster_1.mod
Install the policy:
semodule -i mod_cluster_1.pp
Verify that the policy was installed:
semodule -l | grep mod_cluster_1
More details about managing SELinux policies are available here: SELinux Operations.
Basic httpd.conf Configuration
This is a simple configuration that can be used to conduct smoke tests. It consists in just one mod_cluster-enabled virtual host. Note that access is allowed to all, you may want to configure stricter security in production. Also note that /mod_cluster-manager access is enabled. More complex configurations are of course possible. For more details on how to configure mod_cluster, go to mod_cluster Configuration.
... <VirtualHost 1.2.3.4:80> <Directory /> Allow from all </Directory> KeepAliveTimeout 60 MaxKeepAliveRequests 0 ManagerBalancerName mycluster ServerAdvertise On AdvertiseGroup 224.0.1.105:23364 AdvertiseFrequency 5 <Location /mod_cluster-manager> SetHandler mod_cluster-manager Allow from all </Location> 224.0.1.105:23364 </VirtualHost> ...
Important
- the default httpd configuration restricts access to the root directory, so you may want to comment out the following. Can do better than that.
#<Directory /> # AllowOverride none # Require all denied #</Directory>
Native Component Installation on Windows
TODO, manual page 6, section 2.2.4 Install on Windows.
Firewall Configuration
JBoss Components Installation
standard-ha and standard-full-ha WildFly 9 profiles come with mod_cluster enabled. As long as multicast propagates between httpd and the JBoss nodes, no configuration is necessary.
Test Initial Installation
Start httpd, it should start without warnings or errors.
mod_cluster will create a set of new files in (by default) /var/log/httpd: manager.*.slotmem and manager.*.lock.