Php4, Php5 Programming, Ftp Web Hosting, Subdomain, Cpanel Blog

Chapter 27 . Enterprise Architecture 689 Note Setting Up a DRBD Pair Before configuring DRBD, make sure it is installed using YaST. By default, the DRBD system is not installed. For more information on installing packages, refer to Chapter 1. To configure the partners, you need to create a single DRBD configuration that is used on both machines, /etc/drbd.conf. A DRBD configuration file needs to contain a resource definition that describes the DRBD devices. This definition will contain the host names of the partners, IP addresses, and the devices you want to keep synchronized. DRBD works on the block level, so you need to specify the partition, not the mount point, of the filesystem. When defining your hosts, one must be the primary, and another the secondary node (synchronizing from one to the other). With this in mind, the secondary node s device you are synchronizing to must be the same as or bigger than the primary s node. If you have multiple devices that you want to synchronize, you can specify multiple resource definitions in the same file. For example, if you want to synchronize /dev/sdb2 to 192.168.0.5 and synchronize /dev/sdb3 to 192.168.0.6, you can specify two separate resource definitions. When you define a host in the DRBD definition section, you must specify the node name as returned by the uname-n command. This is paramount to the operation of DRBD, and if it is incorrect, DRBD will complain at startup. Listing 27-1 is a sample DRBD configuration file for a partnership. Listing 27-1: Defining a Partnership in DRBD resource drbd0 { net { sync-max = 30M } protocol = C fsckcmd = /bin/true # DB Server on node1 { device = /dev/nb0 disk = /dev/sdb1 address = 192.168.0.2 port = 7788 Continued
If you are in need for cheap and reliable webhost to host your website, we recommend http web server services.

688 Part V . SUSE Linux in the Enterprise Cross- Reference For more information on using fdisk to create partitions, see Chapter 3. When your storage has been configured, you should tell SUSE that it needs to load the Qlogic driver at boot time so that you can mount the filesystems using fstab. To do this, edit the file /etc/sysconfig/kernel and add the Qlogic driver to the MODULES_LOADED_ON_BOOT list. Every module listed in MODULES_LOADED_ON_BOOT will be automatically loaded when the system boots. Each module listed is the module name without the .ko extension as found in /lib/modules. MODULES_LOADED_ON_BOOT= cdrom ide-cd ide-scsi qla2300 Disaster Recovery In recent years, disaster recovery (DR) has become a very important part of an organization. This is not only for the enterprise, but also for any company. DR can mean anything from storing backups of your network at a secure, off-site location to replicating data in real time to a DR site. DR is not just about saving your data in the event of a disaster but also about a methodology on how to bring your business back up when the worst happens. Most organizations realize that the quicker they can bring a DR site up, the less they will lose. To do this, real-time data replication has become very popular recently. Most SAN controllers support block-level replication over fiber to another location. This is a very costly DR solution. However, it is a solution that is very resilient and fast. The main problem is that you need to have a very fast connection to your DR site, which could involve laying dark fiber directly to the site, using a high-capacity link, and employing iSCSI or an IP to Fiber translator, which again is very costly. Luckily, Linux has a block replication service called DRBD that mirrors a disk device over TCP/IP to another server. Philip Reisner wrote DRBD while writing his thesis and has employed very elegant ways to transfer data across the network. DRBD works on the block level of a disk device so it has no understanding of files, directories, or filesystems. It transfers any changes to the device, whether they are metadata or file changes. DRBD works by storing a bitmap of the disk and transferring dirty data across the network based on changes to the bitmap to another device on the partner machine. Caution DRBD provides a shared storage system and is seen by Linux as a disk device in the same way that a SAN is seen. This also produces the same problem you have with sharing a disk between two machines with a standard Linux filesystem. With this in mind, you should never mount your DRBD device on both machines at the same time because you will probably corrupt your data at some point.
Visit our web design programs services for an affordable and reliable webhost to suit all your needs.

Chapter 27 . Enterprise Architecture 687 Locking of files and of a Linux partition is something that must be considered when sharing storage between multiple servers. Most standard Linux filesystems are not cluster aware and will behave very badly when mounted on two separate servers. To combat this, cluster-aware filesystems have been created. A cluster filesystem understands that multiple servers may be accessing data at the same time, and understanding that, the filesystem may change out of the control of one of the servers. One of the most popular Linux clustered filesystems is Global Filesystem (GFS), now owned by Red Hat. If you ever have to share data between more than one server in a disk environment, always be aware that you must use a cluster-aware filesystem. Using the Qlogic Driver The most common QLA card in circulation at the moment is the QLA2300 chipset, which is fully supported by SUSE. It is very likely that YaST would have found your Qlogic card during installation and would have configured the driver to load at boot time. If you have installed the driver after installation, you may need to configure your SAN access manually from Linux: 1. Manually load the driver and see if you can access your storage. bible:~ # modprobe qla2300 While the driver loads, you may see your system lock up. This is standard as the Qlogic driver initializes and is nothing to worry about. 2. Run dmesg to see what the Qlogic driver has found. You may see multiple SCSI devices found on the SAN fabric. The problem with this scenario is that you have created only one LUN on the storage and you can see two SCSI devices. This is because there are two links into the fabric, and each card has found the same LUN. To resolve this, you need to use the Qlogic failover driver. When a link to the SAN goes down, the driver switches the preferred path to a link that is up. During this time, all IO operations stall until the failover has happened. 3. Check the output of /proc/partitions to see what the kernel sees regarding disks on the system. You may see errors in /var/log/messages warning you that your new LUN does not have a valid partition table, and this is because it is a raw disk that needs to be initialized. 4. Load fdisk and create a partition on the disk (or many if needed). You can then access the disk as if it were any normal storage disk in the system.
If you are searching for cheap webhost for your web application, please visit MySQL5 Web Hosting services.

686 Part V . SUSE Linux in the Enterprise The LUN A logical unit number (LUN) is a piece of storage created in the SAN. It is integral to the use and design of a SAN. An LUN is a number assigned to an area of storage, and from the point of view of the server does not have anything to do with a physical disk. When an LUN is created, it is likely that the defined LUN will span many disks, as shown in Figure 27-5. LUN 1 LUN 2 LUN 3 LUN 2 Figure 27-5: Composition of a LUN Each LUN is presented as a single disk to the servers, and LUN masking can be used to direct an LUN to a specific server or servers. LUN masking is very important in a shared storage environment. Imagine connecting five servers to a SAN and all servers having access to all created LUNs. If one server goes crazy and starts writing data to an LUN it is not supposed to, or accessing a file it should not, you will find your data corrupted very quickly. LUN masking defines a mapping of LUNs to servers using the World Wide Name (WWN) of the server HBA. Defining an explicit mapping stops the previously mentioned situation from happening. A server that does not have a mapping has no idea an LUN exists, and the operating system does not have to know or be aware of how or why LUN masking works. The important thing to remember about an LUN is that it is seen and accessed as a single-disk device in Linux. Partitions and filesystems are then created upon this LUN and used by Linux. Shared Storage In certain situations, it is useful to share a single LUN between servers. This is most common in a highly available cluster, such as a database. Take Oracle 9i RAC as an example; all the database table spaces are stored on a shared medium (in this case an SAN) and accessed by multiple instances of the database. As both database instances are accessing the same storage, the database needs to be aware of what files and portions of the files each is accessing. This is called locking. When an instance needs write access to a tablespace, it needs to lock a portion of the file so that the other instance does not try to write or destroy that data that is being worked upon.
We recommend high quality webhost to host and run your jsp application: christian web host services.

Chapter 27 . Enterprise Architecture 685 Server 1 Switch 1 Switch 2 SAN Controller Disk enclosure Server 2 Server 3 Server 4 Disk enclosure Figure 27-4: Overview of a SAN If you are installing SUSE on a server, we always recommend that you disconnect the server from the SAN fabric. (This is a term that refers to the fiber network connecting all the devices.) It used to be that Linux installers could potentially pick up the LUNs accessible on the SAN before the onboard storage, and an unsuspecting administrator could install the operating system onto the SAN, or even worse, destroy data on a SAN. A QLA card is seen by the Linux kernel as a SCSI card. Even though the SAN runs on fiber, it is still SCSI and is treated as such by the system. When the Qlogic card is initialized and scans the fiber for devices, if it finds any, it then assigns a SCSI device to that piece of storage, which is then accessible as a standard disk.
Go visit our java server pages services for a reliable, lowcost webhost to satisfy all your needs.

684 Part V . SUSE Linux in the Enterprise Network Attached Storage Another form of storage that has become increasingly popular in recent years is Network Attached Storage (NAS). Whereas a SAN is attached directly to the server, a NAS is accessed over the network using popular file access protocols such as Network File System (NFS) and Samba. With an NAS, the disks are directly attached to the NAS appliance and the storage is then shared out to the network. This helps to reduce drastically the cost of allocating stor- age to a pool of machines, but decreases the reliability and the speed of accessing the data, because you are sharing the networking resources to the NAS appliance. NAS appliances usually offer features above and beyond your standard file server (which is essentially what an NAS is). One of the most popular servers, NetApp, provides remote mir- roring to another NetApp for DR purposes and also takes snapshots, where you can make a copy of the data in a storage group instantly so that you can back up your data with mini- mal downtime to your applications. These are both technologies that until recently were available only in the SAN space. Using the storage controller, you can create partitions (commonly called logical unit numbers or LUNs) that are presented to the server. Figure 27-4 displays a SAN, with all of your SAN-attached servers connected to two fiber switches. These switches are in turn connected to the SAN controller, the real brains behind the storage system. It is up to the SAN controller to provide the storage from the disks connected to it, feeding this through to the servers through a fiber channel (through the switches). Tip Note in Figure 27-4 that we have detailed a number of servers attached to two switches for redundancy. This is a very important part of a SAN; if a link to the storage goes down, then your server will not work. Redundancy of a path to the storage is something that should not be considered lightly. If you have spent the money on a SAN, then spend a little more to make it redundant. Accessing a SAN in Linux The most common way to connect a server to a SAN is to use a host bus adapter (HBA), the most common being the Qlogic HBA. Qlogic support in Linux is very strong, and Qlogic fully supports its cards under Linux. Even most hardware vendors rebadge QLA (Qlogic Adaptor) cards under their own name, which makes it a lot easier when using Linux, because a large proportion of the cards works out of the box. Tip For more information about Qlogic and the latest QLA drivers, visit www .qlogic.com.
If you are looking for affordable and reliable webhost to host and run your business application visit our ftp web hosting services.

Chapter 27 . Enterprise Architecture 683 Cross-Samba is covered in more detail in Chapter 18; LDAP and what it can do for you is Reference discussed in Chapter 25. File and Print Services Samba is used to provide file and print services for the network, acting as a primary domain controller (PDC) for the network. Each Windows user s profile is stored on the Samba server, and the Samba server acts as a print router for the network. The back-end authentication service in Samba has also been configured to talk to the central LDAP server for all authentication and machine accounts. The Web Proxy Squid has been configured as a straight proxy, with no transparency through iptables because we are going to be authenticating our users before they can use the Internet. Each user has been configured to use a proxy for Internet use, and upon connection, the user will be asked to authenticate. This allows the administrator to monitor any unauthorized browsing and point this to a specific user. Cross-Using Squid as a proxy server is covered in more detail in Chapter 26. Reference The whole solution works very well together in a proven and implemented environment and serves as a good example of what SUSE Linux can do in an enterprise environment, but it is unlikely that an organization would want to switch an existing environment over to this type of solution. Traditionally, organizations have a legacy infrastructure that cannot or they feel does not warrant migration. However, part of the solution could well be integrated into your environment in one way or another if the need is there. That s the big part of moving Linux into your organization finding where Linux fits. It is all well and good saying you want to implement Linux, but you will need to look for opportunities you need to find a problem that can be solved, not a solution for a problem that does not exist. Storage Area Networks When it comes to the enterprise, storage is a major consideration. Attaching disks to each and every server will prove to be a massive administrative headache, not only from the point of view of physical space, but also because it will be extremely difficult to monitor and manage your storage infrastructure. The solution to this is the storage area network (SAN). A SAN provides a central repository for all of your storage that is attached to a controller. This controller is then attached to a fiber switch that your servers then connect to.
If you are looking for affordable and reliable webhost to host and run your business application visit our ftp web hosting services.

682 Part V . SUSE Linux in the Enterprise The following sections go into more detail about how SUSE Linux is working in the London office s IT infrastructure. The Firewall Depending on how secure you want to make your network from the Internet, you may have more than one firewall. Many security policies of banks dictate that you must have at least three firewalls made by different manufacturers even before you hit any internal network component (including switches). The thinking behind this is that a hacker may know one type of firewall, or an exploit may be available for one firewall, but will not work on the second-tier firewall. We have included a DMZ in the overview, because this is very common in any organization. A DMZ is there to separate your Internet-facing servers from your internal network. It is usually on a physically and logically separate network from the rest of your organization, and the communication between your network and the DMZ is usually very restricted, as is inter-DMZ communication. The less that can be accessed, the less chance there is of compromising a server. Cross-For more on firewalls in SUSE Linux, see Chapter 24. Reference User Accounts In this environment, you can see that an OpenLDAP server stores the user accounts for the entire network. This Lightweight Directory Access Protocol (LDAP) server is configured with referrals, which tell any clients looking for a specific account that is not on the local network to ask the originating LDAP server for the information. For example, if a user from Los Angeles has her laptop in the London office and tries to log in, her account will be sourced from the Los Angeles office directly by an LDAP referral. The Samba file and print server communicates with the LDAP server to acquire user data for authentication purposes and with the Linux desktop machines using pluggable authentication modules (PAM) to source user account data. This design provides a single sign-on environment, which is something you could not do a few years ago. With the single sign-on, the mail server also gets its user information from the site LDAP server, completing the authentication services for the London office. In the past few years, LDAP has been an integral component of nearly every operating system in one way or another. The Oracle database can also source user account data from an LDAP server, which also helps the Oracle Apps developers to deploy new applications.
Please visit our professional web hosting services to find out about cheap and reliable webhost service that will surely answer all your demands.

Chapter 27 . Enterprise Architecture 681 WebSphere DB2 LDAPSquid iptablesApache Postfix/ Cyrus User Network Internet Samba Figure 27-3: Linux implementations of the generic network components Of course, showing how integral Linux can be in your enterprise is only the tip of the iceberg when selling Linux to your organization. If upper management is sold on the Microsoft bandwagon, you will face an uphill struggle, and all of the TCO studies that you email around will make no difference. However, pushing the right buttons of the right people will work. Go to your CFO and tell her you can drastically reduce the cost of your IT infrastructure, or tell your CIO that you can do more computing with less hardware. Note
Searching for affordable and proven webhost to host and run your servlet applications? Go to Linux Web Hosting services and you will find it.

680 Part V . SUSE Linux in the Enterprise Note Most organizations will have most of this network infrastructure installed somewhere with a firewall protecting the network connection to the Internet, an authentication server for user accounts, and some sort of file store. The demilitarized zone (DMZ), hanging off to the left of the firewall, provides external services to the Internet from your organization. We have implemented an SMTP mail server as well as an HTTP server, hosting the company web site. The DMZ is a portion of the firewall used to store services that must be accessed by the Internet. It is a more secure way of segregating your network than allowing Internet traffic to travel through your firewall into your internal network. With the DMZ you are able to control the traffic that enters the zone both from your internal users (for example, to a mail server) and from the Internet (again, to a mail server). If your company needs to store some data about customers, you will invariably use a database to store this information, as well as use some kind of application server to access this data in a human-friendly format. In Figure 27-3, we have replaced the generic infrastructure with Linux-specific services: . Apache can serve as a web server, with Cyrus and Postfix doing mail server duty. . iptables establishes a hardened firewall for the internal network. . OpenLDAP provides the data store for all user accounts. . Samba, as it is commonly used, provides the file storage for the network. This could be enhanced by providing a single Samba installation for each department if needed. . Squid, the open source proxy server, is used to cache all HTTP and FTP traffic for the network, optimizing the bandwidth used to provide browsing facilities on your network. . As for the database, Acme has chosen to use DB2 from IBM, as well as the WebSphere application server for access to the data. Each Linux implementation in Figure 27-3 is considered extremely stable in this environment and cannot be considered new or unstable territory when it comes to making a decision about migration or implementation.
You want to have a cheap webhost for your apache application, then check apache web hosting services.