How to Set Up High-Availability Clustering on Debian 12 Bookworm

High-availability (HA) clustering is a vital approach for maintaining uptime and minimizing service disruption in environments where system reliability is crucial. Debian 12 Bookworm, the latest stable release of Debian, provides a robust platform to build such resilient systems. In this guide, we’ll walk through setting up a high-availability cluster using Pacemaker, Corosync, and optionally DRBD for shared storage.

What is a High-Availability Cluster?

A high-availability cluster is a group of computers (nodes) that work together to ensure that a service remains available even if one or more nodes fail. These clusters often utilize:

• Failover: If the active node fails, a standby node takes over.
• Resource Management: Services and applications are managed across nodes using cluster software.
• Heartbeat Monitoring: Nodes regularly communicate to check health status.

Prerequisites

Before diving into configuration, ensure the following:

• At least two Debian 12 systems (minimum requirement for a basic HA setup).
• Static IP addresses for all nodes.
• SSH access between nodes.
• Root or sudo privileges on all nodes.
• Time synchronization between nodes (using chrony or ntp).

Let’s assume the two nodes have the following hostnames and IPs:

• node1: 192.168.100.1
• node2: 192.168.100.2

Step 1: Prepare the Systems

1.1 Update the system

sudo apt update && sudo apt upgrade -y

1.2 Set hostnames

On node1:

sudo hostnamectl set-hostname node1

On node2:

sudo hostnamectl set-hostname node2

1.3 Configure /etc/hosts

Add the following lines to /etc/hosts on both nodes:

192.168.100.1 node1
192.168.100.2 node2

1.4 Synchronize time

Install chrony:

sudo apt install chrony -y

Start and enable the service:

sudo systemctl enable --now chronyd

Step 2: Install Corosync and Pacemaker

Corosync is the messaging layer, while Pacemaker handles the cluster resource management.

sudo apt install corosync pacemaker pcs -y

Enable and start the services:

sudo systemctl enable --now pacemaker corosync

2.1 Create hacluster user password (required by pcs)

On both nodes:

sudo passwd hacluster

2.2 Authenticate cluster nodes

On one of the nodes (e.g., node1):

sudo pcs host auth node1 node2 -u hacluster

Step 3: Configure the Cluster

3.1 Create the cluster

sudo pcs cluster setup --name ha_cluster node1 node2

3.2 Start the cluster

sudo pcs cluster start --all

3.3 Enable cluster services at boot

sudo pcs cluster enable --all

3.4 Check cluster status

sudo pcs status

You should see both nodes listed and online.

Step 4: Configure STONITH (Shoot The Other Node In The Head)

STONITH is a fencing mechanism used to ensure data integrity by isolating failed nodes.

Important: For production systems, STONITH should always be configured. For testing, you can disable it (not recommended in real environments).

sudo pcs property set stonith-enabled=false

Also, disable quorum policy (for 2-node clusters):

sudo pcs property set no-quorum-policy=ignore

Step 5: Add a Cluster Resource

Let’s create a virtual IP (VIP) resource, which will float between nodes.

5.1 Add a floating IP resource

sudo pcs resource create ClusterIP ocf:heartbeat:IPaddr2 ip=192.168.100.100 cidr_netmask=24 op monitor interval=30s

5.2 Verify

sudo pcs status resources

The virtual IP 192.168.100.100 should now be active on one of the nodes. Try pinging it from a different machine on the same network.

Step 6: Add a Web Server as a Resource (Example Use Case)

Let’s simulate a highly available web service using Apache.

6.1 Install Apache

sudo apt install apache2 -y

Ensure the same content exists on both nodes (for simplicity).

6.2 Create a resource for Apache

sudo pcs resource create WebServer ocf:heartbeat:apache configfile=/etc/apache2/apache2.conf op monitor interval=30s

6.3 Group the resources

You can create a group to keep related resources together:

sudo pcs resource group add WebGroup ClusterIP WebServer

6.4 Verify group status

sudo pcs status

Try shutting down Apache or powering off one node and observe how the cluster fails over to the remaining node automatically.

Optional: Shared Storage with DRBD

If your application needs shared storage, you can configure DRBD (Distributed Replicated Block Device).

1. Install DRBD

sudo apt install drbd-utils -y

2. Configure DRBD

Create a DRBD resource file /etc/drbd.d/r0.res:

resource r0 {
  device /dev/drbd0;
  disk /dev/sdb1;
  meta-disk internal;
  on node1 {
    address 192.168.100.1:7788;
  }
  on node2 {
    address 192.168.100.2:7788;
  }
}

Initialize the DRBD device and bring it online:

sudo drbdadm create-md r0
sudo drbdadm up r0

Promote one node to primary:

sudo drbdadm primary --force r0

Then format and mount /dev/drbd0 as needed.

Maintenance and Monitoring Tips

• Use pcs status to monitor the cluster.
• Log files: /var/log/syslog, /var/log/cluster/, and journalctl -xe.
• Restart cluster services with caution and stagger restarts if needed.
• Always test failover scenarios before going to production.

Conclusion

Setting up a high-availability cluster on Debian 12 Bookworm using Pacemaker and Corosync provides a powerful solution for businesses and professionals who demand reliability. While our guide focused on a two-node basic setup, clusters can be scaled further with advanced fencing mechanisms, load balancers, shared filesystems like NFS or GFS2, and more automation.

The key takeaway is understanding the core building blocks:

• Corosync handles communication and health checks.
• Pacemaker manages services and failover.
• STONITH protects against split-brain situations.
• DRBD or other storage solutions provide data replication.

With this foundational setup in place, you’re now ready to explore more advanced high-availability techniques suited to your specific workloads.