|
Recently I have begun exploring the use of LVS to provide HA Load balancers
for our internal middleware app layer. The real servers that I require load
balancing for are on the same network as the director, the clients and in
one extreme case, the same machine on different ports.
Currently I have a very simple implementation without the use of HA
capabilities via keepalived. The only way I could make it work was
outlined here:
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-NAT.html#one_networkwhich
instructs me to disable icmp forwarding on my director and set my one
and only route (default) on the real servers to the director. This doesn't
feel right. I believe I read correctly that if I need I can have individual
host routes to DBs, NFS, etc, is that correct? That is still kind of a
pain, but eases it somewhat..
Is there another, less restrictive way to make LVS-NAT on one network work
smoothly?
Versions, etc:
Director Kernel: 2.6.18-53.el5 #1 SMP
ipvs: IP Virtual Server version 1.2.1 (size=4096)
keepalived: 1.1.15
keepalive.cf:
global_defs {
notification_email {
me@xxxxxx
}
smtp_connect_timeout 30
! Must be unique for every director
lvs_id lvsdev01
}
! Setup virtual int
vrrp_instance vip_one {
state MASTER
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 51
priority 150
advert_int 1
smtp_alert
! For other server connections
!authentication {
! auth_type PASS
! auth_pass example
!}
! VIP.
virtual_ipaddress {
10.10.240.132 dev eth0
}
}
! Setup the virtual server for ipvs.
virtual_server 10.10.240.132 17000 {
delay_loop 6
! Weighted Least Connections
lb_algo wlc
! Servers will talk through me and I'll do the NATing.
lb_kind NAT
! Main protocol will be TCP
protocol TCP
persistence_timeout 0
! Suspend on failure
ha_suspend
! Real server
real_server 10.10.240.48 17000 {
weight 1
TCP_CHECK {
connect_timeout 3
connect_port 17000
}
}
real_server 10.10.240.48 17001 {
weight 1
TCP_CHECK {
connect_timeout 3
connect_port 17001
}
}
}
--
Benjamin Smith
http://www.just-another.net
|
