RE: [Fwd: RE: [SSI-users] Re: Does anyone have HA-LVS, LVS-NAT, httpd]
Brought to you by:
brucewalker,
rogertsang
Menu
▾
▴
RE: [Fwd: RE: [SSI-users] Re: Does anyone have HA-LVS, LVS-NAT, httpd]
|
From: Martin G. <Mar...@tn...> - 2003-09-25 15:23:18
|
My cvip.conf was identical to the one found here: http://cvs.sourceforge.net/viewcvs.py/ssic-linux/openssi/docs/README.ipv s?rev=3D1.5&view=3Dauto (Except of course I put in my own virtual IP address.) No, I was not using keepalived. Can you connect directly to the http port of the real IP address of each machine? What does 'netstat -tln' show on each node? I assume that /proc/sys/net/ipv4/ip_forward is on. Martin -------------- Subject: RE: [SSI-users] Re: Does anyone have HA-LVS, LVS-NAT, httpd Date: 24 Sep 2003 15:21:46 -0400 I checked everything that you mentioned, and they are configured properly. There are two httpd trees, one for each node. The auth_digest module is commented out, there is the same message in each error_log: [Wed Sep 24 15:39:21 2003] [notice] Apache/2.0.40 (Red Hat Linux) configured -- resuming normal operations Would you be willing to share your cvip.conf? Also, are you using keepalived? -Bob On Wed, 2003-09-24 at 10:17, Martin Glass wrote: > Is there more than one httpd process spawned on the 2nd node? If you > check with 'ps axf' you should see both sets of httpd processes in two > separate trees (one for each node). >=20 > In my setup, this problem was caused by the auth_digest module not > getting the random bits from /dev/random that it needed. After > disabling auth_digest in httpd.conf, it was able to startup normally. (I > noticed this because the "Generating digest..." message in error_log > never had the accompanying "done".) >=20 > Martin >=20 > -----Original Message----- > From: Robert S. Baker [mailto:rs...@ba...]=20 > Sent: Tuesday, 23 September 2003 10:22 PM > To: Martin Glass > Subject: RE: [SSI-users] Re: Does anyone have HA-LVS, LVS-NAT, httpd >=20 >=20 > Martin, >=20 > I have reassembled the two node system in the below configuration, and > ipvsadm shows both nodes responding to port 80. >=20 > I did some snooping with tcpdump, and saw the http request arriving > on node 2. I also saw node 2 looking for the client address (arp) > unsuccessfully. >=20 > I tried enabling ip forwarding, masquerading, adding a default route to > node 2, all with no difference in behavior. >=20 > Are there any other configuration settings that you may have had to set? >=20 > perhaps in /etc/cvip.conf? >=20 >=20 > -Bob Baker >=20 > > What does 'ipvsadm' show? It should show http requests being able to > be > > directed to second node ? > > > > Basically, the sequence is something like this: > > 1) On all, start HA-LVS > > 2) On all, run setport_weight for port 80 (I have this combined with > > step 1, but I think it goes 2nd (maybe 1st)) > > 3) On all, start httpd. > > > > Check HA-LVS with 'ipvsadm' -- both nodes should be listed under port > > 80. > > > > Martin > > > > -----Original Message----- > > From: Robert S. Baker [mailto:rs...@ba...] > > Sent: Tuesday, 23 September 2003 1:16 PM > > To: Martin Glass > > Cc: ssic-linux-users > > Subject: RE: [SSI-users] Re: Does anyone have HA-LVS, LVS-NAT, httpd > > > > > > I saw your post on the 18th, and created /var/log/httpd and commented > > out the auth_digest_module line. Httpd was definitely running on both > > nodes, just no requests were getting to node2. > > > > I tried enabling forwarding and masquerading too, but without success. > > > > Do you remember having to do anything else? > > > > Perhaps I'll give it a try again... may have learned a thing or two by > > now... ;-) > > > > -Bob > > > > On Tue, 2003-09-23 at 14:29, Martin Glass wrote: > >> Bob, > >> This is the exact configuration I got working. It wasn't > difficult, > >> but the problem with the 2nd node not responding to requests is > > because > >> of two things: > >> > >> 1) /var/log/httpd/ needs to exist on it > >> 2) auth_digest_module must be commented out: > >> #LoadModule auth_digest_module modules/mod_auth_digest.so > >> This seems to be a problem with /dev/random > >> > >> I posted a few more details than this to this list on the 18th Sep. > >> > >> Martin > >> > >> -----Original Message----- > >> From: Robert S. Baker [mailto:rs...@ba...] > >> Sent: Tuesday, 23 September 2003 12:15 PM > >> To: Bruce Walker > >> Cc: Aneesh Kumar; ssic-linux-users > >> Subject: Re: [SSI-users] Re: Does anyone have HA-LVS, LVS-NAT, httpd > >> > >> > >> That is the configuration I started out with... without success. > >> > >> It was a 2 node cluster. > >> > >> The redirector/node1 had two nics. One on the public net and one on > > the > >> private interconnect. > >> > >> Node2 had one nic on the private interconnect. > >> > >> Clients connected on the public net. > >> > >> > >> As the client made http requests, every other request was answered. > >> Based on the httpd logs, node 2 never received a request. > >> > >> Now, it is always possible I missed something... but... > >> > >> that is why I changed the configuration at Aneesh's suggestion. > >> > >> -Bob Baker > >> > >> > >> On Tue, 2003-09-23 at 13:58, Bruce Walker wrote: > >> > Glad to hear it working now. I don't believe it is necessary to > put > >> all the > >> > client nodes on the same network as the nodes in the cluster. The > >> typical configuration we use is: > >> > a. clients have a public IP address on subnet A; > >> > b. LVS redirector nodes in the cluster also have an interface on > >> subnet A; > >> > c. LVS redirecotr nodes, and all other nodes in the openSSI cluster > >> have > >> > interfaces on a private network which would have private IP > >> addresses and > >> > thus not be on subnet A. > >> > > >> > Of course if you don't have nodes with 2 interfaces then you have > to > >> put > >> > everyone on the same subnet. > >> > > >> > bruce > >> > > >> > > I put all the nodes on the same net as the client, and it worked > >> like a > >> > > charm. The http requests balanced over both nodes. When one node > >> was > >> > > taken offline, the requests continued to be serviced by the > >> remaining > >> > > node without difficulty. When node2 returned to service it > > started > >> to > >> > > pick up its share of requests also. > >> > > > >> > > Thanks Aneesh and Martin for your help. > >> > > > >> > > -Bob Baker > >> > > > >> > > On Thu, 2003-09-18 at 14:16, Aneesh Kumar wrote: > >> > > > openSSI ha-lvs uses LVS/DR method for redirecting the > >> > > > connection. Any limitation of LVS/DR is applicable to > >> > > > LVS. I guess what you are trying to configure was > >> > > > > >> > > > http://www.linuxvirtualserver.org/VS-NAT.html > >> > > > > >> > > > I would say try the below topology > >> > > > > >> > > > http://www.linuxvirtualserver.org/VS-DRouting.html > >> > > > > >> > > > -aneesh > >> > > > > >> > > > > >> > > > ________________________________________________________________________ > >> > > > Want to chat instantly with your online friends? Get the FREE > >> Yahoo! > >> > > > Messenger http://mail.messenger.yahoo.co.uk > >> > > -- > >> > > Robert S. Baker <rs...@ba...> > >> > > > >> > > > >> > > > >> > > ------------------------------------------------------- > >> > > This sf.net email is sponsored by:ThinkGeek > >> > > Welcome to geek heaven. > >> > > http://thinkgeek.com/sf > >> > > _______________________________________________ > >> > > Ssic-linux-users mailing list > >> > > Ssi...@li... > >> > > https://lists.sourceforge.net/lists/listinfo/ssic-linux-users > >> > > >> > > >> > > >> > ------------------------------------------------------- > >> > This sf.net email is sponsored by:ThinkGeek > >> > Welcome to geek heaven. > >> > http://thinkgeek.com/sf > >> > _______________________________________________ > >> > Ssic-linux-users mailing list > >> > Ssi...@li... > >> > https://lists.sourceforge.net/lists/listinfo/ssic-linux-users > > -- > > Robert S. Baker <rs...@ba...> --=20 Robert S. Baker <rs...@ba...> --=20 Robert S. Baker <rs...@ba...> ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Ssic-linux-users mailing list Ssi...@li... https://lists.sourceforge.net/lists/listinfo/ssic-linux-users |