XServe IP Failover

Similar Messages

• Xserve: IP Failover over (redundant) Ethernet instead of FW?

  Hi folks,
  this is my first post, so be be lenient towards me
  Renewal of our xserves is on schedule next Month (w 10.5 Srv).
  A new Configuration is planned: A second Webserver as Hot Standby for the main one. Unfortunately its not possible to connect them together by Firewire like the 10.5 IP-Failover help file shows.
  Is it possible to use automatic IP-Failover by ethernet (dedicated, directly paired) and how we can implement this?
  tnx a lot, timo

  IP failover works by each machine checking for a heartbeat from the other machine - as soon as the heartbeat fails it assumes the other machine has failed and initiates the failover.
  The heartbeat can use any network connection - IP over FireWire, a direct ethernet connection between the two servers, or even the primary network interface used for all traffic.

• Xsan distance replication/DR/BC capabilities

  Hello Folks,
  My client has 2 sites, 40 metres apart, connected with multimode fibre.
  I don't yet know the exact linkage: xWDM,IP only, whatever.
  Site A will house one G5 Email server + one XRAID.
  Site B will house one G5 File server + one XRAID.
  Client wants failover capability.
  My initial thoughts are:
  SiteA:
  - Xserve-A is MailServer+MDC1(primary)
  - XRAID-A is split A1=MailPrimaryVols, B2=FileSecondaryVols
  SiteB:
  - Xserve-B is FileServer+MDC2(secondary)
  - XRAID-B is split A2=MailSecondaryVols, B1=FilePrimaryVols
  Xserve-A, Xserve-B, XRAID-A, XRAID-B have two dedicated VLANs for MDC.
  My questions concern the data copy between XRAIDs:
  - will the XRAID site-to-site links HAVE to be FC for failover to work properly?
  RTO of a few minutes will be OK.
  RPO as small as possible.
  - if the link is IP(GbE) only, is Xsan able to transfer/synch the data between the XRAID vols (A1-A2, B1-B2)?
  - I can see from the docs that Xsan handles the MDC1-MDC2 failover, but does Xserve-A failover to Xserve-B and pick up the application and its vols at the other site?
  Any info or pointers to best practices in this scenario will be greatly appreciated.
  If this failover scenario won't work with Xsan, then suggestions of the nearest such scenario that will work will enable me to push back on the client with either an infrastructure or configuration modification request.
  thanks in advance, W.
  Mac OS X (10.4.4)

  You don't need to have a FC link between the two machines. In fact, in most cases you can't really do that -- you can't share the same volume over fibre channel without a cluster file system like Xsan.
  You can link the files via sharing (over AFP or NFS), and then just run rsync to replicate data between the two machines.
  You mention MDCs, but I actually don't see where there would be any need for it -- you have a file server, you have an email server, and you've got some primary and secondary volumes. I don't really see Xsan helping in this scenario... I mean there are options like this:
  http://www.apple.com/xsan/datacenter.html
  But you're not using multiple head units to gain increased file sharing throughput in your scenario.

• Does xserve raid support path failover?

  I have two questions about the system.
  1 Does the Xserve Raid support path failover from the upper to lower controller? Primarily, if you have IO running on a lun that is on the upper controller and the path to that controller is removed, will the IO get shifted to the lower controller? If so, is there a certain configuration setting that must be applied. I
  n reading up on Xserve, it appears that they are independent controllers. The user guide states that when a controller module is out of the system (or failed) the drive modules controlled by that card are not active.
  2 Is there a way to determine which drive(s) in the system are the spares or stand by?

  Hi Davel,
  1) No. The controllers are independent. If a RAID controller fails, or a cable fails, or a switch or HBA that a RAID controller is connected to fails, the LUN goes offline until the problem is fixed.
  2) Yes. Just look in RAID Admin. Any drive that is not part of a RAID set will automatically be used as a hot spare. So if you have a 6 disk RAID 5, on a side with 7 disks, you have one hot spare. If you have a 5 disk RAID 5, with two drives that aren't used, you have 2 hot spares.
  Note, on #2, hot spares are "per side," because again the RAID controllers are independent. So what I most commonly see for additional protection is a 6-disk RAID 5 + 1 hot spare, per side. This gives about 5 TB of usable capacity, on a 7 TB Xserve RAID.

• Xserve - A week of uncertainty

  A week since the announcement and I see no clear guidance from Apple. My contemplative confusion is turning into apprehension for the loss of what we had and a sense of uncertainty about the products that my business thrives on supporting. Is Apple not aware of how Xserves are used by their customers? Is Apple not aware of the gaping hole they have created in their product line? Or far worse, is Apple completely abandoning OS X Server and in turn the pro market?
  I am not a doom and gloom type of person but the impact that this decision is having on my business and on my customer's perception of Apple could drive anyone to the brink of despair. Let me share with the community some of the conversations that I had this past week.
  *Customer 1: North America's largest manufacturer of residential and commercial roofing materials*
  _What they have:_ 12 TB Xsan supporting three Final Cut edit bays with a StorNext client in the data center for integrated backup to a CommVault backup system. (I should point out that we also support a graphic design department as well so there are more than 3 Macs in this company.) The Xsan is built on two G5 Xserves and 2 Xserve RAIDs with integration help from internal IT, including the fibre channel department, networking, backup, and others. The solution has enabled the video department to dramatically increase workflow, speed encoding through the use of a qmaster cluster, and improve backup integration with the enterprise CommVault system. The Xsan solution revolutionized the workflow of the department in so many ways that it is difficult to quantify.
  _What they need now:_ To expand the volume. They are running over 90% capacity (yes, I know it is dangerous). The Xsan deployment above was done as a proof of concept as it took existing hardware (previously used as departmental file servers) and turned it into a now business critical solution. They have filled the volume in less than 8 months and are now begging for more. The proof of concept resulted in proof that Xsan is a superior product in providing services and features found no where else in the video market. Xsan, with its speed, function, integration with other products, and Spotlight makes the product indispensable. The integration into the corporate Active Directory domain and the ability to collect systems into a render cluster are simple and effective.
  +What do we do?+ The existing Xserves are G5s so we are stuck at Leopard and Xsan 2.1.1. Now we have a real tough decision ahead of us. Do we buy Xserves and run with Xsan despite the announcement? And if we do, what is the future of Xsan beyond Jan 31 without a rack mount server. In this customer, rack space is a pricy commodity. Every U counts and I can not consume 12 U for 3 people, regardless of the benefits. Apple has a product, both hardware and software, that satisfies this customers need so well that they are begging for more of it. But can I give them the solution they are begging for? Can I sell them a couple Xserves and run the solution for the near term? But what are my future prospects? What do I do in three years or less from now when they run out of room again? What is my roadmap in the absence of true server hardware? Is there even a replacement for Xsan? Sure MetaSan is looking interesting... but no Spotlight. Sure I can run a StorNext solution... but no Spotlight. We can move to Windows storage, but then I am back on Ethernet file services and no Spotlight instead of a shared file system. If I stand on this hill and say "go with the Xserves as it is the best we have right now" and then there is an announcement from Apple about "one more thing," then my reputation is in question.
  *Customer 2: NYC Advertising Agency that is 99.99% Mac based, including server architecture*
  _What they have:_ We walked into this customer for our first service call back in February 2004. We found the G4 Xserve we sold them in October 2002 mounted on a wall by another consultant (oh the horror). Within two visits, I had closed all the security holes, implemented OD and single sign on, and started a relationship with the customer that grew from 12 employees, 1 G4 Xserve, and 10 Macs to 120+ employees, 3 Intel Xserves, and 120+ Macs. The Xserves support traditional print design as well as a video, new media, and development departments. Open Directory powers the organization and all Mac clients, over 120 systems, are joined to the domain and enjoy single sign on, centralized management via MCX, and unified access across all services including VPN, groupware (through Kerio), and more.
  _What they need:_ This customer is growing. We just upgraded their network backbone to 10GigE, replaced the tape library with an LTO5 40 slot, and added another Active array. They expect 160 users by the end of 1Q 2011. This equals more Macs, more storage requirements and more reliance on OS X Server and the Xserve. In addition, we have had the discussion with them regarding Xsan for the video department. This was a very compelling solution that they were taking a serious look. But now, they are shaken by the announcement.
  _What do we do?_ And I ask the community.... How would you respond when this customer asks, "Does this mean we have to switch to Active Directory?" Yes, they really asked me that question. My answer was that the announcement in no way devalues what they have. But I do understand their concern for the future. What do they do in a year? How about 2 years? This is a company running COMPLETELY on Apple hardware and software solutions. Where do we go from here?
  *Customer 3: Fortune 500 Retailer of Domestic Merchandise and Home Furnishings*
  _What they have:_ In January of 2003, we installed the first Mac in this company. A single G4 tower running Classic applications because the "patient 0" demanded a Mac as part of her accepting employment. Today, this company has over 100 Macintosh systems and three Xserves in three different states. Macs are in the IT department and we went from the platform of distrust to a platform that is a peer of Windows and Unix, including at the server level. The first Xserve was deployed in 2005. The second was installed in 2006. And the final one in 2008. All three are still in active production today and provide critical file services for over 100 Mac users and many Windows users. The servers are all bound to Active Directory, participate in enterprise backup, are monitored by internal IT via SNMP, and provide unparalleled uptime and performance.
  _What the need now:_ They are running out of space. No, they ran out of space a long time ago. In October we started the process of proposing upgrades to both the Xserves and the storage to greatly enhance the solution and expand it to cover more departments and likely more Macs. Two of the servers are G5 Xserves so Snow Leopard is out of the question. They were planning on buying two new Xserves and new storage. But as of today, the talks are off. It appears that we are going to lose this business to a Windows storage solution. Farewell Mac servers. Farewell Spotlight searching. Farewell simple management of the Mac systems.
  _What do we do?_ What is our argument here? We have none. In light of the announcement, I no longer have a viable solution to offer this customer. The Mac Pro is not a solution. They need more storage and they need a device that fits deployment requirements. The Mini does not do this? How do I get 10+ TB of storage connected and how do I support 100+ concurrent users?
  *Customer 4: US Branch of Major Magazine Publisher that is 99.99% Mac, including server architecture*
  _What they have:_ This customer is the poster child for Xserves. They have 11 Xserves, including a G4 still in active use. At their peak, we were running 16 Apple Xserve RAIDs (these have mostly been replaced by Actives). These Xserves run file services, FTP, Mail (Kerio), automation, Open Directory, offsite replication, and much much more. And here is the kicker! We deployed them in May 2006 running 10.4.6! The last time the primary cluster was touched was January 2009 when we upgraded to 10.4.11. Yes! There are 7 of the 11 servers still running 10.4.11! And do you know how often we service that cluster? 4 times a year. That is it. There is no downtime. There are no problems. This is an environment of about 450 users (all Mac) working directly from servers on multiple shifts. All machines are bound to OD and we are using MCX, Kerio Mail Server, UTS, NetInstall, and much more in this environment. And the whole thing is managed by a staff of 2 technicians. Oh, and in 2007 we built a dedicated datacenter for the Xserves, including proper power, cooling, and fire prevention. This set the foundation for a 10 GigE backbone and all servers operating with aggregated links to stacked edges switches with EAPS ring failover. This environment is a model of enterprise deployment of Apple hardware rivaling any Windows deployment out there.
  _What they need:_ The customer is currently rolling out workstation replacements company wide. These units are 10.6.x. The 10.4.11 server are doing fine but it would be nice to unify and get all the MCX stuff working without the hacks. Purchasing new Xserves was a planned project for the beginning of next year.
  _What do we do?_ This is the one customer in which we will likely still push the Xserve before it is no longer available. The nature of the business and the cyclical nature of upgrade cycles can likely allow us to operate on 10.6.x at the client and server for at least 4 years. So despite what Apple is doing, we may be able to keep the dream alive in this one customer. But in February will we be standing with egg on our face for a foolish recommendation?
  *Customer 5: Fortune 100 Insurance Company*
  _What they have:_ We support Mac departments in 4 states. Two of the departments are running Xsans. These are obviously driven by Xserves that have been embraced by corporate IT. In corporate America, projects take time to plan and approve. The Xsan expansion project has been in the works most of the year. It has been approved is now ready to start placing orders. But we are clearly caught in a tough position.
  _What they need:_ More storage! And InnerPool from Active. InnerPool will go down in history as the greatest product that never will be. The success of Xsan in these two departments almost can not be measured. The undeniable reality is that the solutions is a wild success and the departments want more.
  _What do we do?_ The word from Active is that InnerPool is dead and will never reach a customer. The Xserve is no longer. Yes we can buy it and yes it is approved. But I have the same uncertainty as listed above. Great, I deploy Xserves and Xsan today. But what is its future? And without InnerPool I has inefficient LUN carving.
  Conclusions:
  I am sure that my scenarios are shared by many in the consulting and IT fields. Over this past week I've struggled to understand Apple's decision to discontinue the Xserve. I've struggled to ease the concerns of my customers. I've struggled to find the correct message to tell customers in this time of uncertainty. I've struggled to understand what my company will do to fill the void left by the absence of the Xserve. And, most troubling, I've struggled to understand what the loss of the Xserve will do to Apple's enterprise solutions including the future of OS X Server and the traditional markets Apple supports.
  I understand that on the surface this is the retirement of a hardware product. I understand the basic argument that the product was not a powerful seller. But being an Apple Reseller and ACN, I also know that no one is pushing Xserves other than us. The Apple retail store is incapable of pushing the Xserve as a product. And please, real businesses are not going to Apple retail. Does anyone walk up to a person selling iPods and have a discussion about real business needs? And why was I never able to find the Xserve on store.apple.com's home page? If you want to sell a product, you really need to let your customers know it exists.
  I understand that Apple is all about the one thing. They always have been. When the iMac saved Apple it was the hot item. Then the iPod replaced it. Then the phone. Now the iPad. Apple focuses like a laser on the one thing that is big. But what they are missing is that there is a loyal group of customers in content creation that are only able to do their work because of the power, ease of use, and products that make up the "pro/enterprise" segment of Apple's business. This includes the Mac Pro, the Xserve, OS X Server, Xsan, Final Cut, and more. What is the future of all these products? The Mac Mini Server is surely not the future.
  Again, this is speculation driven by lack of guidance and leadership. But if my customer reaction is an indication, the inability to deploy a server class device means the inability to run OS X Server. This will mean that all of the duties found in OS X Server will be replaced by other systems. This means no OD, no AFP, no NetBoot/NetInstall, no iCal, no Xsan, no qMaster, no MCX, no synchronized home folders. The list goes on and on. And by translation, this likely means the decline of the viability of Final Cut deployments and even content creation in general. If we are going backward to isolated workstations and the inability to deploy space efficient direct to broadcast solutions, the business will be going elsewhere. In the space of a single Mac Pro, I could deploy and entire 50 TB Xsan with 1U left over (2 Xserves, 2 Active arrays, 2 FC switches, 1 MD switch). Apple is not offering progress and this is not a better solution.
  When Apple retired the Xserve RAID, Apple provide the community with a better solution. The Xserve RAID was a product of its time and time marched on. Apple was not interested in maintaining a peripheral product and rightly left the business to organizations specializing in mass storage. By bowing out of the segment, the community got faster devices with more redundancy. The difference then was that Apple said, "hey, we are not going to make the Xserve RAID anymore but here is something better." Today, they are saying, "hey, we are not making the Xserve any more and we have nothing better to tell you."
  Yet, the Xserve RAID was a peripheral. It was not a host system running Apple's OS. For the company that is known for making the whole widget, how does this announcement sit? We are now missing the hardware component of the whole widget and the options, virtualization or licensing to third party hardware vender, goes in direct grain to everything Apple has done.
  I know others in the community have covered this. The hardware Apple is offering is not a replacement. Honestly... A Mac Pro that has a hardware problem is a minimum of 2 days of lost operations for a company. Take the power supply. On an Xserve, you have a second one and if you were smart enough to get the spares kit, you can replace it in less than 1 minute with one hand tied behind your back. No downtime. No service disruption. Now, the Mac Pro... There is no spares kit. That means if the unit goes down you call Apple to diagnose the problem (or good golly you bring it to the Apple Store?), they send the part to your closest Apple Authorized Repair Center, and then they arrange for an onsite repair. This process will put you out of business for 2 days minimum. Unacceptable.
  I am not sure who Apple thinks their server customers are. But the customers I support will never be satisfied with the Mini Server. Apple targets the Mini Server to SMB. Well, let's assume that the SMB has 10 iMacs. The iMacs have a collective storage capacity of 10 TB. The Mini has 500 GB. How does that help the environment. If we look at Apple's traditional customers running content creation, a single user could fill the server with 100 photoshop files or a few video files. And don't get me started on the expansion issues with the Mini.
  Apple, regardless if the end result is licensing server to another vender for hardware development or allowing virtualization, please open up the communication channel and reassure a shaken industry on what you see as the realistic future of your server products. The guidance of your transition guide is not guidance at all. Please come down from the iPod cloud and understand that you have a lot of customers quavering in uncertainty.
  And finally, if Apple is using the retail stores to provide guidance to the types of businesses that they sell their product to, then they should call us. We have been integrating Macs in enterprise for over a decade. We have Macs in every pharma in the state, many in regulatory roles meeting strict government requirements. We have Macs in insurance, research and development, finance, law, and more. These system meet or exceed HIPPA, SOX, FDA, FTC and other government regulatory requirements. Apple, you are already in the enterprise. Please don't give up on what has taken years to achieve.
  Thank you for reading. We are passionate about the services we offer and strive to give our customers the best possible solutions. Apple has enabled us to do that for a number of years. Now I am concerned. As an ACN employing numerous ACSAs we are concerned with the writing on the wall. Apple, please provide more communication on your intentions.

  Funny you should ask... At about the same time that the Xserve was discontinued, we also lost our channel rep of nearly 14 years. Right now we are not sure who our rep is. I have however, sent this to as many people in Apple that I could think of. And I plan on continuing to reach out to as many as possible.
  The sad reality is that this decision is impacting customer deployments and the future of customer installations. Apple strives for market share and loves to tout those numbers. But the numbers we fought for over these last eight years are going to disappear.
  As much as this impacts our business, we are making up for it in enterprise deployment of systems. We will survive and lead in our geographic area. I do not fear that. But OS X Server is a UNIX server and with it has come all of the benefits of a UNIX system, including legitimacy in a data center. The Intel Xserve cemented this reality because of its hardware configuration and form factor. Yes, we have G4 and G5s still in service. But those are mostly in all Mac shops that understand the benefits and can work around the buzz word limitations. But fortune 100/500 IT departments did not really get on board until the release of the Intel server.
  Still beating the drum to raise awareness. Spread the word and talk to your Apple reps.
  Also, ask about the direction that Apple's Enterprise team is going. If the news I hear is correct, then our fears about all things pro and enterprise going away are likely true.

• Adding a second xserve

  Hi
  we have 1 x Xserve G5 running OSX Panther server 10.39 connected via fibre channel to Xraid. We are buying a new Xserve G5 Dual 2.3 with OSX Tiger server.
  Does anybody have have any suggestions as to the best way to integrate the new server as our main server whilst using the old server as a back up.
  Will we need to purchase extra fibre channel cables/cards to connect to the Xraid etc.
  We only use the server for file sharing, ftp and IP transfer.
  Any suggestions would be helpful
  Thanks in advance

  Do you want full, automatic failover when the main server dies? or do you want a standby system that you can drop in place?
  The reason I ask is because I'm guessing the files you want to share are on the XServe RAID, and that's where it gets tricky. You cannot directly connect the same volume to multiple hosts at the same time. It's easy to manage the software failover part (getting the old machine to look like the new one on the network), but getting the old machine to pick up the XServe RAID volumes is a little tricker.
  There are really two approaches you can take on that - one is a series of scripts that talk to the fiber channel switch (which you'd need to buy) to disable the fiber channel ports going to the new machine and enable the ports going to the old one - now the old machine can see the XServe RAID and mount the volume before it fires up the various file sharing processes that rely on it.
  The other option is to get XSAN (or other SAN software) which would let you connect both machines to the same storage device. The downside to this, though, is that XSAN requires an additional server known as the Metadata Controller which acts as a sort of traffic cop, directing each server to the appropriate files on the RAID. You might be able to get away with the backup machine acting as the metadata controller, but I don't know if this is a supported configuration.

• Securing old 10.4 xserve with hot spare - new xserve does not boot with 10.

  dear you,
  I am in the murky situation of having to secure a single, non redundant productive scenario which is running on one xserve (model identifier 1,1; dual core 3GHz; boot-rom XS11.0080.B00). due to several reasons the server needs to be cloned, so that a separate xserve with a daily cloned boot-device can take over if things go south with the productive one.
  unfortunately the newly bought xserve quadcore single 2.26GHz refuses to boot from the image taken from the production machine. tried to downgrade firmware, did not help. new machine crashes during startup (empty grey screen).
  anybody knows any help? moving the production machine to 10.5 or newer is NO option.
  an option could be two elder xserves I have here additionally. how do I find out which xserve model will boot with an image from the production server?
  thank you all for any idea in advance,
  thaijay
  Message was edited by: thaijay
  Sorry, failed to let you know the productive server is running 10.4.11. please let me know which other details I can post/will help us with this issue

  This is never going to work via cloning.
  The server you're cloning has to be one of the original Intel-based XServes. Each successive revision adds requirements to the OS to the point where they have a minimum OS version. In the case of the latest generation servers, they won't run on anything earlier than 10.5.6 (IIRC). To put it simply - 10.4 doesn't know how to drive the latest generation hardware.
  In any case, cloning is rarely a good idea for servers anyway. You would do better to look at the services you're running and look at backup/failover plans for them rather than trying to clone the entire server. Many services such as Open Directory, DNS, MySQL and more have built-in replication systems that are designed to replicate their data across many machines. Other client-facing services such as AFP, web, FTP, etc. can be set to failover (where the second machine takes over the service when the primary machine fails).
  Such replication/failover techniques are far more reliable than a daily clone, and they're also faster. Replicated data could be maintained up to the minute, compared to a day old data if you need to boot up the clone.
  If you really, really want to go the clone route, then reverse the roles - setup the new machine as the primary server with all the services and clone this machine to create your failover system. 10.5.6 will run the old/original XServe, it's just a matter of updating your services to the newer version.

• Reliability: OD Master & Replica, or IP-based failover?

  I have an Xserve that serves approx. 60 users and around 200GB of shared files. The primary Xserve is the OD master for my workgroup, and the backup Xserve is an OD replica.
  I'm new to OS X Server (but not client), so I don't know what happens in the event of, say, the OD master dying. Do client login/access requests automatically get answered by the OD replica? The reason I'm asking this is I'm trying to decide between using two separate servers with an OD master & replica relationship, or using IP-based failover where the backup server would effectively "pretend" to be the primary server in case of a problem.
  But with IP-based failover, I don't know if the backup server will automatically know to become an OD master or not. Or, perhaps, the OD integration is completely separate; and I can choose to use IP-based failover and do OD replication whichever way I want to. Does anyone have concrete info?

  If your OD Master fails the OD Replica will automatically start handling authentication requests so for the most part you're covered (at least users can still log in).
  As noted in that .pdf, though, the replica doesn't allow changes to the directory other than password changes for users with Open Directory passwords.
  The main issue is how long your master is going to be down, and the relative pain of promoting the replica to be a master.
  For various reasons there is no automatic promote-to-master function because most failures of the master are temporary (e.g. a simple reboot after a software update).
  For the failover question I would use IP failover for any services that don't have their own failover mechanism. In all cases you need to write failover scripts to startup whatever processes you need your standby machine to take over. In the case of OD there is a built-in, automatic failover process so I would use that. The only exception to that would be if you wanted the replica to become a master server should the master fail, but I can't think of any circumstance where that would be the case.

• IChat Load Balancing or failover solution?

  Hello, I am working a plan to develop a iChat server. I think a Mac Mini would be a good start for a group of 50 users. The users are all over the country and my role is to unite them all in a iChat domain. I thought about building two Mac Mini servers and have them run a same domain where all users are registered in. So, we would not be impacted when one of them goes down.
  Anyway, the question is how can I have a load balancing or failover solution for the iChat domain?

  On the issue of load balancing, whilst I don't have any experience with macMini's, you will not need to worry about load balancing with 50 users. I'm sure you can probably put a few naughts on the end of that before you need to worry.
  The design you are proposing will not work for iChat services / and for that matter most of Apple server services. For high availability services (e.g. transparent failover) I think you are going to struggle to get this working and it 'seems' Apple no longer offers guidance on this subject on 10.6.x.
  You will increase availability by using an Xserve with dual PSUs and raid disks. If you are only running high availability ichat services, I would buy a pair of second hand xserves with 10.5 OS and set the ipfailover services running. Personally I would buy one and a service kit and not bother with HA - as you will find the servers are very reliable.
  If you have to use mini's then just have one live and keep a near constant clone of it on another ready to manually swap out if you have a hardware failure.
  Your proposed design will not work without a lot of effort non of which is supported by Apple - although it would be rewarding if you did get it working. You cannot have server to server traffic for the same domain as all your application data needs to be stored centrally. OD only provides services for authentication. The ichat server also has its own data store and this is not distributed nor can it be. It is possible to move the data store over to say an enterprise version of mysql and have that distributed.

• IP Failover between nic cards, not servers

  This maybe a very simple question, I just haven't found the answer to it...
  Our Xserve's are running on a Cisco switch and a switch port for the primary NIC card of one AFP server recently failed.
  While the server had both cards connected to the switch and the second NIC card was live, the users lost connectivity to the internal server address (internal DNS) as is was pointing only to the primary IP address of that server.
  This makes sense as there was no mechanism to tell the server to start using the secondary IP address.
  We are now planning to connect all secondary NIC's to a second switch for both the LAN and the DMZ (VLANs) for better redundancy.
  The DMZ uses IP addresses only due to port forwarding.
  My question is now what is the best way to continue services on a secondary NIC if the first NIC fails.
  Add a new DNS entry for the LAN? If so, how? Just enter the secondary NIC IP with the same server name?
  Use FAILOVERBCASTIPS for the DMZ?
  IP Failover works great between machines, but can the server send heartbeat messages to itself (example: FAILOVERBCASTIPS="NIC1-IP NIC2-IP")?
  Is there any way to maintain the mount status of AFP volumes during the switch of IP's (since it's still the same machine)?
  Thanks in advance for your help!
  Xserve G5   Mac OS X (10.4.3)  

  Since you're using Cisco switches and are already familiar with VLANs, your simplest solution would be to use link aggregation to create a trunk between the Mac and the switch using both the NICs, then configure VLANs so that both subnets use the trunk interface rather than the physical interfaces.
  That way traffic for either IP address can traverse either NIC, and you get automatic failover (thanks to link aggregation) should either NIC fail.
  Note that this will only work if you're connecting to the same switch. If you have 'internal' and 'external' switches this won't work without some re-architecting of the network topology.

• Round robin DNS for load balancing between multiple network adapters (Xserve)

  I'm attempting to use 'round robin' DNS to load balance between the two ethernet adapters of an Xserve.
  Both ethernet adapters are connected to the same LAN and have static IP addresses of 192.168.2.250 and 192.168.2.251.
  The DNS zone for the server's local domain/host (macserver.private) has a machine record with both IP addresses (set up in the Lion Server UI).
  Having read up on round robin DNS, I would have expected DNS requests for 'macserver.private' to be answered with the two IP addresses ordered at random, achiving my aim of requests being served at random via each ethernet adapter.
  However this doesn't seem to be the case. Doing a 'nslookup' from any of the network clients results in the two IP addresses being listed in the same order everytime. And pinging 'macserver.private' only ever results in a response from the same address.
  Does anyone know why this is the case? Does Lion Server use a non-standard DNS configuration? Are there any additional settings I need to configure in Lion's DNS server to make adopt a round robin approach to responding to requests?
  Thanks in advance for any help!

  Be careful what you wish for
  Round Robin DNS is rarely the best option for 'load balancing'. At the very least it's subject to caching at various point on the network - even at the client side, once the client looks up the address it will cache that response - this means that subsequent lookups may be served from the client's cache and not refer back to the server. Therfore any given client will always see the same address until the cache expires.
  I suspect this is what you're seeing.
  You can minimize this by setting a lower TTL on the records. This should result in the response being cached for a shorter period, meaning the client will make more requests to the server, with a higher change of using the 'other' address.
  However, you're also going to run into issues with the server having two interfaces/addresses in the same LAN. This isn't recommended.
  As Jonathon mentioned, you may be better off just bonding the two interfaces. This will provide an automatic level of dynamic load balancing without the latency of DNS caches, as well as automatic failover should one link fail (as opposed to round robin DNS which will cause 50% of requests to fail until the client cache expires and a new lookup is performed (and, even then, there's still a chance the client will try to use the failed link).

• Distributed HA cluster with load-balancing and failover: advice?

  My workplace has a Xeon Xserve, which acts as our primary external server, with an attached ActiveStorage XRAID. We have just purchased a second Xserve/XRAID set to act as a mirror, which we will colocate. Both have Leopard Server installed, along with an array of additional software.
  What we want to do is have both servers load-balance between the two, with failover in case of a server or XRAID fault. I plan on using RSYNC to mirror static files between the two, and I'm looking into PostgreSQL replication and load-balancing solutions for our database. I gather that Apache supports web-server failover and load-balancing, as well. But, that still leaves the actual host and network setup to arrange.
  Does Leopard server support such a thing? The only information I found on IP failover instructs the user to place the two servers on the same subnet, directly connected via ethernet cable; obviously, this would not work in my case.
  Ideally, what we'd end up with is a situation in which the two systems kept each other in sync, both in static files and database data, and load-balanced between themselves; in cases of failure, the remaining system would transparently assume all duties until the other was restored, at which time they would resynchronize
  Any suggestions on how I could arrange such a thing?

  Interesting. Does this DNS-based approach support session tracking, though? I would need to have a user directed to just one of the two servers for the duration of their session, to avoid having to synchronize temporary files and such.
  You can't have it both ways. You need to build tolerance into the app.
  At the simplest level where you run all traffic to one site and use the second site as a failover/standby site you'll be OK most of the time - all users will go to the same server and their sessions will be intact.
  However, under any failover situation (your primary site is down for some reason), there is going to be some level of session traffic that it going to switch over to the other site. If your site depends on sessions then you're going to need to tolerate this kind of situation - your app will need to be able to fail gracefully if a user comes in with an invalid session cookie.
  Note, though, that this may be less of an issue than you at first think - all DNS clients will cache DNS data for whatever TTL you set. This means that if a user looks up your site name and you return an IP address with a 30 minute TTL, then that user is going to use the same IP address for the next 30 minutes and isn't going to ask the server again. This should negate most chance of a user suddenly switching from one server location to the other in mid-session.
  The trick comes in setting the DNS TTL low enough to effect a failover, yet not so long that you impact performance - e.g. you don't want the user to perform a DNS lookup on every page load. You may find that 10 minutes is appropriate. Just bear in mind that this affects how long a user could see your site 'down' before the failover DNS kicks in. Clearly you don't want to set the DNS TTL to a day since that may prevent the user switching to the secondary site for 24 hours by which time, hopefully, the primary site is back up, anyway.
  The 'right' TTL value may take some analysis on your traffic to see how long a typical user 'session' is. If the average user spends 20 minutes on your site, then it would make sense to set your TTL to somewhere around 20 minutes to give the best chance of their entire session staying on the same server.

• IP failover, load balancing and notification...

  Pretend I have the following setup/hardware:
  Two intel xserves running 10.4. One is for http traffic the other https. The http server contains a static html website while the other server has a large dynamic database driven website and all of its pages require ssl encryption. I'll refer to the first as server 1 and server 2 for the other.
  Now I want to implement a solution for providing high availability and performance.
  If I wanted IP failover I would need two additional servers, one for the first webserver and the second for the other. Likewise if I wanted to address load balancing I would also need two additional servers, one for server 1 the other for server 2. Now my questions:
  1) It seems implementing load balancing as described on page 32 of Apples High Availability pdf that this would also provide high availability like IP failover does. If two additional servers were purchased to provide high availability via a load balancing strategy would there be any need to implement IP failover? Does load balancing provide the same benefits as IP failover when talking about high availability? When if ever would one need to implement both strategies?
  2) Can you somehow provide IP failover with only one server as the backup using the setup above (a third server to provide IP failover for both servers 1 and 2)? Assume the third server has all the data of both server 1 and server 2.
  3) Is it possible to have Server Admin or Raid admin notify you of a problem via calling your cell phone or sending you a text message as opposed to only email, maybe via a third party solution? I think (not 100% sure) APC offers this when the power left in their batteries reaches a certain level.
  Thanks.
  G5 xserve   Mac OS X (10.4.8)  

  1) There's generally no need to implement IP Failover at the server level if you're already using a separate load balancing solution. The load balancer should be able to take care of dealing with a failed server.
  2) Good question - it's not clear whether IPFailover will failover for one machine or more than one.
  3) Most cellphone providers offer an email-to-SMS gateway, allowing you to send an email to an email address that's forwarded to your phone as a text message. Check your cellphone provider for details on what that email address might be (e.g. Cingular uses <phonenumber>@cingularme.com, Verizon uses <phonenumber>@msg.myvzw.com, etc.

• Network Load Balancing and failover for AFP Sharing

  Dear all,
  Somebody kindly teach me to use round robin DNS to perform the network load balancing, it's success but not the failover.
  I have 4 xserve and want to do the load balancing and failover at the same time.
  I have read the IP failover document and setup it successfully, but anyone know is it possible to do the IP failover for more than 2 server?
  For example, 4 server serving the AFP service at the same time, maybe I have 1 more extra server to do the IP failover for thoese 4 servers.
  As I know, IP failover require Firewire as the heartbeat detection. But one xserve only have 2 firewire ports. May I setting up the IP failover only by a ethernet port and an IP address? does it possible to detect and failover to any server after server down has been detected?
  I believe load balancer maybe the best solution but its cost is too high.
  Thanks any advance!
  Karllee

  well, u have 2 options here
  software load balancing
  request comes it foo.com -> ws7u2 hosting foo.com is configured to run as reverse proxy . this server sends any incoming requests to one of the four back end web server 7 handling your incoming request
  hardware load balancing (this you need to invest)
  request comes to hardware load balancer who responds for foo.com -> sends requests to four ws7 server hosting your application
  you could try out how software load balancing works out for you before you invest in hardware load balancing
  here is more instruction on configuring ws7 + reverse proxy (software load configuration)
  - install ws7 on foo.com
  - create a new configuration (choose port 80, disable java

• How to automatically masking/unmasking LUN for ip failover?

  Hi friends
  I need to connect 2 Xserve quad xeon to an Xraid through a Qlogic SANbox 5600Q
  All I need to do is to create an ip failover system between the two Xserve.
  I don't need a xsan solution, so all I want to do is an "automatic" masking / unmasking of the Xraid when the master Xserve go offline.
  Apple manual speaks about LUN masking, but doesn't explain how to made it.
  Anybody have some idea?
  ps. sorry f my bad english

  Thanks William
  The problem is maybe nearly solved, I've created the 2 zones that I need and I've made a little script for the zone switching.
  Premised that I'm not a script expert;
  #!/bin/bash
  sleep 3
  echo -e "Fake\r" #first fake password for jumping to login
  sleep 3
  echo -e "login\r" #switch user login
  sleep 3
  echo -e "password\r" #switch password
  sleep 3
  echo -e "admin start\r" #start the administration session
  sleep 2
  echo -e "zoneset activate DestinationZone\r" # start newzone
  sleep 2
  echo -e "admin end\r" #end the administration session
  } | telnet xxx.xxx.xxx.xxx;
  I don't like the temporary solution, but at the moment Qlogic support it has not still answered to my questions.
  I've tried also with ssh but at the moment does not work, login problems (I dont know if I can create public and private keys on switch).
  Any suggestion is welcome.