LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

[lvs-users] LDAP failover

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: [lvs-users] LDAP failover
From: "Bruce Thompson" <thompson.bj@xxxxxxxxx>
Date: Tue, 29 Apr 2008 17:00:54 +1200
Hi,

We have two directors which are also the real servers which host two
instances of LDAP (is it a problem for LVS to route to a local server - our
ipvsadm output below looks a little strange with "route" and "local"?). The
LDAP servers are being replicated.

We have heartbeat, ldirectord and ipvsadm configured. We want SUN eXchange
requests coming in to be redirected to the secondary LDAP server in the
event that the primary LDAP fails.

We have tried a couple of configurations, one which passes requests via the
virtual address to the primary LDAP but does not redirect requests (in the
event the primary LDAP fails) to the secondary LDAP, the other (commented
out) does not pass requests at all.

Below is the output of *ipvsadm*:

b2b04util01:/home/eaiadmin # ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  b2b04util.xxx:ic lc persistent 5
  -> b2b04util01.xxx:iclp Local   0      0          0
  -> b2b04util02.xxx:iclp Route   0      0          0
*
ldirectord.cf*:

virtual=10.32.24.48:1389
        real=10.32.24.46:1389 gate 10
        real=10.32.24.47:1389 gate 10
        checktype=connect
        service=none
        scheduler=lc
        persistent=5
        protocol=tcp

#
#virtual=10.32.24.48:1389
#       real=10.32.24.46:1389 gate 10
#       real=10.32.24.47:1389 gate 10
#       checktype=negotiate
#       service=ldap
#       checkport=1389
#       negotiatetimeout=10
#       request="o=users"
#       receive="o=USERS"
#       scheduler=lc
#       persistent=5
#       protocol=tcp
#       checktimeout=10
#       checkinterval=10

Can anyone advise why the bottom commented out configuration does not work
(another thing we've noted with this configuraton is that we get a loopback
in ifconfig on both directors)? Do we need to rework the anonymous
query we're are running against the DS to test that it is alive?

Thanking you in advance for your help.

Regards,
Bruce


-- 
m: +64 (0)21 962 085
h: +64 (0)4 384 8740
e: thompson.bj@xxxxxxxxx
skype: bjthompson

<Prev in Thread] Current Thread [Next in Thread>