LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: persistance (now progressing slowly)

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: persistance (now progressing slowly)
From: Horms <horms@xxxxxxxxxxxx>
Date: Thu, 27 Oct 2005 12:25:09 +0900
On Wed, Oct 26, 2005 at 05:35:01PM +0900, sipieter nicolas wrote:
> --- sipieter nicolas <niko_2501@xxxxxxxxxxx> からのメッ
> セージ:
> > 
> > > > --- Francois JEANMOUGIN
> > > > <Francois.JEANMOUGIN@xxxxxxxxxxxxxxxxx> wrote:
> > > > 
> > > > 
> > > > > Use the apropriate sysctl on the director :
> > > > > 
> > > > > net.ipv4.vs.expire_nodest_conn = 1
> > > > > net.ipv4.vs.secure_tcp = 3
> > > > > net.ipv4.vs.timeout_finwait = 2
> > > > > net.ipv4.vs.expire_quiescent_template = 1

For the record, answering questions earlier on in this thread:

1. Yes you can paste those lines directly into sysctl.conf

   You can also echo the values on the right-hand side
   directly into the corresponding proc values.

   e.g. echo 1 > /proc/sys/net/ipv4/vs/expire_nodest_conn

   Using sysctl on systems that have it has the advantage
   that the vaules should be set on reboot. All proc values
   represent internal kernel state, and thus are reset on reboot.

2. .vs. is sysctl notation for /vs/, that is the vs subdirectory
   of /proc/net/ipvs. The vs subdirector appears when LVS is
   present in the kernel, for modular kernels this usually
   means after modprobe ip_vs, or running ipvsadm, which autoatically
   does the modprobe if neccessary.

3. expire_quiescent_template was added in 2.6.10, so it won't show
   up in earlier kernels. Its also in 2.4, but I am not sure which
   version added it. Check the kernel changelogs if you want to know.

   If the /proc/net/ipvs/vs directory exists, then
   expire_quiescent_template will exist in it, if the kernel
   supports that option. Else, you will need a newer kernel,
   as you have done.

> So I finaly updated to latest kernel, now i have :
> -expire_quiescent_template
> but still no "timeout_finwait
> in /proc/sys/net/ipv4/vs
> 
> what does that mean? and also, despite the fact i've put 
> thoses lines in /etc/sysctl.conf after reboot if i do:
> [root@localhost vs]# cat ./expire_quiescent_template
> 0
> [root@localhost vs]#
> 
> why 0 ?, it should be 1 right?

You need to run sysctl -p as root after adding the values to sysctl.conf.
This should set the values.

Also, you still need a user-space tool, such as keepalived or
ldirectord, if you want real-server to be added and removed from
LVS as they fail and come on-line. The proc values such as
expire_nodest_conn and expire_quiescent_template just fine-tune
the effects that oppoerations made by those tools can have.

-- 
Horms

<Prev in Thread] Current Thread [Next in Thread>