OSX 10.7.4 Lion Server IP Failover

nei0angei0

macrumors newbie
Jul 27, 2012
5
0
yessir, best thing to do is create a couple applescripts that will ping your servers. You could set up a monitoring server to do this, or have each server (primary and back up) ping eachother. If ping fails, begin to do scripted actions for fail over.

You can:
-switch IP's with simple commands that change your Network location
-enable or disable protocols
-send out warning emails.

If anyone needs details PM. I was orignally going to release a GUI replacement for fail over but lost my motivation after getting a new job.
 
Last edited:

shaitan667

macrumors newbie
May 8, 2012
3
0
nei0angei0 - I am interested in this as well - could you please provide some more info on how to set this up? Would it work with 10.8?
 

nei0angei0

macrumors newbie
Jul 27, 2012
5
0
Sure works in 10.8. I basically run two active scripts. One on each server. One runs on primary server, it's job is to verify services are active and to ping the back up server. If a service fails, it will try and restart it, if it can't be restarted the machine is taken offline. The back up server is also running a script, pinging the main server, if several ping attempts fail, it tell the machine to switch ip addressess and then start the defined services. I use this mainly with AFP/SMB failover. You can also set up a shared drive to store AFP connection tokens so the user is never interrupted, just a short 30 second delay.
 

nei0angei0

macrumors newbie
Jul 27, 2012
5
0
I also run one more start up script on the main server, it checks the machine on boot. You could exercise an option to have your main server do a reboot to try and resolve issues, this start up script would check to see if the reboot fixed the issue, if not it would then power off the main server allowing the back up server's ping to fail, and it will fail over as well.

What is comes down to is how much downtime and how much user warning you want to include. In one scenerio, if a protocol failed like AFP but SMB was still working, it would blast a "server reboot in 1 hour" so SMB users can still work. Then the server would send another warning before reboot. In true high availability the whole process should occur automatically in a matter of seconds or minutes.
 

lucaspkm

macrumors member
Original poster
Apr 16, 2010
41
0
I also run one more start up script on the main server, it checks the machine on boot. You could exercise an option to have your main server do a reboot to try and resolve issues, this start up script would check to see if the reboot fixed the issue, if not it would then power off the main server allowing the back up server's ping to fail, and it will fail over as well.

What is comes down to is how much downtime and how much user warning you want to include. In one scenerio, if a protocol failed like AFP but SMB was still working, it would blast a "server reboot in 1 hour" so SMB users can still work. Then the server would send another warning before reboot. In true high availability the whole process should occur automatically in a matter of seconds or minutes.
cant contact you nei0angei0 has chosen not to receive private messages or may not be allowed to receive private messages. Therefore you may not send your message to him/her.

If you are trying to send this message to multiple recipients, remove nei0angei0 from the recipient list and send the message again.
 

kd5jos

macrumors 6502
Oct 28, 2007
425
139
Denver, CO
Just to throw in a monkey wrench...

I'm 99% sure I already know the answer, BUT if I'm running SSL on the primary server, is there a way to make SSL work on the backup (through using a wildcard cert I'm guessing)?
 

nei0angei0

macrumors newbie
Jul 27, 2012
5
0
Lucas, can you try again? I am not sure how I turned off private messages.

And for the second questions

An SSL certificate is linked to the public domain name, not any internal dns or ip. You should be able to install the same cert on both servers.

From another post:
"Install the cert on the primary, then export the cert with the private key and install on the failover.

When the primary goes down, the failover will take over, with the same domain name and same certificate."
 

lucaspkm

macrumors member
Original poster
Apr 16, 2010
41
0
Lucas, can you try again? I am not sure how I turned off private messages.

And for the second questions

An SSL certificate is linked to the public domain name, not any internal dns or ip. You should be able to install the same cert on both servers.

From another post:
"Install the cert on the primary, then export the cert with the private key and install on the failover.

When the primary goes down, the failover will take over, with the same domain name and same certificate."
nei0angei0 has chosen not to receive private messages or may not be allowed to receive private messages. Therefore you may not send your message to him/her.

If you are trying to send this message to multiple recipients, remove nei0angei0 from the recipient list and send the message again.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.