|
Ranga Nathan <kairanga@xxxxxxx> wrote:
> I traced it down to my ldirectord configuration. I assumed that the VIP
> is available for all ports. But the configuration opens only port 80 and
> I was testing with ssh connection. I changed the port to 22, and it
> worked fine.
> Now I really want to cluster for all ports for a given VIP. According to
> the instructions I should use a firewall mark for this. So I now have:
> Chain PREROUTING (policy ACCEPT)
> target prot opt source destination
> all -- 172.21.113.89 anywhere MARK match 0x64
>
> and in ipvsadm.rules:
> -A -f 100 -s rr -p
> -a -f 100 -r 172.21.113.87 -g -w 1
> -a -f 100 -r 172.21.113.88 -g -w 1
There is no point in using ipvsadm.rules + ldirectord.
Choose one.
> and the ldirectord configuration is:
> checktimeout=20
> checkinterval=5
> autoreload=yes
> quiescent=no
> logfile="info"
> virtual=100
> real=127.0.0.1:0 gate 1 ".healthcheck.html" "OKAY"
> real=172.21.113.87:0 gate 1 ".healthcheck.html" "OKAY"
> real=172.21.113.88:0 gate 1 ".healthcheck.html" "OKAY"
> service=http
> checkport=80
> protocol=fwm
> scheduler=wrr
> checktype=negotiate
> fallback=127.0.0.1
>
> But all access to the 172.21.113.89 go to the load director!
This might be because ldirectord thinks the real-servers are down.
What is the output of ipvsadm -Ln after ldirectord starts up.
--
Horms
|
