LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: [lvs-users] Struggling understanding 443 actions.

from [Simon Horman] [Permanent Link]
To: Brent Clark <brentgclarklist@xxxxxxxxx>
Subject: Re: [lvs-users] Struggling understanding 443 actions.
Cc: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From: Simon Horman <horms@xxxxxxxxxxxx>
Date: Wed, 9 Sep 2009 09:04:56 +1000 
On Tue, Sep 08, 2009 at 01:43:02PM +0200, Brent Clark wrote:
> Hiya
> 
> Ive been struggling to understand this. With the addition of port 443, I see 
> it running with a weight limit of 0. The other question I would like to ask 
> is, why for port 80, does the localhost not display, but 443 it does?

Hi Brent,

I think that these are probably the same question. It looks like the health
checks on your 443 service are failing and the failback server
(127.0.0.1:443) is being activated.

To answer your questions:

1) The weight of zero for the real servers (x.x.x.x:443 x2) indicates
   that ldirectord things that they are inaccessible and has quiesced them.

2) The failback server (127.0.0.1) isn't present for the port 80 service
   because at least one of the real-servers (x.x.x.x:80) is active.
   That is ldirectord thinks that they are alive and has assigned them
   a non-zero weight.

   On the other hand, the failback server (127.0.0.1 is present for the 433
   because all of the real-servers  (x.x.x.x:443) are inactive. That is,
   ldirectord thinks that they are unavailable and quiesced them.

The problem is most likely that when ldirectord connects to x.x.x.x:443
using https and requests ldirectord.html the string "Test Page" does not
appear in the result returned. That or it can't connect at all.

You could try testing thing using the following on the ldirectord:
wget https://x.x.x.x:443/ldirectord.html -O -

Alternatively, you could run ldirectord in debug mode and inspect the logs.

ldirectord ldirectord.cf stop
ldirectord -d ldirectord.cf start

One config option that you may want to try is:

        virtualhost="my.site.blah"

e.g.

virtual=x.x.x.x:443
        real=x.x.x.x:443 gate
        real=x.x.x.x:443 gate
        fallback=127.0.0.1:443
        service=https
        request="ldirector.html"
        receive="Test Page"
        scheduler=rr
        protocol=tcp
        checktype=negotiate
        virtualhost="my.site.blah"


_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [lvs-users] LVS please help., Brent Clark
Next by Date:  Re: [lvs-users] ldirectord takes long time to add real servers, Simon Horman
Previous by Thread:  [lvs-users] Struggling understanding 443 actions., Brent Clark
Next by Thread:  [lvs-users] LVS please help., Brent Clark
Indexes:  [Date] [Thread] [Top] [All Lists]