Gerry
On Thu, 2007-08-02 at 14:49 -0400, Gerry Reno wrote:
> I would like to know how to make LVS reliable even when taking servers
> down for maintenance.
I think you need to back up a bit and take stock.
Firstly, keepalived is not LVS. It's a combined VRRP implementation,
healthcheck subsystem and comprehensive LVS configuration system. It has
its' own mailing list, the details of which you'll find at
http://www.keepalived.org/ - several of your questions have wider remit
than just LVS and although the two lists overlap, the union of the two
areas is not completely inclusive of both.
I think you need to understand a bit about L2 networks before proceeding
(and pardon me if you do already). When you restart keepalived and it
becomes MASTER for a given vrrp_instance, it will send gratuitous ARP
packets out on the local LAN which say, in effect, "$VIP has MAC address
so-and-so". Any systems listening which honour GARP will flush their ARP
cache and put the relevant MAC/IP pair in there.
If you stop the master, the backup *should* transition to MASTER state
and send out GARPs for $VIP. The same thing should happen.
In your case, this does not appear to be true. Do you have the same
firewall rules in place on both master and backup directors? Does the
backup make the transition properly (see the logs)? In the state where
the master is down and backup is MASTER (IYSWIM), can you see traffic on
the external interface on the backup? What does your router's ARP cache
contain at that moment?
For now, that'll do. We'll move onto LVS when you have keepalived/VRRP
behaving as you want it to.
Graeme
|