Re: Realserver failover problem using ssl and tomcat

["Jason Downing" <jasondowning@xxxxxxxxxxxxxxxx>]

I'm talking about existing connections. I'm pretty sure new connections are 
absolutely fine, but I will test this to make sure, thanks for reminding me. 
I am not using persistence (although I have tried it and results were the 
same).
I will try a 2.6 kernel and let you know the results. It will take me a 
while to do because my previous limited experience of changing kernels has 
always resulted in considerable head scratching....
I also have found out that there is a 60 second timeout in tomcat cluster to 
declare a node dead. I am currently checking to see how to change this to 2 
seconds.
Thanks very much, Jason


----- Original Message ----- 
From: "Horms" <horms@xxxxxxxxxxxx>
To: "Jason Downing" <jasondowning@xxxxxxxxxxxxxxxx>
Sent: Wednesday, June 28, 2006 4:15 PM
Subject: Re: Realserver failover problem using ssl and tomcat


> On Wed, Jun 28, 2006 at 02:35:56PM +1000, Jason Downing wrote:
> > Hi Horms,
> >
> > Thanks very much for your response. The timeout would be either
> > checktimeout or negotiatetimeout, at least there aren't any others on the
> > ldirectord man page. I have these set to 3 seconds each.
> >
> > Also I can see ldirectord (running in debug mode) issue the ipvsadm
> > commands to remove the realserver within 4 seconds of disconnecting it. 
> > But
> > then it takes another 40 seconds or so for ipvs to stop routing to it.
> >
> > Could you specify which timeout you are referring to? Are there any 
> > others
> > not listed on the man page? Do you have any other suggestions?
> Those timeouts sound right to me. I am very surprised that ipvs is
> taking that long to respond, and certainly that does not sound like a
> timeout issue (well not a TCP one anyway), but I guess if thats what the
> logs say, then thats what is happening. Is there any chance you could
> try a 2.6 kernel?
>
> ... I had another thought just now. Are you talking about new
> connections or existing connections. And are you using persistance?
>
> > Is this message the right width?
> Width is good, thanks.
>
> > If not I'll carriage return each line in
> > future. Also, since you answered my post, my original post has gone from
> > the list and been replaced with an edited one. The edited one is missing
> > the bottom part, which had my ldirectord.cf and some other stuff that's
> > missing from your reply. This is the link to the original post:
> >
> > http://marc.theaimsgroup.com/?l=linux-virtual-server&m=115145828021663&w=2
> >
> > If you reply to me as you did, should I reply to you as I am now or to
> > lvs-users@xxxxxxxxxxxxxxxxxxxxxx? Just to keep it in the thread etc.
> My preferenec is, in order:
>
> 1. Reply to all: that is send the message to me and
>   lvs-users@xxxxxxxxxxxxxxxxxxxxxxx Thats a common practice on many
>   mailing lists as it allows people to proritise mail
>   that is addressed to them, while also keeping the mail in
>   the archive and open.
>
> 2. Reply to lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>   That is more common practice on the lvs-users list,
>   though I have to confess that I sometimes don't read it for a while.
>
> 3. Reply to me (but its not a bit deal :)
>
> --
> Horms
> H: http://www.vergenet.net/~horms/          W: 
> http://www.valinux.co.jp/en/