Multiserver install: what did I do wrong and how is it supposed to work?

Discussion in 'Installation/Configuration' started by Rowdy, May 1, 2010.

  1. Rowdy

    Rowdy New Member

    I am making some progress with my familiarity of linux and ispconfig3.0.1.6. Server1 was installed on Ubuntu as detailed here. I then duplicated the VM image, changed ip address and hostname and got the os working as desired, uninstalled the duplicated ispconfig3 and then reinstalled it in expert mode selecting Server1 as master. After fixing mysql access and retrying, it appeared to work, however, Server2 does not show up in server1 ispconfig web interface.

    Why? Do I need to do something special on server1?


    Is there any multi server documentation yet? I havent found a primer on how it is supposed to work.

    My desire is to have two servers, one being pri dns and other being secondary, both hosting their own user access, web pages and email based upon how I see fit to distribute. No need for load balancing or other advanced.

    Is this on par with the idea of basic multiserver?
     
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    No.

    Not yet.

    Please make sure that you use the same ispconfig version on both servers. So as you use 3.0.1.6 on the primary and then reinstalled the secondary, I guess you used 3.0.2.1 on the secondary and this will not work.

    1) Uninstall ispconfig on the secondary.
    2) Update the primary to 3.0.2.1
    3) Install ispconfig on the secondary again in expert mode.
     
    Last edited: May 1, 2010
  3. CSsab

    CSsab New Member

    Troubleshooting ISPConfig 3 Multiserver setups.

    Hi,
    I hope by showing you my working multiserver setup and explaining what I did that you may be able to troubleshoot why you are having problems.

    1. On the primary server I (server1.example.com) installed ISPConfig 3 in standard mode and named the database dbispconfig1. You can leave this as default "dbispconfig" - I changed mine in order to make future database replication easier for myself.

    2. Log in to phpmyadmin from your workstation, click on the "PRIVILEGES" tab and select "create new user" .. check all privileges. You should create two of these users temporarily - one for the IP of your second server and one for the hostname of your second server. Remember to delete these users when you have completely finished setting up your second server. You may also need to make a hosts file entry for server2 depending on how your network is set up.

    3. On the second server (server2.example.com) I installed ISPConfig 3 in expert mode and answered the questions as follows:

    server2.example.com ISPConfig3 install log.

    --------------------------------------------------------------------------------
    _____ ___________ _____ __ _
    |_ _/ ___| ___ \ / __ \ / _(_)
    | | \ `--.| |_/ / | / \/ ___ _ __ | |_ _ __ _
    | | `--. \ __/ | | / _ \| '_ \| _| |/ _` |
    _| |_/\__/ / | | \__/\ (_) | | | | | | | (_| |
    \___/\____/\_| \____/\___/|_| |_|_| |_|\__, |
    __/ |
    |___/
    --------------------------------------------------------------------------------


    >> Initial configuration

    Operating System: Debian Squeeze/Sid or compatible

    Following will be a few questions for primary configuration so be careful.
    Default values are in [brackets] and can be accepted with <ENTER>.
    Tap in "quit" (without the quotes) to stop the installer.


    Select language (en,de) [en]:

    Installation mode (standard,expert) [standard]: expert

    Full qualified hostname (FQDN) of the server, eg server1.domain.tld [server2.example.com]:

    MySQL server hostname [localhost]:

    MySQL root username [root]:

    MySQL root password []: XXXXXX

    MySQL database to create [dbispconfig]: dbispconfig2

    MySQL charset [utf8]:

    Shall this server join an existing ISPConfig multiserver setup (y,n) [n]: y

    MySQL master server hostname []: server1.example.com <- This is the hostname of your master server.

    MySQL master server root username [root]:

    MySQL master server root password []: XXXXXX <- This is the password of the database on your master server.

    MySQL master server database name [dbispconfig]: dbispconfig1 <- This is whatever you have called the ISPConfig3 database on your first server.

    Adding ISPConfig server record to database.

    Configure Mail (y,n) [y]: y

    Configuring Postfix
    Generating a 2048 bit RSA private key
    ..............+++
    ...................................................+++
    writing new private key to 'smtpd.key'
    -----
    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.
    -----
    Country Name (2 letter code) [XX]:
    State or Province Name (full name) [Some-State]:
    Locality Name (eg, city) []:
    Organization Name (eg, company) [Internet Widgits Pty Ltd]:
    Organizational Unit Name (eg, section) []:
    Common Name (eg, YOUR name) []:
    Email Address []:
    Configuring SASL
    Configuring PAM
    Configuring Courier
    Configuring Spamassassin
    Configuring Amavisd
    Configuring Getmail
    * Stopping Postfix Mail Transport Agent postfix
    ...done.
    * Starting Postfix Mail Transport Agent postfix
    ...done.
    * Stopping SASL Authentication Daemon saslauthd
    ...done.
    * Starting SASL Authentication Daemon saslauthd
    ...done.
    Stopping amavisd: amavisd-new.
    Starting amavisd: amavisd-new.
    * Stopping ClamAV daemon clamd
    ...done.
    * Starting ClamAV daemon clamd
    ...done.
    * Stopping Courier authentication services authdaemond
    ...done.
    * Starting Courier authentication services authdaemond
    ...done.
    * Stopping Courier IMAP server...
    ...done.
    * Starting Courier IMAP server...
    ...done.
    * Stopping Courier IMAP-SSL server...
    ...done.
    * Starting Courier IMAP-SSL server...
    ...done.
    * Stopping Courier POP3 server...
    ...done.
    * Starting Courier POP3 server...
    ...done.
    * Stopping Courier POP3-SSL server...
    ...done.
    * Starting Courier POP3-SSL server...
    ...done.
    Configure Jailkit (y,n) [y]: y

    Configuring Jailkit
    Configure FTP Server (y,n) [y]: y

    Configuring Pureftpd
    Restarting ftp server: Running: /usr/sbin/pure-ftpd-mysql-virtualchroot -l mysql :/etc/pure-ftpd/db/mysql.conf -l pam -O clf:/var/log/pure-ftpd/transfer.log -8 U TF-8 -H -b -E -A -u 1000 -B
    Configure DNS Server (y,n) [y]: y

    Configuring MyDNS

    Hint: If this server shall run the ispconfig interface, select 'y' in the 'Configure Apache Server' option

    Configure Apache Server (y,n) [y]: y

    Configuring Apache
    Configuring vlogger
    Configuring Apps vhost
    Configure Firewall Server (y,n) [y]: y

    Configuring Firewall
    Install ISPConfig Web-Interface (y,n) [y]: n
     

    Attached Files:

    Last edited: May 1, 2010
  4. CSsab

    CSsab New Member

    Checking server records in ISPConfig3 multiserver setups

    As you can see it is possible to modify the installation to suit your needs.

    In your case you can check if the second server record is present in the dbispconfig database like this: (please note that my database is called dbispconfig1 - yours will be called whatever you have called it!!)

    root@server1:~# mysql -u root -p
    Enter password: XXXXX

    mysql> USE dbispconfig1;

    mysql> SELECT server_name FROM server;
    +------------------------+
    | server_name |
    +------------------------+
    | server1.example.com |
    | server2.example.com |
    +------------------------+
    2 rows in set (0.00 sec)

    You can see if the second server is properly installed the record is there on the database of the first server. You can obtain more detailed information about the configuration of each of your servers by querying the "config" field of dbispconfig like this:

    mysql> SELECT server_name, config FROM server;

    What you are doing here is asking the ISPConfig3 database about the configuration of each server and the output should look like something along these lines:

    mysql> SELECT server_name, config FROM server;
    +------------------------+-------------------------------------------------------------------------------------------------------------------------------
    | server_name | config |
    +------------------------+-------------------------------------------------------------------------------------------------------------------------------
    | server1.example.com | [global]
    webserver=apache
    mailserver=postfix
    dnsserver=mydns

    [server]
    auto_network_configuration=n
    ip_address=192.168.XXX.XXX
    netmask=255.255.255.0
    gateway=192.168.XXX.XXX
    hostname=server1.example.com
    nameservers=192.168.XXX.XXX,192.168.XXX.XXX
    loglevel=2

    [mail]
    module=postfix_mysql
    maildir_path=/var/vmail/[domain]/[localpart]
    homedir_path=/var/vmail
    pop3_imap_daemon=courier
    mail_filter_syntax=maildrop
    mailuser_uid=5000
    mailuser_gid=5000
    mailuser_name=vmail
    mailuser_group=vmail
    relayhost=
    relayhost_user=
    relayhost_password=
    mailbox_size_limit=0
    message_size_limit=0

    [getmail]
    getmail_config_dir=/etc/getmail

    [web]
    website_basedir=/var/www
    website_path=/var/www/clients/client[client_id]/web[website_id]
    website_symlinks=/var/www/[website_domain]/:/var/www/clients/client[client_id]/[website_domain]/
    vhost_conf_dir=/etc/apache2/sites-available
    vhost_conf_enabled_dir=/etc/apache2/sites-enabled
    security_level=20
    user=www-data
    group=www-data
    apps_vhost_port=8081
    apps_vhost_ip=_default_
    apps_vhost_servername=
    php_open_basedir=[website_path]/web:[website_path]/tmp:/var/www/[website_domain]/web:/srv/www/[website_domain]/web:/usr/share/php5:/tmp:/usr/share/phpmyadmin
    htaccess_allow_override=All

    [dns]
    bind_user=root
    bind_group=bind
    bind_zonefiles_dir=/etc/bind
    named_conf_path=/etc/bind/named.conf
    named_conf_local_path=/etc/bind/named.conf.local

    [fastcgi]
    fastcgi_starter_path=/var/www/php-fcgi-scripts/[system_user]/
    fastcgi_starter_script=.php-fcgi-starter
    fastcgi_alias=/php/
    fastcgi_phpini_path=/etc/php5/cgi/
    fastcgi_children=8
    fastcgi_max_requests=5000
    fastcgi_bin=/usr/bin/php-cgi

    [jailkit]
    jailkit_chroot_home=/home/[username]
    jailkit_chroot_app_sections=basicshell editors extendedshell netutils ssh sftp scp groups jk_lsh
    jailkit_chroot_app_programs=/usr/bin/groups /usr/bin/id /usr/bin/dircolors /usr/bin/lesspipe /usr/bin/basename /usr/bin/dirname /usr/bin/nano /usr/bin/pico
    jailkit_chroot_cron_programs=/usr/bin/php /usr/bin/perl /usr/share/perl /usr/share/php

    [vlogger]
    config_dir=/etc

    [cron]
    init_script=cron
    crontab_dir=/etc/cron.d
    wget=/usr/bin/wget

    |
    | server2.example.com | [global]
    webserver=apache
    mailserver=postfix
    dnsserver=mydns

    [server]
    auto_network_configuration=n
    ip_address=192.168.XXX.XXX
    netmask=255.255.255.0
    gateway=192.168.XXX.XXX
    hostname=server2.example.com
    nameservers=192.168.XXX.XXX,192.168.XXX.XXX
    loglevel=2

    [mail]
    module=postfix_mysql
    maildir_path=/var/vmail/[domain]/[localpart]
    homedir_path=/var/vmail
    pop3_imap_daemon=courier
    mail_filter_syntax=maildrop
    mailuser_uid=5000
    mailuser_gid=5000
    mailuser_name=vmail
    mailuser_group=vmail
    relayhost=
    relayhost_user=
    relayhost_password=
    mailbox_size_limit=0
    message_size_limit=0

    [getmail]
    getmail_config_dir=/etc/getmail

    [web]
    website_basedir=/var/www
    website_path=/var/www/clients/client[client_id]/web[website_id]
    website_symlinks=/var/www/[website_domain]/:/var/www/clients/client[client_id]/[website_domain]/
    vhost_conf_dir=/etc/apache2/sites-available
    vhost_conf_enabled_dir=/etc/apache2/sites-enabled
    security_level=20
    user=www-data
    group=www-data
    apps_vhost_port=8081
    apps_vhost_ip=_default_
    apps_vhost_servername=
    php_open_basedir=[website_path]/web:[website_path]/tmp:/var/www/[website_domain]/web:/srv/www/[website_domain]/web:/usr/share/php5:/tmp:/usr/share/phpmyadmin
    htaccess_allow_override=All

    [dns]
    bind_user=root
    bind_group=bind
    bind_zonefiles_dir=/etc/bind
    named_conf_path=/etc/bind/named.conf
    named_conf_local_path=/etc/bind/named.conf.local

    [fastcgi]
    fastcgi_starter_path=/var/www/php-fcgi-scripts/[system_user]/
    fastcgi_starter_script=.php-fcgi-starter
    fastcgi_alias=/php/
    fastcgi_phpini_path=/etc/php5/cgi/
    fastcgi_children=8
    fastcgi_max_requests=5000
    fastcgi_bin=/usr/bin/php-cgi

    [jailkit]
    jailkit_chroot_home=/home/[username]
    jailkit_chroot_app_sections=basicshell editors extendedshell netutils ssh sftp scp groups jk_lsh
    jailkit_chroot_app_programs=/usr/bin/groups /usr/bin/id /usr/bin/dircolors /usr/bin/lesspipe /usr/bin/basename /usr/bin/dirname /usr/bin/nano /usr/bin/pico
    jailkit_chroot_cron_programs=/usr/bin/php /usr/bin/perl /usr/share/perl /usr/share/php

    [vlogger]
    config_dir=/etc

    [cron]
    init_script=cron
    crontab_dir=/etc/cron.d
    wget=/usr/bin/wget

    |
    +
    +---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    2 rows in set (0.00 sec)

    As you can see - if the second and subsequent servers of a multiserver setup are installed properly they are present in the web UI for ISPConfig. When you select the server you wish to monitor, detailed information about the hardware and logging of either server is shown.

    Good luck.
     
    Last edited: May 1, 2010
  5. Rowdy

    Rowdy New Member

    Thank you for taking the time to be so detailed.

    I did install server2 as detailed and I did have to edit hosts entries on both.
    The connect to master failed on previous attempts until I corrected the basic issues of authentication, name resolution and whatever else. It finally went, attached and looked like it was successful in its endeavor to register as a second server.

    On server1, there is no indication in the database that it was successful. There exist no entries for server2. So I guess I'll try again and pay a little more attention to any discrepancies that I can report here.

    Both versions are the same, but should I consider stepping up to the newest version then since I am removing and then reinstalling anyway?

    Also, what is the final outcome of this setup as far as administration and then user interface?
    Is all administration done only through the Master server?
    Is the master the only server that knows about the others? ie: each server only knows about itself and the master?
    Is the entire user database on the master only or does it get stored on each server in case the master goes down?
    Do the users check mail, server pages and access control panel through the master or through the specific configured secondary?
     
  6. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    I recommend that you update your master server to 3.0.2.1 and then install the slave with 3.0.2.1 too.

    yes

    yes.

    it gets stored on each server. But only the users that are relevant to this server of course and not users of other slaves.

    The access control panel is only on the master server. If a user checks email with its email client, e.g. outlook or thunderbird, it connects to the slave where its accounts are located.
     
  7. Rowdy

    Rowdy New Member

    I will do just this and report back.



    So to recap here, if I have a master and two slaves, all users will connect to the master for control panel, dns management and such, but their site, ftp and email will most likely be on one of the other servers which I will statically assign as I see fit?

    What is a typical medium scale configuration for this then, perhaps one that can expand most easily? Would I want a Master that doesnt host any sites or email? Or might I want a simple master/slave pair that holds XX users and then create another master/slave pair for more users...?

    I suppose that dns play a major role in how you lay such a thing out. To keep it easy, I suppose you would want a Master server for the control panel, then two dns-only servers, and then at least one production slave for starters.

    Is this a typical layout then, 4 to 5 servers and ip addresses?

    controlpanel.domain.com
    ns1.domain.com
    ns2.domain.com
    server1.domain.com
    server2.domain.com

    but perhaps for small-scale starters I could simply have two actual servers, one being master/control panel, both dns, and they are both production.
     
  8. CSsab

    CSsab New Member

    This is what I am aiming for with a 2 server setup.

    I have configured server1.example.com as ns1 (name server 1) and server2.example.com as ns2 (name server 2).

    You might note as I did when you install server 2 ISPConfig you get this at the end of the install if you are working with a single domain name:

    Configuring Firewall
    Install ISPConfig Web-Interface (y,n) [y]: n

    Configuring DBServer
    Installing Crontab
    no crontab for root
    no crontab for getmail
    * Restarting web server apache2
    ... waiting . ...done.
    Installation completed.


    I do not yet 100% understand why this is but I am thinking it is because the ISPConfig crontab daily script makes a round of all servers in the multiserver setup and then mails results to root on the primary server - it is in this way that all administration takes place on the primary server.

    I have the following zones on server1.example.com
    ns1.example.com
    example.com

    and on server2.example.com

    ns2.example.com

    in this scenario, mail is obviously configured for the domain name on server1.example.com.
     
    Last edited: May 3, 2010
  9. Sinchan

    Sinchan New Member

    i have 2 server :
    111.222.333.1 = ns1.mydomain.com
    111.222.333.2 = ns2.mydomain.com

    first installation in my primary and slave server, i am closed all mysql connection from the outside, and i had fail install ISPConfig in slave server using expert method.
    And then, i opened mysql connection from ns2.mydomain.com with comment out bind_address in my.cnf and adding root user privileged in primary server (ns1.mydomain.com) with result like this :
    mysql> select user,host from user;
    +--------------------+---------------------------+
    | user | host |
    +--------------------+---------------------------+
    | root | 127.0.0.1 |
    | root | 111.222.333.2 |
    | debian-sys-maint | localhost |
    | root | localhost |
    +------------------+---------------------------+
    4 rows in set (0.00 sec)

    and installation work perfectly.

    my question is :
    1. is it needed to open mysql connection from 111.222.333.1 in 111.222.333.2 mysql databases if iam using those server as DNS server? i means act as ns1 and ns2
    2. how to setting bind_address in my.cnf so can only accept connections from 127.0.0.1, 111.222.333.1 and 111.222.333.2 ?
    i had try :
    # Instead of skip-networking the default is now to listen only on
    # localhost which is more compatible and is not less secure.
    bind-address = 127.0.0.1, 111.222.333.1, 111.222.333.2

    but its still didn't work
     
  10. CSsab

    CSsab New Member

    Bind address commented.

    Hi Sinchan,
    The bind address in my.cnf should have been commented out during the perfect setup guide you use:

    We want MySQL to listen on all interfaces, not just localhost, therefore we edit /etc/mysql/my.cnf and comment out the line bind-address = 127.0.0.1:

    You create the root user for server2 on server1 mysql database so that the ISPConfig3 installer is allowed to log into server1 db and make the necessary entries for the new server (server2). When your installation on server2 is finished you can then remove the root users for server2 from the server1 database. Don't remove any other users other than the ones you physically created on server1

    Also with regard to ns1 and ns2 - this can be confusing initially. server1 and server2 ... and server3, server4 and so on refer to the hostnames of the server setup (operating system) on your machine but ns1,ns2 and so on refer to DNS records which you set up in the ISPConfig 3 control panel.

    The ispconfig database user that is added during ISPConfig install communicates with the ISPConfig user added in the second install - note that this user is not communicating with root nor does it "own" your your perfect server setup. An easy way to understand this is to remember that the ISPConfig installer does not ask for your root password of your operating system.

    Hope this helps.

    Also:
    If you are asking if NS records on different servers need to communicate with each other then the answer is no - they are accessed from the internet when port 53 is open to the machine they are stored on.
    When adding the nameserver DNS records in ISPConfig you can choose which of your servers you want to put each record on from the drop down menu.
     
    Last edited: May 10, 2010
  11. Sinchan

    Sinchan New Member

    thanks for your reply Cssab, and about hostname, actually iam used computer name from Might and magic creatures games :p

    and about uncomment bind_address at /etc/mysql/my.cnf, i had do that before and opened port mysql from the world, since i still didn't know how to filter mysql access at my.cnf bind address entry. :eek:

    I tought i can use firewall filtering to do that, but if there are any other ways to filter mysql access with my.cnf rules, I would really appreciate it
     
  12. CSsab

    CSsab New Member

    ports

    Your mysql database should have a root password. Not your system root password but a dedicated mysql root user password.

    If your system is behind a router or some other machine (and it definately should be) the databases communicate with each other locally and you can keep ports closed in your router until you are satisfied with your setup.

    The users we add to the master are like this:
    root at 192.168.1.100 with password
    root at server2.example.com with same password

    Then you can log into phpmyadmin and remove those two users when you have finished installing ISPConfig3

    To open and close ports in your router then you can use a browser to log into your router interface. given above example the address would be 192.168.1.1

    Regards.
     

Share This Page