LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

[lvs-users] lvs for https

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: [lvs-users] lvs for https
From: Mohammed Munazir Ul Hasan <mdmunazir@xxxxxxxxx>
Date: Wed, 4 Jul 2012 09:56:04 +0300
Dear All,

>From last 3 years we were using ipvsadm (piranha) on rhel 5 for HTTP on 3
real server for Loadbalance all http request to 3 servers. And it was
working fine.

My company now wants to run our website on SSL (https). So, i add ssl-pool
to lvs.cf file and restarted the pulse service. Below is the configuration
for the same.

serial_no = 71
primary = xxx.xxx.xxx
primary_private = 192.168.1.3
service = lvs
backup_active = 1
backup = xxx.xxx.xxx
backup_private = 192.168.1.4
heartbeat = 1
heartbeat_port = 539
keepalive = 2
deadtime = 18
network = nat
nat_nmask = 255.255.255.255
debug_level = NONE
monitor_links = 1
virtual Web {
     active = 1
     address = xxx.xxx.xxx eth0:1
     vip_nmask = 255.255.255.248
     port = 80
     send = "GET / HTTP/1.0\r\n\r\n"
     expect = "HTTP"
     load_monitor = none
     scheduler = wlc
     protocol = tcp
     persistent = 60
     timeout = 45
     reentry = 15
     quiesce_server = 0
     server app1 {
         address = 192.168.1.3
         active = 1
         weight = 1
     }
     server app2 {
         address = 192.168.1.4
         active = 1
         weight = 1
     }
     server app3 {
         address = 192.168.1.12
         active = 1
         weight = 1
     }
}

## SSL Configuration
virtual ssl-pool {
active = 1
address = xxx.xxx.xxx eth0:1
vip_nmask = 255.255.255.248
port = 443
load_monitor = none
scheduler = wlc
protocol = tcp
persistent = 60
pmask = 255.255.255.248
timeout = 6
reentry = 15
quiesce_server = 1
server app1 {
address = 192.168.1.3
active = 1
weight = 1
}
server app2 {
address = 192.168.1.4
active = 1
weight = 1
}
server app3 {
address = 192.168.1.12
active = 1
weight = 1
}
}


What i notice that when I am hitting to ssl page i.e.
https://mydomain.org.sa. All traffic is going to 1 real server. Its not
distributing load to other realservers. When I stop httpd service on that
server. Then traffic is moving other 1 server, but still no loadbalancing
(but for HTTP loadbalancing is happing very well).

All InActiveConn is very heavy this is happening only 1 hit to website
also.

Please help me to get out from this problem.

I am using Piranha version piranha-0.8.4-9.3.el5 64bit.

Thanks & Regards
Munazir
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>
  • [lvs-users] lvs for https, Mohammed Munazir Ul Hasan <=