I've included my original post for easy reference to my current issues.
I've been able to get one LD up and running successfully but the backup is
not working. I've used identical configs on each. They are different
machines from different manufacturers - unfortunately however.
They both have the following installed:
RedHat 7.1
vanilla kernel 2.4.4
netfilter
ipvs 0.8
heartbeatd
keapalived
I was very careful to port over my .config file from my first LD to my
second for configuring the kernel. I applied all the patches for ipvs etc.
I used the second example in the ipvs compilation docs and applied all four
patches manually and copied the ipvs code into the kernel tree. The only
difference in the two kernels is that I had to add an extra module for the
NIC built into the MB of the backup LD, an I e100 I believe.
I have verified that arping and traffic flow is working correctly on the
backup LD but have found that it stops after it's gone all the way through
LD and is coming back in. Basically, nothing seems to come out of my backup
LD. I have used tcpdump to monitor my external interface and though I see
traffic coming in from my client, nothing comes out. I've monitored my
internal interface and I can see traffic going from the client to the RS and
heading back to the client. I'm using LVS-NAT btw. So anyway, my theory is
that for some reason the SNAT is not taking place on this LD. I've been
trying to use iptables -L -t nat -n sometimes with the -v to try to see if
there is traffic or if any entries are being generated but am seeing very
little traffic on this LD. When I do this with my working LD I see tons of
traffic since things are working.
Any ideas for a next steps in troubleshooting would be greatly appreciated.
Is there a specific table that the SNAT entries that ipvs generates will
show up in for iptables?
Thanks,
Mark
> Subject: Hot Spare config with LVS?
>
>
> I'm currently helping out with a new LVS/netfilter
> deployment. We want a
> configuration where two Solaris based web servers will be
> setup in a primary
> and secondary configuration. Rather than load balancing
> between the two we
> really want the secondary to act as a hot spare for the
> primary. So we want
> to use LVS which is, by definition, a load balancer as more
> of a manager for
> HA for a different OS - Solaris. Obviously the cost
> advantages of two Linux
> boxes and LVS over commercial (Alteon, Extreme Switches,
> Veritas, etc.)
> products make it worth the trouble. We also want use the LDs
> as Firewalls
> for this project using netfilter.
>
> So, the question I have is this:
> Is there any combination of schedules and/or weight (0
> perhaps?) values that
> will allow for configuration of the 2 real servers to be
> setup with one as a
> primary and one as a secondary server in hot-spare capacity.
> Basically we
> only want the secondary real server to process requests if
> the primary is
> removed by mon from the ipvsadm table. Once mon detects that
> the primary is
> providing the services we want mon to add it back to the
> ipvsadm table and
> requests to the secondary real server to cease.
>
> Here is a quick diagram to help illustrate this question:
>
> Internet LD1&LD2 - Linux 2.4 kernel
> | RS1&RS2 - Solaris
> Router
> |
> -------+-------
> | |
> ----- -----
> |LD1| |LD2|
> ----- -----
> | |
> -------+-------
> |
> Switch
> |
> ---------------
> | |
> ----- -----
> |RS1| |RS1|
> ----- -----
>
> I didn't go to the trouble of listing IPs since it not really
> relevant to
> the question. But feel free to make up bogus DIPs, VIPs, and RIPs if
> explaining this with sample ipvsadm commands.
>
> Thanks,
> Mark
>
>
>
>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
|