|
I'm using CentOS 5.3, which includes Piranha/LVS as a package with
Cluster Suite.
I'm using the shiny piranha web-based config tool to build the lvs.cf
file.
I'm attempting a more or less simple setup, but the virtual server
doesn't accept connections
on the virtual service port. When I telnet into the virtual web port
on 80, I get a connection
refused. I get the feeling I'm missing something blindingly obvious.
Setup: Two redundant failover servers with an IP for the virtual
server floating between
them. One real web server on a private network behind the failover
servers. Pulse
running to handle director server failover. NAT networking on the
private network.
The redundant failover servers work; when one goes down, the other
takes over the
IPs for the virtual server and the NAT.
ifconfig on the active director server is shown at the end of this
message. eth0:1
is the virtual server interface, and eth1:1 is the NAT interface on
the private network.
the lvs.cf is shown at the end of the message. Two virtual services
are defined, one
for http and one for https. Firewall marks are 80 and 443 for each
virtual service.
the LVS routing table output:
[root@node1 sysconfig]# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
FWM 80 wlc
-> web1:0 Masq 1 0 0
FWM 443 wlc
So far as I can see the virtual 443 has no route to "web1", the real
server.
The web1:0 looks suspicous on virtual port 80. Web1 is the real server
host name.
When I telnet into port 80 on the virtual server I get this:
telnet 172.20.80.202 80
Trying 172.20.80.202...
telnet: connect to address 172.20.80.202: Connection refused
telnet: Unable to connect to remote host
the iptables in /etc/sysconfig has the ports open:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -
j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -
j ACCEPT
ifconfig output on the active director server:
eth0 Link encap:Ethernet HWaddr 00:11:43:59:37:1A
inet addr:172.20.81.52 Bcast:172.20.83.255 Mask:
255.255.252.0
inet6 addr: fe80::211:43ff:fe59:371a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:47610 errors:0 dropped:0 overruns:0 frame:0
TX packets:3145 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5465004 (5.2 MiB) TX bytes:378037 (369.1 KiB)
Interrupt:193
eth0:1 Link encap:Ethernet HWaddr 00:11:43:59:37:1A
inet addr:172.20.80.202 Bcast:172.20.83.255 Mask:
255.255.252.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:193
eth1 Link encap:Ethernet HWaddr 00:11:43:59:37:1B
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:
255.255.255.0
inet6 addr: fe80::211:43ff:fe59:371b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:13588 errors:0 dropped:0 overruns:0 frame:0
TX packets:16904 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6878658 (6.5 MiB) TX bytes:1279966 (1.2 MiB)
Interrupt:201
eth1:1 Link encap:Ethernet HWaddr 00:11:43:59:37:1B
inet addr:192.168.1.254 Bcast:192.168.1.255 Mask:
255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:201
lvs.cf contents:
serial_no = 59
primary = 172.20.81.52
primary_private = 192.168.1.1
service = lvs
backup_active = 1
backup = 172.20.83.17
backup_private = 192.168.1.2
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = nat
nat_router = 192.168.1.254 eth1:1
nat_nmask = 255.255.255.0
debug_level = NONE
monitor_links = 0
syncdaemon = 0
virtual https {
active = 1
address = 172.20.80.202 eth0:1
vip_nmask = 255.255.252.0
fwmark = 443
port = 443
send = "GET / HTTP/1.0\r\n\r\n"
expect = "HTTP"
use_regex = 0
load_monitor = none
scheduler = wlc
protocol = tcp
timeout = 6
reentry = 15
quiesce_server = 0
server web1 {
address = 192.168.1.3
active = 1
weight = 1
}
}
virtual http {
active = 1
address = 172.20.80.202 eth0:1
vip_nmask = 255.255.252.0
fwmark = 80
port = 80
send = "GET / HTTP/1.0\r\n\r\n"
expect = "HTTP"
use_regex = 0
load_monitor = none
scheduler = wlc
protocol = tcp
timeout = 6
reentry = 15
quiesce_server = 0
server web1 {
address = 192.168.1.3
active = 1
weight = 1
}
}
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
