...
Existing Servers And Host Names
Web Server | Priority | IIS | Tomcat | Migration Status | Comments |
---|---|---|---|---|---|
glast-ground.slac.stanford.edu | 0 | glast-win01,glast-win02 | multiple | Migrated (11/16/2015) | |
web08.slac.stanford.edu | web08 | This is unfortunately used directly by some EXO applications (/logbook a php application). Maybe should use a better name like exo-logbook.slac.stanford.edu | |||
aida.freehep.org | 2 | web08 | scalnx-v03 | ||
aidatld.freehep.org | 2 | web08 | scalnx-v03 | Up | |
exo-data.slac.stanford.edu | 4 | web08 | exolnx-v01 | ||
forum.freehep.org | web08 | N/A fudform application | Dead | Page is up, but forum may be down, returns a blank page (was fhforum.slac.stanford.edu) | |
heprep.freehep.org | 2 | web08 | scalnx-v03 | Up | |
jas.freehep.org | 2 | web08 | scalnx-v03 | ||
java.freehep.org | 1 | web08 | scalnx-v03 | ||
lcsim.org, www.lcsim.org | web08 | scalnx-v03 | lcsim.freehep.org exists as a host name, but the application appears to actually be www.lcsim.org. DNS controlled by Norman Graf. | ||
lelaps.freehep.org | 2 | web08 | scalnx-v03 | Up | |
lp99.freehep.org | web08 | Dead | Down, no DNS record- but IIS is still aware of the Application (checked via telnet web08 80: GET / HTTP/1.1\nHost: lp99.freehep.org\n\n) | ||
lsst-camera.slac.stanford.edu | web08 | lsstlnx-v01, scalnx-v05 (firefly) | Up | ||
pingerlod.slac.stanford.edu | web08 | scalnx-v06 | Up | ||
portal.lsst-desc.org portal.lsstdesc.org | 3 | web08 | scalnx01 | Up | |
sid.slac.stanford.edu | web08 | Dead | Points to exo portal? | ||
srs.slac.stanford.edu | 5 | web08 | scalnx-v01 | Up | |
wired1.freehep.org | 2 | web08 | N/A (on web08) | Dead | Up |
www.freehep.org | 2 | web08 | N/A (on web08) | Up | |
www-sld.slac.stanford.edu www-bes.slac.stanford.edu www-midas.slac.stanford.edu | web08 | N/A (on web08) | Up. Also has www-bes and www-midas, but they all serve the same page. | ||
www-sldnt.slac.stanford.edu | web08 | scalnx-v03/Also on web08? | Peter Rowson has been asking to get this working again. | scalnx-v03, just a blank page | |
xrdmon.slac.stanford.edu | web08 | Dead | Worker defined to be xrootd-mon, Not sure if this is on web08 or some other server? | ||
wired4.freehep.org wired.freehep.org | 2 | web08 | scalnx-v03 | ||
wired2.freehep.org | web08 | Dead | Points to web08. No record in IIS. Not sure how this one works? There is a directory on scalnx-v03 | ||
forum.linearcollider.org | web08 | N/A (web08) | DNS controlled by linearcollider.org |
To Do List
- Ask windows-admin/unix-admin glast-win01,win02 to be shutdown (but not immediately removed)
- Make plan for how to handle cas.slac.stanford.edu (separate CAS at root?)
- Tony should add java.freehep.org to his hosts file to check that it works
- Move java.freehep.org (priority 1)
- Move rest of freehep (priority 2) – target 3/17
- Move rest of priority 3 – target 3/21 – need to make sure we have lsstdesc.org and lsst-desc.org ready
- Move priority 4 – target 3/23
- Get ready for priority 5 moves
- Complete work on setting up php for forum.linearcollider.org
- Consider where php code will live (afs, nfs) and how we will ensure it is backed up
...
- Talk to Matthias Wittgen about where/how to move EXO logbook stuff
nginx configuration workbook
Note: See SCA NGINX Configuration for information on actual configuration.
SSL Configuration
http://nginx.com/resources/admin-guide/nginx-ssl-termination/
...
http://fudforum.org/doc/d/manual.html#admin.dump
Keepalived
keepalived is to be configured on both machines.
keepalived seems to support HTTP status checks.
The following is roughly the configuration for sca-nginx01. The configuration for sca-nginx02, which will be the failover machine, will be nearly identical, but the priority on the vrrp_instance MUST BE LOWER than the priority on the master. The password will be different.
The configuration is located in /etc/keepalived/keepalived.conf
Code Block |
---|
global_defs {
notification_email {
bvan@slac.stanford.edu
}
notification_email_from bvan@slac.stanford.edu
smtp_server smtp.slac.stanford.edu # Not sure if this works
smtp_connect_timeout 30
router_id SCA_WWW # Not sure if this is used
}
# This is a health check script. Right now it just checks to see
# if nginx is up.
#
# Note on the weight: If the weight isn't enough to break a tie between
# the priority difference between sca-nginx01 and sca-nginx02, and
# nginx is down but sca-nginx01 is up, then requests
# may still go to sca-nginx01.
vrrp_script chk_nginx {
script "killall -0 nginx"
interval 2 # seconds
weight 2 # points
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 85 # Random ID. We shouldn't have the same router id on the same subnet
priority 100 # See note on weight above
advert_int 1 # Advertisement interval (i.e. heartbeat seconds)
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
134.79.129.86
}
track_script {
chk_nginx
}
unicast_src_ip 134.79.129.92 # Unicast specific option, this is the IP of the interface keepalived listens on
unicast_peer { # Unicast specific option, this is the IP of the peer instance
134.79.129.91
}
} |