RE: Slightly off-topic: Any good/bad experiences withHigh-Availability Linux clusters ?

["R. DuFresne" <dufresne () sysinfo com>]

server/workstation expert, april 2000 vol 11 # 4, while citing the IBM
port of linux to the s/390 enterprise servers states in part:

...
The Linux community also falls short in terms of high-availibility
solutions such as clustering, says Calybrook.  "One of the limitations of
Linux on the enterprise is its high-availibility requirements.  There are
[vendors] working on clustering solutions, but none of them are at the
level you think in terms of true clustering capability.  They can do
failovers and some form of load balancing, but for the most part, they're
not at the same level that UNIX clustering is," he says.  Some of the
functionality missing from current Linux clustering solutions includes
single system image, cluster file systems and journeled file systems.
Other clustering solutions such as the beowoulf project clusters <URL
cited> are aimed more at clustering for preformance and workload sharing
than for high-availability and fault tolerance.
...

Thanks,

Ron DuFresne

On Sat, 22 Apr 2000, Andrew J. Luca wrote:

> Tobias,
>
>       I don't know where the original to this message went so I'm replying to
> this one...
>
>       I have used the Veritas product suite (used to be FirstWatch, now is the
> VCS Suite) and the old Qualix HA+ on Sun platforms for about the last four
> years with a great deal of success.  I do not have any experience with a
> Linux version of this type of software (Veritas doesn't make one) but I
> would suggest, as some of the other posters have, that you look to another
> platform.  While there has been a strong growth of Linux within the
> enterprise over the last couple of years, I still don't think that it is
> really ready for prime time if you are looking for an HA solution other than
> for a simple firewall.
>
>       One of the questions that you have to ask yourself is what you are trying
> to accomplish.  If all you are aiming for is a high availability firewall
> cluster, then you could really just build that with a couple of scripts on
> your own.  There are a bunch of good people out there that could help you to
> do that in a couple of weeks time.  If you really are looking for all of the
> features that you get from a HA package -- application level fail-over, file
> system fail-over, network fail-over -- then you probably want to be aiming
> for one of the commercial packages.  If you want more than that -- i.e.
> stateful fail-over -- then you are aiming way, way above the level that
> Linux (or even Solaris) can deliver today.  Basically, you are into the
> realm of the Stratus and Tandems.  I haven't heard of anyone running a
> firewall on these platforms, yet! ;-)
>
>       Now, of course this also only gets you part way to high-availability if you
> are building a firewall.  You are also going to need to build in some
> network layer HA with multiple links AND dynamic routing protocols.  This is
> really the only way to build a true Internet HA solution.  If you are going
> to take the time to build it, don't chintz on the important stuff!
>
>       We ran a number of firewall clusters using the FirstWatch package and some
> home grown scripts but in retrospect, it was a huge waste of money (please
> don't tell my former employer).  Basically, we were only using the heartbeat
> functions and its ability to start and stop applications for us once it
> detected a failure.  Of course, it also prevented the dual-brain idea but
> even our use of that was very limited.  I firmly believe that we could have
> rewritten this in a couple of weeks to do exactly what we wanted for much
> less than the $7.5k/node licensing fee.
>
>       If you want more information, let me know.  I think that I have a generic
> design document around somewhere and some information about the design of a
> basic app. package.
>
> Drew
>
> -----Original Message-----
> From: owner-firewall-wizards () lists nfr net
> [mailto:owner-firewall-wizards () lists nfr net]On Behalf Of Michael
> Erskine
> Sent: Wednesday, April 12, 2000 2:15 AM
> To: Tobias Gierke
> Cc: firewall-wizards () nfr net
> Subject: Re: [fw-wiz] Slightly off-topic: Any good/bad experiences
> withHigh-Availability Linux clusters ?
>
>
> Undoubtedly you have chased down the links at www.beosulf.org.  There are
> some straight forward documents there that detail various setups.
>
> I recommend something really simple...  sort of a mixed bag.
>       Boot nodes from the local HDD.
>       NFS out /home.
>       Run Yellow Pages.
>       Firewall the *hit out of the head.
>       ... Take a hard look at SuSE they have it down to an art.
> If your cluster is really a 'server farm' you can use IPCHAINS to
> distribute the load across multiple nodes using the prioritization rules
> described in the IPCHAINS howto.
>
> It is a bit of work but in a week you should have it running.
> ;-)  Tell the boss two weeks as my estimates are ALWAYS LOW.
>
>
> On Thu, 6 Apr 2000, Tobias Gierke wrote:
>
> > Hi,
> >
> > Although the topic isn´t really related to firewalling, I still hope
> > that someone out there can help me.
> >
> > I need to build a 2-3 node HA cluster for one of our customers.
> > My boss would like to see these machines running on linux (cause it´s
> > the cheapest solution...). I´ve browsed the web for approx. 9 hours but
> > none of the solutions I found looked really stable/mature. My favorites
> > up to now are Eddie and "heartbeat" (Linux-HA project).
> >
> > Any ideas ? I´d really appreciate  _ANY_ useful hints !!
> >
> > Thanks in advance,
> >                                 Tobias Gierke
> >
> > ---PGP---PGP---PGP---PGP---PGP-----
> > Ich _bevorzuge_ PGP-verschlüsselte Mails ! Schickt mir eine Mail mit dem
> > Subject "KEY REQUEST" und ihr erhaltet automatisch meinen Key.
> > I _strongly_ prefer PGP-encrypted E-mail ! Send a message containing the
> > subject "KEY REQUEST" and you will get my key automagically.
> > Download PGP: http://www.zone.pspt.fi/pgp/download/#5.0i

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior consultant:  darkstar.sysinfo.com
                  http://darkstar.sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!