That’s a long list, by itself.
First, I’d go with a shared MySQL and/or PostgreSQL server, if you plan to have either. I usually keep my SQL servers off the webservers. Here’s some good documentation on that:
https://www.virtualmin.com/documentation/id,running_mysql_on_a_remote_system/
For shared users, use LDAP. You can get some good documentation about the subject here:
http://www.virtualmin.com/documentation/id,combining_virtualmin_and_ldap/
I personally only used the portion mainly about the actual virtuamin side of the setup, especially for postfix.
For the /home mount, use shared storage such as NFS. With NFSv3 over udp mounting a floating IP of two servers that replicate and provide NFS, wether that’s using glusterfs or DRBD, or some other kind of SAN, your choice, you can provide failover-capable NFS by this means.
As for syncing configurations, I use unison to sync /etc/webmin/virtual* directories to both sides, as well as /etc/apache/sites-enabled, /etc/apache/sites-available, /etc/postfix, and even the stuff for bind.
After all that, it’s a matter of setting up init.d scripts to start and stop both webservers, dns servers, mail servers, etc. I use my own wrapper script that basically looks something like:
Apache Example:
#!/bin/bash
case $1 in
stop | status)
ssh root@node2 /etc/init.d/apache2 $1
/etc/init.d/apache2 $1
;;
start | graceful | reload | force-reload | restart | start-htcacheclean | stop-htcacheclean)
unison
ssh root@node2 /etc/init.d/apache2 $1
/etc/init.d/apache2 $1
;;
*)
log_success_msg “Usage: /etc/init.d/apache2 {start|stop|restart|reload|force-reload|start-htcacheclean|stop-htcacheclean|status}”
exit 1
;;
esac
The only issues I’m having with this setup at all is the IP configurations. I’m using a public internet IP through ldirectord for LVS masquerading directing to LAN IP’s. When I do that, the webservers are on different IP’s on the LAN so I;m having difficulty getting them to respond to name-based virtual-hosting as expected by the way virtualmin wants to do things.
So if anyone has any ideas to resolve that issue, I’d be very welcome to the input as well.