Re: LVS & Apache ReverseProxy (mod

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: LVS & Apache ReverseProxy (mod_proxy) on one machine
From:	Marco Lorig <mlorig@xxxxxx>
Date:	Fri, 18 Nov 2005 12:49:56 +0100

Hi Roberto,

infact, we have several realservers and each VirtualHost on the Proxy points 
(redirects) to a realserver.

10.0.1.100:81 mod_proxy redirect ---> RS1:80
10.0.1.100:82 mod_proxy redirect ---> RS2:80 
10.0.1.100:83 mod_proxy redirect ---> RS3:80
10.0.1.100:84 mod_proxy redirect ---> RS4:80

The apache splits the connection from external https to internal http (later 
the director is listening on port 443) 

[IPVS-ENGINE -> 10.0.1.100:81 APACHE] -> RS1
[IPVS-ENGINE -> 10.0.1.100:82 APACHE] -> RS2
[IPVS-ENGINE -> 10.0.1.100:83 APACHE] -> RS3
[IPVS-ENGINE -> 10.0.1.100:84 APACHE] -> RS4

Now, i tried the following:

Director 10.0.0.100:80 listen lc
-> 10.0.1.100:80 (apache2.conf adjusted to the new ip) -m
-> 10.0.1.101:80 (apache2.conf adjusted to the new ip) -m
-> 10.0.1.102:80 (apache2.conf adjusted to the new ip) -m

telnet on 10.0.1.100:80 works fine but external connections through ipvs 
doesn´t work.

I can create a jpeg of the setup and publish it onto a webserver if there is 
anything ambiguous.

regards Marco


> Side note: The director does not really listen, in the sense of socket 
> listening, it accepts packets which are listed in the service table and 
> forwards them according to a chosen and available destination, based on 
> one of the schedulers you configured.
>
> This will not work, as you've remarked. You should use 4 different RS 
> addresses, which could be in the 127.0.0.0/8 range, but the port has to 
> stay. It's part of the service identification in LVS_DR or 
> LVS_LOCALNODE. Have apache listening on 127.0.0.10-14/24 and set up a 
> VIP on 10.0.0.100/32 on lo as secondary IP, and handle the ARP issue.
> 
> Then you need to get the routing correct. If you want to route back 
> through the director, you might need some patches (I don't remember 
> exactly right now); preferable however is some sort of intermediate 
> router, so:
> 
> client --> router --> LVS --> mod_proxy --> RS
>                ^                             v
>                +-----------------------------+
> 
> However, I don't see why you need multiple RS locally for mod_proxy and 
> have only one RS in the the internal network? Or did I misunderstand you 
> setup? What is your RS used for? Normally it's the RS that contains 
> mod_proxy, or a dedicated node which acts as mod_proxy. I fear that I 
> completely misunderstand what you intend to do ;).


______________________________________________________________
Verschicken Sie romantische, coole und witzige Bilder per SMS!
Jetzt bei WEB.DE FreeMail: http://f.web.de/?mc=021193

<Prev in Thread]	Current Thread	[Next in Thread>
LVS & Apache ReverseProxy (mod_proxy) on one machine, Marco Lorig Re: LVS & Apache ReverseProxy (mod_proxy) on one machine, Roberto Nibali Re: LVS & Apache ReverseProxy (mod_proxy) on one machine, Marco Lorig <=

Previous by Date:	heartbeat with static and virtualip address, gg gg234
Next by Date:	Re: clock constantly out of sync, Bunpot Thanaboonsombut
Previous by Thread:	Re: LVS & Apache ReverseProxy (mod_proxy) on one machine, Roberto Nibali
Next by Thread:	[PATCH-2.4 0/2] Threshold Limitation & Overflow Server Pool, Roberto Nibali
Indexes:	[Date] [Thread] [Top] [All Lists]

Re: LVS & Apache ReverseProxy (mod_proxy) on one machine