[ClusterLabs] Antw: [EXT] Re: The proxy server received an invalid response from an upstream server.

Ulrich Windl Ulrich.Windl at rz.uni-regensburg.de
Wed Mar 17 04:23:08 EDT 2021


>>> Jason Long <hack3rcon at yahoo.com> schrieb am 16.03.2021 um 21:46 in
Nachricht
<1088880037.1215926.1615927614602 at mail.yahoo.com>:
> Thanks.
> Excuse me, did you read how did I set my cluster up? Please look at: 
> https://paste.ubuntu.com/p/Nx2ptqZjFg/ 
> Which part of my configuration is wrong?
> Both of the main and secondary servers are an Apache Reverse Proxy Server. I

> want when main server failed, then the secondary server handle the
requests.
>  How can I achieve this goal?

Maybe start like this:

Add a "floating" IP address resource, and test it by pinging. Shut down one
node, and repeat the test.
Next, configure one web server to listen to that floating address, and
co-locate the server with the IP, as well as ordering it after the IP. Test
agian.
The add, step-by-stepü, more of your infrastructure. Test each setp. That's
the way to go.

> 
> 
> 
> 
> On Tuesday, March 16, 2021, 11:57:13 PM GMT+3:30, Reid Wahl
<nwahl at redhat.com> 
> wrote: 
> 
> 
> 
> 
> 
> 
> 
> On Tue, Mar 16, 2021 at 1:03 PM Jason Long <hack3rcon at yahoo.com> wrote:
>> Thanks.
>> I changed it to the IP address of node2 and I can see my Apache Web
Server.
> 
> Like I said, you don't want to do that. You should change it to an IP 
> address that you want the cluster to manage. If you set it to node2's IP 
> address, Pacemaker will try to remove node2's IP address and assign it to 
> node1 if the resource fails over to node1. If node2 is using that address
for 
> anything else (e.g., corosync communication), then that would be a big 
> problem.
> 
> The managed floating IP address should be an IP address dedicated to the web

> server, that can move between cluster nodes as needed.
> 
>>  
>> $ sudo pcs resource update floating_ip ocf:heartbeat:IPaddr2
ip=192.168.1.10 
> cidr_netmask=24 op monitor interval=5s
>> 
>> Now, I want to test my cluster and stop node1. On node1 I did:
>> 
>> # pcs cluster stop http_server
>> Error: nodes 'http_server' do not appear to exist in configuration
>> 
>> Why?
> 
> The `pcs cluster stop` command stops pacemaker and corosync services on a 
> particular node (the local node if you don't specify one). You've specified

> `http_server`, so the command is trying to connect to a node called 
> "http_server" and stop services there.
> 
> If you want to stop node1, then run `pcs cluster stop node1`.
> 
> If you want to prevent the http_server resource from running anywhere, then

> run `pcs resource disable http_server`.
> 
> If you want to prevent the http_server resource from running on node2, then

> run `pcs resource ban http_server node2`. If you want to remove that 
> constraint later and allow it to run on node2 again, run `pcs resource clear

> http_server`.
> 
>>  
>> 
>> 
>> 
>> 
>> On Tuesday, March 16, 2021, 11:05:48 PM GMT+3:30, Reid Wahl
<nwahl at redhat.com> 
> wrote: 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> On Tue, Mar 16, 2021 at 12:11 PM Jason Long <hack3rcon at yahoo.com> wrote:
>>> Thank you so much.
>>> I forgot to ask a question. In below command, what should be the ip="IP" 
> value? Is it the IP address of my Apache or node2?
>>> 
>>> $ sudo pcs resource create floating_ip ocf:heartbeat:IPaddr2 ip="IP" 
> cidr_netmask=24 op monitor interval=5s
>> 
>> It's the IP address that you want the cluster to manage. That sounds like
it 
> would be your web server IP address. You definitely don't want to set the ip

> option to some IP address that resides statically on one of the nodes. An IP

> managed by an IPaddr2 resource can be moved around the cluster.
>> 
>> If that's your web server IP address, you'll also want to put it in a 
> resource group with your apache resource. Otherwise, the floating IP may end

> up on a different node from your web server, which renders the IP address 
> useless.
>> 
>> For resources that already exist, you can use the `pcs resource group add`

> command. For example: `pcs resource group add apache_group floating_ip 
> http_server`.
>> 
>> For resources that you're newly creating, you can use the `--group` option

> of `pcs resource create`. For example, `pcs resource create new_IP IPaddr2 
> <options> --group apache_group`. That adds the new resource to the end of
the 
> group.
>> 
>> The pcs help outputs have more details on these options.
>> 
>> If you're new to resource groups, you can check them out here: 
>
https://clusterlabs.org/pacemaker/doc/en-US/Pacemaker/2.0/html-single/Pacemak

> er_Explained/index.html#group-resources
>>  
>>>  
>>> Logs are:
>>> https://paste.ubuntu.com/p/86YHRX6rdC/ 
>>> https://paste.ubuntu.com/p/HHVzNvhRM2/ 
>>> https://paste.ubuntu.com/p/kNxynhfyc2/ 
>>> 
>>> I have not any "status.conf" file:
>>> 
>>> # cat /etc/httpd/conf.d/status.conf
>>> cat: /etc/httpd/conf.d/status.conf: No such file or directory
>>> 
>> 
>> If you're using Ubuntu, I believe it's in a different location -- somewhere

> in /etc/apache2 if memory serves.
>> 
>>>  
>>> 
>>> 
>>> 
>>> On Tuesday, March 16, 2021, 07:20:32 PM GMT+3:30, Klaus Wenninger 
> <kwenning at redhat.com> wrote: 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> On 3/16/21 3:18 PM, Ken Gaillot wrote:
>>>> On Tue, 2021-03-16 at 09:42 +0000, Jason Long wrote:
>>>>> Hello,
>>>>> I want to launch a Clustering for my Apache Web Server. I have three
>>>>> servers:
>>>>>
>>>>> 1- Main server that acts as a Reverse Proxy
>>>>> 2- The secondary server that when my main server stopped, work as a
>>>>> Reverse Proxy
>>>>> 3- Apache Web Server
>>>>>
>>>>> The client ---> Reverse Proxy Server ---> Apache Web Server
>>>>>
>>>>> The IP addresses are:
>>>>> Main Server (node1)                    : 192.168.1.3
>>>>> Secondary Server (node2)          : 192.168.1.10
>>>>> Apache Web Server (node3)        : 192.168.1.4
>>>>>
>>>>> On the main and secondary servers, I installed and configured Apache
>>>>> as a Reverse Proxy Server. I created a Virtual Host and my Reverse
>>>>> Configuration is:
>>>>>
>>>>> <VirtualHost *:80>
>>>>>      ProxyPreserveHost On
>>>>>      ProxyPass / http://192.168.1.4/ 
>>>>>      ProxyPassReverse / http://192.168.1.4/ 
>>>>> </VirtualHost>
>>>>>
>>>>> As you see, it forward all requests to the Apache Web Server.
>>>>>
>>>>> I installed and configured Corosync and Pacemaker as below:
>>>>>
>>>>> On the main and secondary servers, I opened "/etc/hosts" files and
>>>>> added my servers IP addresses and host names:
>>>>>
>>>>> 192.168.1.3    node1
>>>>> 192.168.1.10  node2
>>>>>
>>>>> Then installed Pacemaker, Corosync, and Pcs packages on both servers
>>>>> and started its service:
>>>>>
>>>>> $ sudo yum install corosync pacemaker pcs
>>>>> $ sudo systemctl enable pcsd
>>>>> $ sudo systemctl start pcsd
>>>>> $ sudo systemctl status pcsd
>>>>>
>>>>> Then Configured the firewall on both servers as below:
>>>>>
>>>>> $ sudo firewall-cmd --permanent --add-service=http
>>>>> $ sudo firewall-cmd --permanent --add-service=high-
>>>>> availability
>>>>> $ sudo firewall-cmd --reload
>>>>>
>>>>> After it, on both servers, I created a password for the "hacluster"
>>>>> user, then on the main server:
>>>>>
>>>>> $ sudo pcs host auth node1 node2 -u hacluster -p password
>>>>> node1: Authorized
>>>>> node2: Authorized
>>>>>
>>>>> Then:
>>>>> $ sudo pcs cluster setup mycluster node1 node2 --start --enable
>>>>> $ sudo pcs cluster enable --all
>>>>> node1: Cluster Enabled
>>>>> node2: Cluster Enabled
>>>>>
>>>>> After it:
>>>>> $ sudo pcs cluster start --all
>>>>> node1: Starting Cluster...
>>>>> node2: Starting Cluster...
>>>>>
>>>>> I checked my clusters with below command and they are up and running:
>>>>> $ sudo pcs status
>>>>> ...
>>>>> Node List:
>>>>>    * Online: [ node1 node2 ]
>>>>> ....
>>>>>
>>>>> And finally, I tried to add a resource:
>>>>> $ sudo pcs resource create floating_ip ocf:heartbeat:IPaddr2
>>>>> ip=192.168.1.4 cidr_netmask=24 op monitor interval=5s
>>> Shouldn't the virtual-IP moved between node1 & node2 be
>>> different from the IP used for the web-server on node3?
>>> And having just one instance of the reverse-proxy that
>>> should probably be colocated with the virtual-IP - right?
>>> 
>>> Klaus
>>> 
>>>>> $ sudo pcs resource create http_server ocf:heartbeat:apache
>>>>> configfile="/etc/httpd/conf.d/VirtualHost.conf" op monitor
>>>>> timeout="5s" interval="5s"
>>>>>
>>>>> On both servers (Main and Secondary), pcsd service is enabled, but
>>>>> when I want to see my Apache Web Server then it show me below error:
>>>>>
>>>>> Proxy Error
>>>>> The proxy server received an invalid response from an upstream
>>>>> server.
>>>>> The proxy server could not handle the request
>>>>> Reason: Error reading from remote server
>>>>>
>>>>> Why? Which parts of my configuration is wrong?
>>>>> The output of "sudo pcs status" command is:
>>>>> https://paste.ubuntu.com/p/V9KvHKwKtC/ 
>>>>>
>>>>> Thank you.
>>>> The thing to investigate is:
>>>>
>>>> Failed Resource Actions:
>>>>    * http_server_start_0 on node2 'error' (1): call=12, status='Timed
Out', 
> exitreason='', last-rc-change='2021-03-16 12:28:14 +03:30', queued=0ms, 
> exec=40004ms
>>>>    * http_server_start_0 on node1 'error' (1): call=14, status='Timed
Out', 
> exitreason='', last-rc-change='2021-03-16 12:28:52 +03:30', queued=0ms, 
> exec=40002ms
>>>>
>>>> The web server start timed out. Check the system, pacemaker and apache
>>>> logs around those times for any hints.
>>>>
>>>> Did you enable and test the status URL? The ocf:heartbeat:apache agent
>>>> checks the status as part of its monitor (which is also done for
>>>> start). It would be something like:
>>>>
>>>> cat <<-END >/etc/httpd/conf.d/status.conf
>>>>  <Location /server-status>
>>>>      SetHandler server-status
>>>>      Require local
>>>>  </Location>
>>>> END
>>>>
>>> 
>>> _______________________________________________
>>> Manage your subscription:
>>> https://lists.clusterlabs.org/mailman/listinfo/users 
>>> 
>>> ClusterLabs home: https://www.clusterlabs.org/ 
>>> 
>>> _______________________________________________
>>> Manage your subscription:
>>> https://lists.clusterlabs.org/mailman/listinfo/users 
>>> 
>>> ClusterLabs home: https://www.clusterlabs.org/ 
>>> 
>>> 
>> 
>> 
>> -- 
>> Regards,
>> 
>> Reid Wahl, RHCA
>> Senior Software Maintenance Engineer, Red Hat
>> CEE - Platform Support Delivery - ClusterHA
>> 
>> 
>> _______________________________________________
>> Manage your subscription:
>> https://lists.clusterlabs.org/mailman/listinfo/users 
>> 
>> ClusterLabs home: https://www.clusterlabs.org/ 
>> _______________________________________________
>> Manage your subscription:
>> https://lists.clusterlabs.org/mailman/listinfo/users 
>> 
>> ClusterLabs home: https://www.clusterlabs.org/ 
>> 
> 
> 
> -- 
> Regards,
> 
> Reid Wahl, RHCA
> Senior Software Maintenance Engineer, Red Hat
> CEE - Platform Support Delivery - ClusterHA
> 
> _______________________________________________
> Manage your subscription:
> https://lists.clusterlabs.org/mailman/listinfo/users 
> 
> ClusterLabs home: https://www.clusterlabs.org/ 
> _______________________________________________
> Manage your subscription:
> https://lists.clusterlabs.org/mailman/listinfo/users 
> 
> ClusterLabs home: https://www.clusterlabs.org/ 





More information about the Users mailing list