[lvs-users] Directors, single point of failure

To: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: [lvs-users] Directors, single point of failure
From: Matthew Smart <msmart@xxxxxxxxxxxxxxxxxxxx>
Date: Mon, 29 Oct 2007 11:14:41 -0500
I have a production cluster running lvs-tun with realservers distributed 
geographically in order to provide high availability.  I have a director 
and a backup, but they exist on the same local network. Last week, there 
was a failure in the fiber line connecting my directors to the internet 
and the whole cluster went down as a result...

I am trying to eliminate single points of failure in my cluster. I have 
redundant fiber coming in, but that still leaves me with my directors 
being in the same physical location (and as such, vulnerable to natural 
disasters).  Is there literature available (in any form whatsoever), 
describing how to setup a system with multiple directors in different 
geographic locations? The ideal situation would be one in which the 
complete loss of a cluster location (including one or more directors) 
would have little to no effect on the operation of the cluster as a whole...

I thought about setting up rr dns to point to different directors, but 
was not sure if there would be issues with that approach, and am not 
sure what would happen if one of those directors went down... would half 
my requests get routed to a nonexistant director for the dns ttl period?

Anyway, thanks for any info you can point me to.

Matthew Smart
Smart Software Solutions Inc.
108 S Pierre St.
Pierre, SD 57501

Phone: (605) 280-0383
Skype: msmart13
Email: msmart@xxxxxxxxxxxxxxxxxxxx

Dan Yocum wrote:
> Graeme Fowler wrote:
>> On Mon, 2007-10-29 at 09:13 -0500, Dan Yocum wrote:
>>> It is possible to create a service certificate with a wildcard in the CN 
>>> string.
>> It is indeed; however please note that there are several browsers which
>> don't accept wildcards, particularly embedded browsers or those in
>> mobile devices. They'll either throw an error/warning, or just not work
>> at all.
> Ah, of course, you did specifically mention that.  It didn't sink in to 
> my little, full brain.
> Cheers,
> Dan

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

<Prev in Thread] Current Thread [Next in Thread>