Hi, i've just installed a pair of ISPConfig 3.02 servers, both following "The Perfect Server" instructions, but the second one with the expert setup, to create it as slave of the first one. The installation finished without errors. I noticed that in the mysql user table of the master server, there is a new user "ispcsrv3", i guess that is used to the replication, and i guess it does have no more than the required permissions (i was afraid that root user was used when required in installation, so nice surprise). From here, i didnt find any specific documentation to this multiserver setup, only diversificated posts in this forum, do i decided to start some tests to check the behaviour, but i have some questions, so maybe someone can gently enlight me. I understand that the replication process is one direction only, that way i see that clients and templates created on master, are seen also in slave, but not in the other direction. This is working for me. I can also choose the server when adding a new service (like mail or web). Checking the mydns behaviour in both servers, i see that templates created in master, are accessible from slave, but not in the other direction. I guess that is the expected behaviour. But when i create a zone in the master, it doesnt appear in the slave server, obviously in the other direction neither work. If i create the zones in both servers, updating a registry in the master doesnt update it in the slave. Maybe i am missing some step ? There is some way to debug it ? other questions , if master server is down, the slave can still work and serve their associated resources (with the replicated info in their db) ? If i make changes in a service from slave control panel, in a service created from master, the db,s will be desynced ? There is any chance that the replication process delete information created directly from slave control panel ? is then the expected action to always work from master control panel ? Is the replication transaction ssl secured ? Is there any list of prefix/templates variables anywhere ? there are variables for "Allow zone transfers","Also notify","Update ACL" in dns template ? Thanks all.
In a ispconfig multiserver setup, only the master server has a interface. This is a must, if you would try to login to the interface on a slave and edit or add something there, it will break the replication. yes. slaves never have a controlpanel. Not by default. But all user passwords are encrypted anyway before they get transferred. But you can enable ssl encryption for mysql connections. no.
FIrst all, thanks for your quick response. When you say that slaves never have control panel, you mean that is not installed (php files etc.) and accordingly not accessible ? If so, i've done something wrong, because i'm able to log in slave's control panel (i've done an expert installation, don't remember if asked for a control panel option). From here, and to reach a correct installation status, what can be done ? I can delete the slave database. Maybe the files in some dir ? i would like to start from scrath again (without install all base packages again). JM.
No. This means that must select 'n' when the installer in expert mode asks you if the controlpanel shall be installed. As long as you did not added or modified any data after you logged in, its ok. If you added or modified data, you have to reinstall the master / slave setup or at least delete all data (websites, domains, mail accounts, clients, etc.) in the master and slave.
Did I understand for me if I make a DNS change on the master, the slave servers which I only use for NS are no going to be replicated?
Till im not trying to hijack this mans post. I am going to do fresh VM and new ispconfig servers and wanted to make sure that I wasn't just beating up the wrong tree. The master will not be slelected to serve NS records just to be add from the main CP as only have one ssl and thats for the master.
Thats up to you. a ispconfig master can manage hundreds of servers and which services every node runs depends on your install only. You can have one or more dns, mail and webservers.
from a strictly logical point of view, the existance of both options (join master=y & cp=yes) should define a valid scenario, if not maybe would be more clear only ask one of the two. I'm feeling a little dumb for havent choose the correct answers. Actually i made tests in both CP, so i'm going to delete both databases, and try to start from scratch. Also, i would like to revert the state of files in slave as they would be if i selected NO CP. Can i remove some dir or its a fairly more complex task ?
Me hijacking this post has helped me more than you know!!! My project has 2 years before we go live so maybe with your help and this awesome software we can make it possible. I will not forget you friend and when I move to my colocation I will offer any service that you might require as a donation back to this project. I am buying up HP DL380's for my server enviroment so power and storage will be at the finger tips.
I've done a reinstall (uninstall.php + install.php), and now i only have a cp in the master server. If i add a dns zone in the cp, and choose the master in the server option, the slave doesnt know anything about that domain (i tested first with nslookup, and then checked that in the dns tables on slave there is no such domain). If i choose the slave in the server option, then the master doesnt resolve that domain, only the slave. What is the correct method to have a primary and a secondary server for a zone, with only 1 place to edit the registers ?
If you want to mirror one server to another, then go to system > server services click on the server name and select the primary server for this mirror in the "is mirror of server" select field.
I've made the slave mirror of the primary following you instructions, but when i create a zone in master, slave still dont resolve it. Anyway, what is supposed to get mirrored ? i only would like the dns to be mirrored, because would be cool to have a primary and secondaries ready with only one create operation. For the other services doesnt make too much sense to me, because they require fs files sync also (i guess that the mrror is from the db).
If one server mirrors another, then every configuration gets mirrored. If you want to mirror only DNS, then you need a 2 dedicated DNS Servers or virtual machines were you set one of them to mirror the other one.
then i see it like a kind of high availability option, if we keep syncing fs with rsync or similar. But doesnt seem to work for me to setup the dns secondary, because i have seen that the db information is being replicated to slave, but still slave doesnt resolve !! how is it possible ?
If the information is replicated in the slave DB, then the mirror setup works fine and the problem is not related to mirroring. You should to check if there is a config issue with the dns server. Which DNS daemon do you use on master and slave?
I use mydns in both (bind doesnt support db backend, isnt it?), the test zone is in both db, master resolves, slave does not. I don't see any mydns error on slave's logs, i tried also to restart the service on slave, but no luck. Maybe the soa from master is invalid to slave ?
Please test both servers like this from the commandline: dig @ns1.yourdomain.com yourdomain.com dig @ns2.yourdomain.com yourdomain.com
from master : ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8000 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; WARNING: recursion requested but not available from slave : ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 62865 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available
If the dns records are morrored to the slave, then there are just 2 options: Either mydns is not the dns server that is listening on the slave or mydns can not connect to the database. Please post the output of: netstat -tap | grep dns from the slave server and check the mydns.conf file if the login details for the mysql user and database are correct (e.g. test login details with the mysql command).