Graeme,
Thanks a lot for your response. It helps me understand a bit more
about how LVS works.
So, as I mentioned in my first post, "The web servers are up and
running. I can download web pages successfully from them from my
desktop as well as directly from the
load balancer with netcat or similar." I just checked again and I can
download web pages from the real servers on port 80 with netcat or
telnet from the LVS machine. So we're all good there. Now I'm
wondering why nanny might have issues talking to the real servers on
80.
As for the bits about the configuration, yes. You are right. I just
verified the IP addresses in the configuration and the ones I am
testing with via netcat and telnet are the same.
I think the below items you mentioned are particularly beneficial for
me to understand how things work and what might be the matter:
> LVS doesn't listen. It's a router, not an application, so it has no
> "open ports" in the sense that a TCP listener would.
> nanny is a "client" application - it doesn't listen. The processes you
> saw were probably waiting for responses from your realservers.
With respect to the former, if nothing is listening on the load
balancer, maybe I am trying to use it the wrong way. On other load
balancers I have used, such as pen or BigIP, the load balancer is
actually listening and waiting for TCP connections, which it then
forwards on to the "balanced" nodes (real servers) on specified ports.
Basically, as far as PCs browsing the balanced sites know, that load
balancer *is* the web server. Does that make sense? So when I go to
test those load balancers to see if they work, I check to make sure
they are listening on the approriate port and try to connect to them
in the same way I would connect to a real server directly. Am I
supposed to be doing things differently with LVS?
Thanks again,
Mike
On 24/10/2009, Graeme Fowler <graeme@xxxxxxxxxxx> wrote:
> Hi
>
> On Fri, 2009-10-23 at 15:25 -0700, mojorising wrote:
>> When I try to access the web servers from my desktop via the load
>> balancer virtual IP, the connection times out. I get replies when
>> pining that IP and it shows up assigned to eth0:1 When I probe port
>> 8080 on that same virtual IP from my desktop, it looks like no
>> services listening on that port. netstat on the load balancer shows no
>> services are indeed listening on that port. iptables is stopped. The
>> configuration has been checked by me and a co-worker several times and
>> it looks right as far as we can tell. It defintely looks like LVS
>> should be listening on 8080.
>
> LVS doesn't listen. It's a router, not an application, so it has no
> "open ports" in the sense that a TCP listener would.
>
>> /varlog/messages says (public IP changed for privacy):
>> Oct 23 14:15:40 omsbuild nanny[25773]: READ to 65.39.129.xxx:80 timed out
>> Oct 23 14:15:47 omsbuild nanny[25772]: READ to 192.168.18.29:80 timed out
>> Oct 23 14:15:52 omsbuild nanny[25773]: READ to 65.39.129.xxx:80 timed out
>> Oct 23 14:15:59 omsbuild nanny[25772]: READ to 192.168.18.29:80 timed out
>
> OK - firstly, Piranha has its own mailing list over at RedHat and is not
> well known here, but let's have a look anyway...
>
>> I am also using piranha-gui but we tried starting nanny processes from
>> the command line (for the heck of it) and got the same results. When
>> we first checked, there were "extra" nanny processes listening on
>> different ports (from when I was testing different configurations on
>> the GUI -- they never stopped after I changed the configuration, for
>> some reason). It almost looks like the error messages from
>> /var/log/messages and the other symptoms I am seeing are from two
>> different problems but I'm not sure.
>
> nanny is a "client" application - it doesn't listen. The processes you
> saw were probably waiting for responses from your realservers.
>
>> Can you tell me why no services are listening on the ports they should
>> be listening on?
>
> See my first comment.
>
> So let's check the config:
>
>> serial_no = 74
>> primary = 192.168.3.28
>> service = lvs
>> backup = 0.0.0.0
>> heartbeat = 1
>> heartbeat_port = 539
>> keepalive = 6
>> deadtime = 18
>> network = direct
>> debug_level = NONE
>> virtual test1 {
>> active = 1
>> address = 192.168.0.69 eth0:1
>> vip_nmask = 255.255.248.0
>> port = 8080
>> expect = "HTTP"
>> use_regex = 0
>> load_monitor = none
>> scheduler = lc
>> protocol = tcp
>> timeout = 6
>> reentry = 15
>> quiesce_server = 0
>> server Speedy {
>> address = 192.168.18.29
>> active = 1
>> port = 80
>> weight = 1
>> }
>> server test1 {
>> address = 65.39.129.xxx
>> active = 1
>> port = 80
>> weight = 1
>> }
>
> So - your director has a management IP of 192.168.3.28, the VIP is
> 192.168.0.69:8080 and the realservers are 192.168.18.29:80 and
> 65.39.129.xxx:80, right? Using -DR (I assume that's what "network =
> direct" means) this all makes sense.
>
> However - if nanny is complaining that reads are timing out, then the
> director can't connect to the realservers on port 80. That's pretty
> fundamental.
>
> Can you telnet to port 80 on the realservers from the director?
>
> Graeme
>
>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|