|
On Mon, 9 Sep 2002, Christopher Young wrote:
> Looking for advise on the current scenario. All help would be greatly
> appreciated!
>
> I am wanting to run RedHat 7.3 on the load-balancers along with the
> Ultramonkey 2.0 RPMs. The exception would be getting a proper kernel
> (preferably a RedHat-released ones -OR- close to it) on the load
> balancers (LB1, LB2). I am wondering who else is successfully running
> RedHat 7.3 on the balancers and what package/software sets they are
> running.
I'm running RH 7.3 on the LVS boxes, I install the kernel-source rpm then
compile/build the LVS modules & ipvsadm. I don't repatch the kernel (RH
kernels come with LVS already). I just copy the modules into the
appropriate directory /lib/modules/2.4.18-5/....).
I also use keepalived/VRRP which I find the easiest, most feature rich
monitoring/fail over package around.
Works very well, stock kernel, latest LVS modules, iptables, LVS-NAT.
running on a celeron 500 with 64MB RAM.
>
> |--------------| |------------------|
> (Public IPs)--*| Firewall/NAT | --- (Private IPs) ---- | Local Net |
> |--------------| |--|------------|--|
> | | |--|
> |--------| |-------|
> |----------|
> | LB 1 |==| LB 2 | | (Real)
> |
> |--------| |-------| |
> Servers) |
>
> |----------|
>
> I know that I will need to use Direct Routing for this, however I am
> concerned that because the outside IP addresses are already being NAT'd
> (hence everything IP address-wise will be coming from the inside
> interface on the firewall), that I may not get a "good balance". What
> would be the best type of balance to setup in this scenario? Also, I
> need to maintain some level of persistence since it is session-based
> websites and it is VERY important that the user continue to use the same
> real server for their session.
This will be tricky because LVS persistance is based on the source IP.
Are you sure the firewall is mangling the source IP address when it is
NAT'ing? That is not normal. The real servers should still see the
source IP as the original source. The firewall will re-write the
destination IP to the VIP which will be picked up by LB 1 via gratitous
ARP.
> > Currently, I need to:
> - Be able to load-balance to multiple web/app servers on Windows 2000 &
> Linux.
> - Be able to provide redundant load-balancing using ldirectd/heartbeat
> on the load-balancers themselves (using Ultramonkey, preferably).
You should seriously look into keepalived for the failover, it works
really nice
> - Provide (if possible) a failover SAMBA (SMB) fileservice from the
> load-balancers (when failing over, start/stop SMB service).
> {I'm willing to deal with the filesync issues between the two)
No idea on SMB failover
> Christopher M. Young,
> RHCE, SCSA, MCSE, CCNA, CCA
EIEIO ;)
-Matt
--
----------------------------------------------------------------------
Matthew S. Crocker
Vice President / Internet Division Email: matthew@xxxxxxxxxxx
Crocker Communications Phone: (413) 746-2760
PO BOX 710 Fax: (413) 746-3704
Greenfield, MA 01302-0710 http://www.crocker.com
----------------------------------------------------------------------
|
