|
Hi i got a few issues setting up my LVS.
i use keepalived and lvs NAT
i got a pretty simple system, 2 real servers...
it's like this :
VIP
ServerO serverA
RIP1 RIP2
Let's say this way:
VIP : 192.168.1.126
rip1 : 10.0.0.2
rip2 : 10.0.0.4
VGW : 10.0.0.254 (virtual gateway)
it's webservers so i serverA with wget...
If server O is master :
From an other computer, external to all this. it is on 192.168.1.0
wget 192.168.1.126
- once timouts (When the request is directed to itself RIP1)
- once it is "connection refused." (other server. RIP2)
From ServerO
wget RIP1 (so, to myself)
- works
wget RIP2 (other realserver)
- works
If server A is master :
From an other computer, external to all this. it is on 192.168.1.0
wget 192.168.1.126
- once it is "connection refused." (When the request is
directed to
itself RIP2)
- once it timeouts (other server. RIP1)
So this result is inverted compared to the first case on the
other
server...
From ServerA
wget RIP2 (so, to myself)
- works
wget RIP1 (other realserver)
- works
So seeing all this i suspect some strange routing issue...
On ServerO (Master mode)
serverO:/home/pierre# ip ad li
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:90:27:6a:45:1d brd ff:ff:ff:ff:ff:ff
inet 10.0.0.2/24 brd 10.0.0.255 scope global eth0
inet 192.168.1.126/24 scope global eth0
inet 10.0.0.254/24 scope global secondary eth0
inet6 fe80::290:27ff:fe6a:451d/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:d0:b7:26:b7:14 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 brd 10.0.0.255 scope global eth1
4: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
serverO:/home/pierre# ip ro li
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.2
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.126
default via 192.168.1.1 dev eth0 src 192.168.1.126
default via 10.0.0.254 dev eth0
(Slave mode)
serverO:/home/pierre# ip ad li
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:90:27:6a:45:1d brd ff:ff:ff:ff:ff:ff
inet 10.0.0.2/24 brd 10.0.0.255 scope global eth0
inet6 fe80::290:27ff:fe6a:451d/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:d0:b7:26:b7:14 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 brd 10.0.0.255 scope global eth1
4: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
serverO:/home/pierre# ip ro li
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.2
On Server A (Master Mode)
serverA:/tmp# ip ad li
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:01:02:3a:70:50 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.4/24 brd 10.255.255.255 scope global eth0
inet 192.168.1.126/24 scope global eth0
inet 10.0.0.254/24 scope global secondary eth0
inet6 fe80::201:2ff:fe3a:7050/64 scope link
valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
serverA:/tmp# ip ro li
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.4
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.126
default via 192.168.1.1 dev eth0 src 192.168.1.126
default via 10.0.0.254 dev eth0 scope link
(Slave Mode)
serverA:/tmp# ip ad li
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:01:02:3a:70:50 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.4/24 brd 10.255.255.255 scope global eth0
inet6 fe80::201:2ff:fe3a:7050/64 scope link
valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
serverA:/tmp# ip ro li
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.4
default via 10.0.0.254 dev eth0 scope link
Notice that in master mode i always have 2 default routes.
i join my keepalived.conf.... well, actualy both of them...
If anyone has an idea... PLEASE HELP !!! :)
btw... keepalived shouldn't remove the default gw before setting the
virtual one ?
if yes... how should i do this ?
ServerO
global defs {
notification_email {
pierre@xxxxxxxxxxxxxx
}
notification_email_from keepalived@xxxxxxxxxxxxxx
smtp_server smtp.somewhere.here
smtp_connect_timeout 10
lvs_id node_serverO
}
###########################################################
# Here comes the group(s) definitions
vrrp_sync_group VG1 {
group {
VI_1
VI_GATEWAY
}
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
lvs_sync_daemon_interface eth0
mcast_src_ip 10.0.0.2
virtual_router_id 50
priority 120
advert_int 5
smtp_alert
authentication {
auth_type PASS
auth_pass serverA
}
virtual_ipaddress {
192.168.1.126/24
}
virtual_routes {
src 192.168.1.126 to 0.0.0.0/0 via 192.168.1.1 dev eth0
}
}
vrrp_instance VI_GATEWAY {
state BACKUP
interface eth0
lvs_sync_daemon_interface eth0
mcast_src_ip 10.0.0.2
virtual_router_id 51
priority 120
advert_int 5
smtp_alert
authentication {
auth_type PASS
auth_pass serverA
}
virtual_ipaddress {
10.0.0.254/24
}
}
###########################################################
# Virtual servers and real servers definitions
virtual_server 192.168.1.126 80 {
delay_loop 5
lb_algo rr
lb_kind NAT
persistance_timeout 10
protocol TCP
real_server 10.0.0.2 80 {
TCP_CHECK {
connect_timeout 10
connect_port 80
}
}
real_server 10.0.0.4 80 {
TCP_CHECK {
connect_timeout 10
connect_port 80
}
}
# real_server 192.168.1.13 80 {
# TCP_CHECK {
# connect_timeout 10
# connect_port 80
# }
# }
}
ServerA
global defs {
notification_email {
pierre@xxxxxxxxxxxxxx
}
notification_email_from keepalived@xxxxxxxxxxxxxx
smtp_server smtp.somewhere.here
smtp_connect_timeout 10
lvs_id node_serverA
}
###########################################################
# Here comes the group(s) definitions
vrrp_sync_group VG1 {
group {
VI_1
VI_GATEWAY
}
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
lvs_sync_daemon_interface eth0
mcast_src_ip 10.0.0.4
virtual_router_id 50
priority 100
advert_int 5
smtp_alert
authentication {
auth_type PASS
auth_pass serverA
}
virtual_ipaddress {
192.168.1.126/24
}
virtual_routes {
src 192.168.1.126 to 0.0.0.0/0 via 192.168.1.1 dev eth0
}
}
vrrp_instance VI_GATEWAY {
state BACKUP
interface eth0
lvs_sync_daemon_interface eth0
mcast_src_ip 10.0.0.4
virtual_router_id 51
priority 100
advert_int 5
smtp_alert
authentication {
auth_type PASS
auth_pass serverA
}
virtual_ipaddress {
10.0.0.254/24
}
}
###########################################################
# Virtual servers and real servers definitions
virtual_server 192.168.1.126 80 {
delay_loop 5
lb_algo rr
lb_kind NAT
persistance_timeout 10
protocol TCP
real_server 10.0.0.2 80 {
TCP_CHECK {
connect_timeout 10
connect_port 80
}
}
real_server 10.0.0.4 80 {
TCP_CHECK {
connect_timeout 10
connect_port 80
}
}
# real_server 192.168.1.13 80 {
# TCP_CHECK {
# connect_timeout 10
# connect_port 80
# }
# }
}
|
