Re: [lvs-users] LVS 101

To: users mailing list. <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] LVS 101
From: Michael Moody <michael@xxxxxx>
Date: Thu, 6 Nov 2008 09:54:52 -0800
1. I typically always run my LB behind a hardware firewall (and the hardware 
firewall allows me to create multiple networks on it's interface, i.e. 10.0.0.x 
and 192.168.1.x

2. Personal preference really, but I find the best and easiest stack to be 
heartbeat/ldirectord (using LVS-DR)

3. I (personal opinion) find it very advantageous to have an inactive director, 
and I use the machine for minor duties when it's not the primary

4. Depending on what you need, we're using this successfully in one client's 
infrastructure. They use php sessions, and even when a failover occurs (and you 
can statefully sync the sessions using ipvsadm), users remain logged in, with 
their shopping cart, etc. For scalability, I would not recommend placing 
session data in mysql (though memcache is an option)

Welcome to the mailing list.

Michael S. Moody
Sr. Systems Engineer
Global Systems Consulting


-----Original Message-----
From: Ryan King [mailto:ryan.king@xxxxxxxxxxxxxx]
Sent: Thursday, November 06, 2008 9:55 AM
To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: [lvs-users] LVS 101

Hello All-

I'm early in the research/planning stage of a project for which we would
like to implement LVS (will only serve HTTP, currently thinking
LVS-NAT). I've been following this list for several months, and
researching LVS in an attempt to become familiar with how people are
using it, and common problems encountered, etc.

My first basic questions are:

1) Are people typically running their Directors as internet-facing
boxes, setup also as a firewall (as I routinely hear their VIP talked
about as being externally accessible), or is a separate firewall
typically sitting on the perimeter?

2) I haven't fully read the mini-howto, and I know that's the first
place to start when I'm ready to touch hardware, so I'm trying not to
ask questions that make Joe or others angry :), but from looking at the
lvs site, I see many methods of accomplishing HA/LB
( i.e.
piranha/keepalived/ultramonkey/heartbeat+ldirectord/etc... is there one
particular method that you endorse, or is more "road-tested"?

3) The active/inactive director setup quickly caught my eye, as I'm
nearly OCD when it comes to increasing efficiencies of a system, which
led me quickly to your paper on active/active
( Are many/any people
out there actually using this and/or having success? I haven't come
across much discussion on this topic, so wasn't sure if other
advances/changes in LVS have made it less desirable, or possibly it
presents significant new challenges in setup, etc...?

4) Our project will be PHP/mySQL-based, relying on PHP session data for
client connection state. I've read enough to realize there may be
significant issues with connection synch between the directors on
failover and/or recovery of failed director, is this a correct
assumption? If so, this could become a defining issue for our
programming team, as I've read a common work-around for these issues
involves designing the code to maintain session data in mySQL instead,
so that regardless of the answering real server, this data is available.
Obviously, that would be good to know before the first line of code is
written... :)

Thanks so much in advance for any advice or knowledge anyone is willing
to pour out...

<Prev in Thread] Current Thread [Next in Thread>