|
On Tue, Feb 10, 2009 at 12:48:02PM +0000, Bruce Richardson wrote:
> On Tue, Feb 10, 2009 at 01:28:36PM +0100, Sebastian Vieira wrote:
> >
> > But yes, i agree, if you want to eliminate this 'lost' period the best way
> > would be to have ldirectord running on both nodes at all times. An argument
> > that i thought of "heartbeat makes sure ldirectord is running" is moot if
> > you have puppet handle the service state.
>
> Thinking further on this subject, I can see a good reason for NOT having
> the sync daemon fully replicate server state; it's entirely possible
> that different directors will not have the same view of the network if
> there is disruption (that is, one may be able to reach one set of real
> servers while another may see a slightly - or radically - different
> set). Synchonizing connection information is harmless in that scenario
> but forcing all the service tables to be in lockstep would be bad.
You can avoid this scenario by setting
/proc/sys/net/ipv4/vs/expire_nodest_conn to 1.
Although that would have the effect of dropping connections for
connections that receive connections before ldirectord has configured
the servce - which is probably not desirable in the case where
ldirectord is managed by linux-ha.
Thinking about this, I wonder if it would make sense to allow
ldirectord to change the value of expire_nodest_conn from 0 to 1
once it has checked each real-server once.
>From Documentation/networking/ipvs-sysctl.txt in the linux kernel tree:
expire_nodest_conn - BOOLEAN
0 - disabled (default)
not 0 - enabled
The default value is 0, the load balancer will silently drop
packets when its destination server is not available. It may
be useful, when user-space monitoring program deletes the
destination server (because of server overload or wrong
detection) and add back the server later, and the connections
to the server can continue.
If this feature is enabled, the load balancer will expire the
connection immediately when a packet arrives and its
destination server is not available, then the client program
will be notified that the connection is closed. This is
equivalent to the feature some people requires to flush
connections when its destination is not available.
--
Simon Horman
VA Linux Systems Japan K.K., Sydney, Australia Satellite Office
H: www.vergenet.net/~horms/ W: www.valinux.co.jp/en
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
