From khapare77 at gmail.com Wed Jan 18 13:52:23 2012 From: khapare77 at gmail.com (Khapare Joshi) Date: Wed, 18 Jan 2012 13:52:23 +0000 Subject: LVS backup router not taking role Message-ID: Hi, all, first time poster. I recently deployed lvs (primary and backup) with piranh and ran into few issues. I turned off the primary lvs to see backup lvs will take over. However it does not take over right a way seem require restart pulse. How does this fail over works if primary goes down ? should not this be happen right a way if primary lvs goes down ? And I have four real server- and it sees if one goes down whole system is unavailable (httpd service). Then I restart pulse and get the httpd service. I do not think this is right. could be please guide me in right direction to make reliable. PS: I use direct routing and have net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2 in /etc/sysctl.conf sorry for too many question. Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: From rrajaram at redhat.com Wed Jan 18 13:59:55 2012 From: rrajaram at redhat.com (Ranjith Rajaram) Date: Wed, 18 Jan 2012 19:29:55 +0530 Subject: LVS backup router not taking role In-Reply-To: References: Message-ID: <4F16D05B.5070403@redhat.com> On 01/18/2012 07:22 PM, Khapare Joshi wrote: > Hi, all, > > first time poster. I recently deployed lvs (primary and backup) with > piranh and ran into few issues. I turned off the primary lvs to see > backup lvs will take over. However it does not take over right a way > seem require restart pulse. How does this fail over works if primary > goes down ? should not this be happen right a way if primary lvs goes > down ? If primary goes, secondary has to take it over It depends on deadtime deadtime = n Length of time before a node is declared dead and IP takeover occurs. lvs.cf needs to be checked together with system configuration. Look at /var/log/messages > > And I have four real server- and it sees if one goes down whole system > is unavailable (httpd service). Then I restart pulse and get the > httpd service. I do not think this is right. could be please guide me > in right direction to make reliable. > Do you have separate boxes for LVS directors and real server's ? [Are you running pulse on any of the two real server's ?] check the output of ipvsadm -L -n from the active lvs server [paste it here] > PS: I use direct routing and have > > net.ipv4.conf.lo.arp_ignore = 1 > net.ipv4.conf.lo.arp_announce = 2 > > in /etc/sysctl.conf > > sorry for too many question. > > Thanks > > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list -------------- next part -------------- An HTML attachment was scrubbed... URL: From khapare77 at gmail.com Wed Jan 18 15:58:56 2012 From: khapare77 at gmail.com (Khapare Joshi) Date: Wed, 18 Jan 2012 15:58:56 +0000 Subject: LVS backup router not taking role In-Reply-To: <4F16D05B.5070403@redhat.com> References: <4F16D05B.5070403@redhat.com> Message-ID: On Wed, Jan 18, 2012 at 1:59 PM, Ranjith Rajaram wrote: > ** > > > On 01/18/2012 07:22 PM, Khapare Joshi wrote: > > Hi, all, > > first time poster. I recently deployed lvs (primary and backup) with > piranh and ran into few issues. I turned off the primary lvs to see backup > lvs will take over. However it does not take over right a way seem require > restart pulse. How does this fail over works if primary goes down ? should > not this be happen right a way if primary lvs goes down ? > > If primary goes, secondary has to take it over > > It depends on deadtime > > deadtime = n > Length of time before a node is declared dead and IP > takeover occurs. > > lvs.cf needs to be checked together with system configuration. Look at > /var/log/messages > > > > I configured these parameter as this : > Heartbeat interval (seconds): Assume dead after (seconds): Heartbeat runs on port: Monitor NIC links for failures: Syncdaemon: and copied lvs.cf to redudant server as well. > > > And I have four real server- and it sees if one goes down whole system is > unavailable (httpd service). Then I restart pulse and get the httpd > service. I do not think this is right. could be please guide me in right > direction to make reliable. > > > Do you have separate boxes for LVS directors and real server's ? [Are you > running pulse on any of the two real server's ?] > I have two servers for lvs i.e lvs1 lvs2 and configured using piranha tool. I started pulse on these two machines. Rest of other four server I only started httpd not the pulse > > check the output of ipvsadm -L -n from the active lvs server [paste it > here] > > > PS: I use direct routing and have > > net.ipv4.conf.lo.arp_ignore = 1 > net.ipv4.conf.lo.arp_announce = 2 > > in /etc/sysctl.conf > > sorry for too many question. > > Thanks > > > _______________________________________________ > Piranha-list mailing listPiranha-list at redhat.comhttps://www.redhat.com/mailman/listinfo/piranha-list > > > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: From tapan.thapa2000 at gmail.com Wed Jan 18 16:16:38 2012 From: tapan.thapa2000 at gmail.com (Tapan Kumar Thapa) Date: Wed, 18 Jan 2012 21:46:38 +0530 Subject: LVS backup router not taking role In-Reply-To: References: <4F16D05B.5070403@redhat.com> Message-ID: Can you please post your complete lvs.cfg? Sent from my iPhone Regards Tapan Kumar Thapa Manager-Tech Support HT Mobile Solutions Limited Mob-919871701375 On Jan 18, 2012, at 9:28 PM, Khapare Joshi wrote: > > > On Wed, Jan 18, 2012 at 1:59 PM, Ranjith Rajaram wrote: > > > On 01/18/2012 07:22 PM, Khapare Joshi wrote: >> >> Hi, all, >> >> first time poster. I recently deployed lvs (primary and backup) with piranh and ran into few issues. I turned off the primary lvs to see backup lvs will take over. However it does not take over right a way seem require restart pulse. How does this fail over works if primary goes down ? should not this be happen right a way if primary lvs goes down ? > If primary goes, secondary has to take it over > > It depends on deadtime > > deadtime = n > Length of time before a node is declared dead and IP takeover occurs. > > lvs.cf needs to be checked together with system configuration. Look at /var/log/messages > > > > I configured these parameter as this : > Heartbeat interval (seconds): > Assume dead after (seconds): > Heartbeat runs on port: > Monitor NIC links for failures: > Syncdaemon: > > and copied lvs.cf to redudant server as well. > >> >> And I have four real server- and it sees if one goes down whole system is unavailable (httpd service). Then I restart pulse and get the httpd service. I do not think this is right. could be please guide me in right direction to make reliable. >> > > Do you have separate boxes for LVS directors and real server's ? [Are you running pulse on any of the two real server's ?] > > I have two servers for lvs i.e lvs1 lvs2 and configured using piranha tool. I started pulse on these two machines. Rest of other four server I only started httpd not the pulse > > check the output of ipvsadm -L -n from the active lvs server [paste it here] > > >> PS: I use direct routing and have >> >> net.ipv4.conf.lo.arp_ignore = 1 >> net.ipv4.conf.lo.arp_announce = 2 >> >> in /etc/sysctl.conf >> >> sorry for too many question. >> >> Thanks >> >> _______________________________________________ >> Piranha-list mailing list >> Piranha-list at redhat.com >> https://www.redhat.com/mailman/listinfo/piranha-list > > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list -------------- next part -------------- An HTML attachment was scrubbed... URL: From khapare77 at gmail.com Thu Jan 19 15:53:01 2012 From: khapare77 at gmail.com (Khapare Joshi) Date: Thu, 19 Jan 2012 15:53:01 +0000 Subject: LVS backup router not taking role In-Reply-To: <4F16D05B.5070403@redhat.com> References: <4F16D05B.5070403@redhat.com> Message-ID: Hi After playing around and re-install the test environment fail over seems working i.e backup server takes over. But new problem is I configured two read server to host the web service, which seem working for a while then after a while my active lvs router is only point to me one Real server. Then I restart pulse again and seem to to be working again for some time. what is causing this problem hereis my ipvsadm -L -n [roottest]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.1.1:80 wlc -> 192.168.1.2:80 Route 1 0 15 -> 192.168.1.3:80 Route 1 0 15 K On Wed, Jan 18, 2012 at 1:59 PM, Ranjith Rajaram wrote: > ** > > > On 01/18/2012 07:22 PM, Khapare Joshi wrote: > > Hi, all, > > first time poster. I recently deployed lvs (primary and backup) with > piranh and ran into few issues. I turned off the primary lvs to see backup > lvs will take over. However it does not take over right a way seem require > restart pulse. How does this fail over works if primary goes down ? should > not this be happen right a way if primary lvs goes down ? > > If primary goes, secondary has to take it over > > It depends on deadtime > > deadtime = n > Length of time before a node is declared dead and IP > takeover occurs. > > lvs.cf needs to be checked together with system configuration. Look at > /var/log/messages > > > > > > > And I have four real server- and it sees if one goes down whole system is > unavailable (httpd service). Then I restart pulse and get the httpd > service. I do not think this is right. could be please guide me in right > direction to make reliable. > > > Do you have separate boxes for LVS directors and real server's ? [Are you > running pulse on any of the two real server's ?] > > check the output of ipvsadm -L -n from the active lvs server [paste it > here] > > > PS: I use direct routing and have > > net.ipv4.conf.lo.arp_ignore = 1 > net.ipv4.conf.lo.arp_announce = 2 > > in /etc/sysctl.conf > > sorry for too many question. > > Thanks > > > _______________________________________________ > Piranha-list mailing listPiranha-list at redhat.comhttps://www.redhat.com/mailman/listinfo/piranha-list > > > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rrajaram at redhat.com Fri Jan 20 03:20:01 2012 From: rrajaram at redhat.com (Ranjith Rajaram) Date: Fri, 20 Jan 2012 08:50:01 +0530 Subject: LVS backup router not taking role In-Reply-To: References: <4F16D05B.5070403@redhat.com> Message-ID: <4F18DD61.3080208@redhat.com> Hello Joshi On 01/19/2012 09:23 PM, Khapare Joshi wrote: > fter a while my active lvs router is only point to me one Real server. > Then I restart pulse again and seem to to be working again for some > time. what is causing this problem Do you see any messages related with the second real server in the log's ? Does ipvsadm -L -n, list the second real server at this time ? . Was the previous command output taken at the time of the issue ? You have chosen "WLC", looking at the output of ipvsadm -L -n at the time of the issue is important You dont seem to have enabled persistence -- Ranjith Rajaram RHCA, RHCDS Team Lead,Technical Account Manager, Global Support Services. */"Developing Software is humane but supporting them is divine"/* From khapare77 at gmail.com Fri Jan 20 13:31:25 2012 From: khapare77 at gmail.com (Khapare Joshi) Date: Fri, 20 Jan 2012 13:31:25 +0000 Subject: LVS backup router not taking role In-Reply-To: <4F18DD61.3080208@redhat.com> References: <4F16D05B.5070403@redhat.com> <4F18DD61.3080208@redhat.com> Message-ID: Hi Thanks for your post. On Fri, Jan 20, 2012 at 3:20 AM, Ranjith Rajaram wrote: > Hello Joshi > > > On 01/19/2012 09:23 PM, Khapare Joshi wrote: > >> fter a while my active lvs router is only point to me one Real server. >> Then I restart pulse again and seem to to be working again for some time. >> what is causing this problem >> > Do you see any messages related with the second real server in the log's ? > > Does ipvsadm -L -n, list the second real server at this time ? . Was the > previous command output taken at the time of the issue ? > > [root at test ~]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.1.1:80 wlc (this is the virtual ip) -> 192.168.1.2:80 Route 1 0 0 1st real server -> 192.168.1.3:80 Route 1 0 0 2nd real server yes it does list the second real server > You have chosen "WLC", looking at the output of ipvsadm -L -n at the time > of the issue is important > > You dont seem to have enabled persistence > > > I just want the load balancer to do which server it sends the request. > > -- > Ranjith Rajaram > RHCA, RHCDS > Team Lead,Technical Account Manager, > Global Support Services. > > */"Developing Software is humane but supporting them is divine"/* > > ______________________________**_________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/**mailman/listinfo/piranha-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rohara at redhat.com Fri Jan 20 17:49:42 2012 From: rohara at redhat.com (Ryan O'Hara) Date: Fri, 20 Jan 2012 12:49:42 -0500 (EST) Subject: Announcement: Piranha being retired in Fedora 17 In-Reply-To: Message-ID: <16b5db1d-11fd-495d-b281-9186254c622e@zmail10.collab.prod.int.phx2.redhat.com> The time has come to retire the piranha package from Fedora. This will take effect in Fedora 17. Piranha is an old project, and is currently lacking in features that can be found in other open source load balancers. Users of piranha are encouraged to look at other solutions, such as keepalived. Ryan From khapare77 at gmail.com Sat Jan 21 08:46:45 2012 From: khapare77 at gmail.com (Khapare Joshi) Date: Sat, 21 Jan 2012 08:46:45 +0000 Subject: LVS backup router not taking role In-Reply-To: References: <4F16D05B.5070403@redhat.com> <4F18DD61.3080208@redhat.com> Message-ID: hi again Here are my lvs.cf, ipvsadm -L -n output and ip forward IP forward enabled : cat /proc/sys/net/ipv4/ip_forward 1 ipvsadm output : IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.1.3:80 wlc -> 192.168.1.4:80 Route 1 0 0 -> 192.168.1.5:80 Route 1 0 0 All my servers are virtual host and they are in same subnet. My Problem: the load balancing works for a while and after some time i only get response from one REAL server. Any help, suggestion in this regard would be appericiated. Khapare -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: lvs.cf Type: application/octet-stream Size: 2262 bytes Desc: not available URL: From khapare77 at gmail.com Sat Jan 21 08:55:43 2012 From: khapare77 at gmail.com (Khapare Joshi) Date: Sat, 21 Jan 2012 08:55:43 +0000 Subject: LVS backup router not taking role In-Reply-To: References: <4F16D05B.5070403@redhat.com> Message-ID: hi tapan Here are is my lvs.cf file IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.1.3:80 wlc -> 192.168.1.4:80 Route 1 0 0 -> 192.168.1.5:80 Route 1 0 0 and I have ip forward enabled on my active router. I also allowed firewall from lvs router to real server and vice versa. I am using direct routing and added line in arptable in REAL server as : # Generated by arptables-save v0.0.8 on Fri Jan 20 20:23:23 2012 *filter :IN ACCEPT [504508:14126224] :OUT ACCEPT [237:6636] :FORWARD ACCEPT [0:0] [346:9688] -A IN -d 130.208.165.193 -j DROP [0:0] -A OUT -d 192.168.1.3 -o eth0 -j mangle --mangle-ip-s 192.16.1.4 COMMIT # Completed on Fri Jan 20 20:23:23 2012 It seems it works for a while then after certain while I only get response from one real server. There seem somewhere I am doing wrong Khapare where else could be the issue ? K On Wed, Jan 18, 2012 at 4:16 PM, Tapan Kumar Thapa < tapan.thapa2000 at gmail.com> wrote: > Can you please post your complete lvs.cfg? > > Sent from my iPhone > > Regards > Tapan Kumar Thapa > Manager-Tech Support > HT Mobile Solutions Limited > Mob-919871701375 > > On Jan 18, 2012, at 9:28 PM, Khapare Joshi wrote: > > > > On Wed, Jan 18, 2012 at 1:59 PM, Ranjith Rajaram < > rrajaram at redhat.com> wrote: > >> ** >> >> >> On 01/18/2012 07:22 PM, Khapare Joshi wrote: >> >> Hi, all, >> >> first time poster. I recently deployed lvs (primary and backup) with >> piranh and ran into few issues. I turned off the primary lvs to see backup >> lvs will take over. However it does not take over right a way seem require >> restart pulse. How does this fail over works if primary goes down ? should >> not this be happen right a way if primary lvs goes down ? >> >> If primary goes, secondary has to take it over >> >> It depends on deadtime >> >> deadtime = n >> Length of time before a node is declared dead and IP >> takeover occurs. >> >> lvs.cf needs to be checked together with system configuration. Look at >> /var/log/messages >> >> >> >> I configured these parameter as this : >> > Heartbeat interval (seconds): Assume dead after (seconds): Heartbeat > runs on port: Monitor NIC links for failures: Syncdaemon: > and copied lvs.cf to redudant server as well. > >> >> >> And I have four real server- and it sees if one goes down whole system is >> unavailable (httpd service). Then I restart pulse and get the httpd >> service. I do not think this is right. could be please guide me in right >> direction to make reliable. >> >> >> Do you have separate boxes for LVS directors and real server's ? [Are you >> running pulse on any of the two real server's ?] >> > > I have two servers for lvs i.e lvs1 lvs2 and configured using piranha > tool. I started pulse on these two machines. Rest of other four server I > only started httpd not the pulse > >> >> check the output of ipvsadm -L -n from the active lvs server [paste it >> here] >> >> >> PS: I use direct routing and have >> >> net.ipv4.conf.lo.arp_ignore = 1 >> net.ipv4.conf.lo.arp_announce = 2 >> >> in /etc/sysctl.conf >> >> sorry for too many question. >> >> Thanks >> >> >> _______________________________________________ >> Piranha-list mailing list Piranha-list at redhat.com https://www.redhat.com/mailman/listinfo/piranha-list >> >> >> >> _______________________________________________ >> Piranha-list mailing list >> Piranha-list at redhat.com >> >> https://www.redhat.com/mailman/listinfo/piranha-list >> > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list > > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: lvs.cf Type: application/octet-stream Size: 2262 bytes Desc: not available URL: From tapan.thapa2000 at gmail.com Sat Jan 21 12:28:04 2012 From: tapan.thapa2000 at gmail.com (Tapan Kumar Thapa) Date: Sat, 21 Jan 2012 17:58:04 +0530 Subject: LVS backup router not taking role In-Reply-To: References: <4F16D05B.5070403@redhat.com> Message-ID: Can you please ensure that both active and backup router is having no firewall issue in-between? Sent from my iPhone Regards Tapan Kumar Thapa Manager-Tech Support HT Mobile Solutions Limited Mob-919871701375 On Jan 21, 2012, at 2:25 PM, Khapare Joshi wrote: > hi tapan > > Here are is my lvs.cf file > > IP Virtual Server version 1.2.1 (size=4096) > Prot LocalAddress:Port Scheduler Flags > -> RemoteAddress:Port Forward Weight ActiveConn InActConn > TCP 192.168.1.3:80 wlc > -> 192.168.1.4:80 Route 1 0 0 > -> 192.168.1.5:80 Route 1 0 0 > > and I have ip forward enabled on my active router. I also allowed firewall from lvs router to real server and vice versa. I am using direct routing and added line in arptable in REAL server as : > > # Generated by arptables-save v0.0.8 on Fri Jan 20 20:23:23 2012 > *filter > :IN ACCEPT [504508:14126224] > :OUT ACCEPT [237:6636] > :FORWARD ACCEPT [0:0] > [346:9688] -A IN -d 130.208.165.193 -j DROP > [0:0] -A OUT -d 192.168.1.3 -o eth0 -j mangle --mangle-ip-s 192.16.1.4 > COMMIT > # Completed on Fri Jan 20 20:23:23 2012 > > > It seems it works for a while then after certain while I only get response from one real server. There seem somewhere I am doing wrong > > Khapare > > > > > where else could be the issue ? > > K > > On Wed, Jan 18, 2012 at 4:16 PM, Tapan Kumar Thapa wrote: > Can you please post your complete lvs.cfg? > > Sent from my iPhone > > Regards > Tapan Kumar Thapa > Manager-Tech Support > HT Mobile Solutions Limited > Mob-919871701375 > > On Jan 18, 2012, at 9:28 PM, Khapare Joshi wrote: > >> >> >> On Wed, Jan 18, 2012 at 1:59 PM, Ranjith Rajaram wrote: >> >> >> On 01/18/2012 07:22 PM, Khapare Joshi wrote: >>> >>> Hi, all, >>> >>> first time poster. I recently deployed lvs (primary and backup) with piranh and ran into few issues. I turned off the primary lvs to see backup lvs will take over. However it does not take over right a way seem require restart pulse. How does this fail over works if primary goes down ? should not this be happen right a way if primary lvs goes down ? >> If primary goes, secondary has to take it over >> >> It depends on deadtime >> >> deadtime = n >> Length of time before a node is declared dead and IP takeover occurs. >> >> lvs.cf needs to be checked together with system configuration. Look at /var/log/messages >> >> >> >> I configured these parameter as this : >> Heartbeat interval (seconds): >> Assume dead after (seconds): >> Heartbeat runs on port: >> Monitor NIC links for failures: >> Syncdaemon: >> >> and copied lvs.cf to redudant server as well. >> >>> >>> And I have four real server- and it sees if one goes down whole system is unavailable (httpd service). Then I restart pulse and get the httpd service. I do not think this is right. could be please guide me in right direction to make reliable. >>> >> >> Do you have separate boxes for LVS directors and real server's ? [Are you running pulse on any of the two real server's ?] >> >> I have two servers for lvs i.e lvs1 lvs2 and configured using piranha tool. I started pulse on these two machines. Rest of other four server I only started httpd not the pulse >> >> check the output of ipvsadm -L -n from the active lvs server [paste it here] >> >> >>> PS: I use direct routing and have >>> >>> net.ipv4.conf.lo.arp_ignore = 1 >>> net.ipv4.conf.lo.arp_announce = 2 >>> >>> in /etc/sysctl.conf >>> >>> sorry for too many question. >>> >>> Thanks >>> >>> _______________________________________________ >>> Piranha-list mailing list >>> Piranha-list at redhat.com >>> https://www.redhat.com/mailman/listinfo/piranha-list >> >> >> _______________________________________________ >> Piranha-list mailing list >> Piranha-list at redhat.com >> https://www.redhat.com/mailman/listinfo/piranha-list >> >> _______________________________________________ >> Piranha-list mailing list >> Piranha-list at redhat.com >> https://www.redhat.com/mailman/listinfo/piranha-list > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list > > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list -------------- next part -------------- An HTML attachment was scrubbed... URL: From khapare77 at gmail.com Sat Jan 21 13:10:24 2012 From: khapare77 at gmail.com (Khapare Joshi) Date: Sat, 21 Jan 2012 13:10:24 +0000 Subject: LVS backup router not taking role In-Reply-To: References: <4F16D05B.5070403@redhat.com> Message-ID: HI tapan, there are no firewall issue, to reduce the firewall problem - i truned off the firewall off on all the four machine. I am still thinking what could be the issue. how do i increase the log level for pulse ? K On Sat, Jan 21, 2012 at 12:28 PM, Tapan Kumar Thapa < tapan.thapa2000 at gmail.com> wrote: > Can you please ensure that both active and backup router is having no > firewall issue in-between? > > > Sent from my iPhone > > Regards > Tapan Kumar Thapa > Manager-Tech Support > HT Mobile Solutions Limited > Mob-919871701375 > > On Jan 21, 2012, at 2:25 PM, Khapare Joshi wrote: > > hi tapan > > Here are is my lvs.cf file > > IP Virtual Server version 1.2.1 (size=4096) > Prot LocalAddress:Port Scheduler Flags > -> RemoteAddress:Port Forward Weight ActiveConn InActConn > TCP 192.168.1.3:80 wlc > -> 192.168.1.4:80 Route 1 0 0 > -> 192.168.1.5:80 Route 1 0 0 > > and I have ip forward enabled on my active router. I also allowed firewall > from lvs router to real server and vice versa. I am using direct routing > and added line in arptable in REAL server as : > > # Generated by arptables-save v0.0.8 on Fri Jan 20 20:23:23 2012 > *filter > :IN ACCEPT [504508:14126224] > :OUT ACCEPT [237:6636] > :FORWARD ACCEPT [0:0] > [346:9688] -A IN -d 130.208.165.193 -j DROP > [0:0] -A OUT -d 192.168.1.3 -o eth0 -j mangle --mangle-ip-s 192.16.1.4 > COMMIT > # Completed on Fri Jan 20 20:23:23 2012 > > > It seems it works for a while then after certain while I only get response > from one real server. There seem somewhere I am doing wrong > > Khapare > > > > > where else could be the issue ? > > K > > On Wed, Jan 18, 2012 at 4:16 PM, Tapan Kumar Thapa < > tapan.thapa2000 at gmail.com> wrote: > >> Can you please post your complete lvs.cfg? >> >> Sent from my iPhone >> >> Regards >> Tapan Kumar Thapa >> Manager-Tech Support >> HT Mobile Solutions Limited >> Mob-919871701375 >> >> On Jan 18, 2012, at 9:28 PM, Khapare Joshi < >> khapare77 at gmail.com> wrote: >> >> >> >> On Wed, Jan 18, 2012 at 1:59 PM, Ranjith Rajaram < >> rrajaram at redhat.com> wrote: >> >>> ** >>> >>> >>> On 01/18/2012 07:22 PM, Khapare Joshi wrote: >>> >>> Hi, all, >>> >>> first time poster. I recently deployed lvs (primary and backup) with >>> piranh and ran into few issues. I turned off the primary lvs to see backup >>> lvs will take over. However it does not take over right a way seem require >>> restart pulse. How does this fail over works if primary goes down ? should >>> not this be happen right a way if primary lvs goes down ? >>> >>> If primary goes, secondary has to take it over >>> >>> It depends on deadtime >>> >>> deadtime = n >>> Length of time before a node is declared dead and IP >>> takeover occurs. >>> >>> lvs.cf needs to be checked together with system configuration. Look at >>> /var/log/messages >>> >>> >>> >>> I configured these parameter as this : >>> >> Heartbeat interval (seconds): Assume dead after (seconds): Heartbeat >> runs on port: Monitor NIC links for failures: Syncdaemon: >> and copied lvs.cf to redudant server as well. >> >>> >>> >>> And I have four real server- and it sees if one goes down whole system >>> is unavailable (httpd service). Then I restart pulse and get the httpd >>> service. I do not think this is right. could be please guide me in right >>> direction to make reliable. >>> >>> >>> Do you have separate boxes for LVS directors and real server's ? [Are >>> you running pulse on any of the two real server's ?] >>> >> >> I have two servers for lvs i.e lvs1 lvs2 and configured using piranha >> tool. I started pulse on these two machines. Rest of other four server I >> only started httpd not the pulse >> >>> >>> check the output of ipvsadm -L -n from the active lvs server [paste it >>> here] >>> >>> >>> PS: I use direct routing and have >>> >>> net.ipv4.conf.lo.arp_ignore = 1 >>> net.ipv4.conf.lo.arp_announce = 2 >>> >>> in /etc/sysctl.conf >>> >>> sorry for too many question. >>> >>> Thanks >>> >>> >>> _______________________________________________ >>> Piranha-list mailing list Piranha-list at redhat.com https://www.redhat.com/mailman/listinfo/piranha-list >>> >>> >>> >>> _______________________________________________ >>> Piranha-list mailing list >>> >>> Piranha-list at redhat.com >>> >>> https://www.redhat.com/mailman/listinfo/piranha-list >>> >> >> _______________________________________________ >> Piranha-list mailing list >> Piranha-list at redhat.com >> >> https://www.redhat.com/mailman/listinfo/piranha-list >> >> >> _______________________________________________ >> Piranha-list mailing list >> Piranha-list at redhat.com >> >> https://www.redhat.com/mailman/listinfo/piranha-list >> > > > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list > > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: From khapare77 at gmail.com Tue Jan 24 19:58:34 2012 From: khapare77 at gmail.com (Khapare Joshi) Date: Tue, 24 Jan 2012 19:58:34 +0000 Subject: http and https redirection Message-ID: Hello all, my load balancer seems now working and it does the fail over. I have now issue with https. I added the VIP in piranha interface both for port 80 and 443 and added REAL server in these VIPs. I then opened port 80 and 443 on active router (I am not sure if port 443 require to open as client actually connects to port 80 ). Then I added VIP address on Real server and configure apache to listen on port 443. I have a virtual section in REAL server as below: ServerName mytest DocumentRoot /var/www/html/test CustomLog /var/log/test_access_log combined AddDefaultCharset UTF-8 Redirect Permanent / https://piranhatest.com/ ServerName piranhatest.com DocumentRoot /var/www/html AddDefaultCharset UTF-8 I have all the certtificate and required configuration in ssl.conf for 443. But it does not work and complain that I do not have virtualhost for 192.168.1.3:443. If i do not add this virtualhost for 192.168.1.3:443, ipvsadm -L do not even list the real server of 443. 192.168.1.3 is my real server and 192.168.1.1 is my VIP. How does Piranha handles this ? does the Real server eth0 and eth0:1 has to be configured on port 443 ? or is there something in configuration I can do so the lvs listen on port 80 and redirect to one of the Real server then serve sties with RS VIP interface ? I am getting confused. All I am trying to now is I have a site obviously users connects with port 80 but I would like to redirect to 443 /https port and I want to do this with my piranha setup. Any hint would be appreciated. Khapare -------------- next part -------------- An HTML attachment was scrubbed... URL: From pr1 at pr1.ru Wed Jan 25 10:04:08 2012 From: pr1 at pr1.ru (Andrey Feldman) Date: Wed, 25 Jan 2012 13:04:08 +0300 Subject: http and https redirection In-Reply-To: References: Message-ID: Hi. Maybe nanny just can't understand HTTPS, so it expected something like "200 OK" from the host, but there is an SSL handshake. Try to use send_program in lvs.cf: send_program = "curl https://1.0.0.0" expect = "OK" Or something like this. On Tue, Jan 24, 2012 at 11:58 PM, Khapare Joshi wrote: > Hello all, > > my load balancer seems now working and it does the fail over. I have now > issue with https. I added the VIP in piranha interface both for port 80 and > 443 and added REAL server in these VIPs. I then opened port 80 and 443 on > active router (I am not sure if port 443 require to open as client actually > connects to port 80 ). Then I added VIP address on Real server and > configure apache to listen on port 443. I have a virtual section in REAL > server as below: > > > > ??????? ServerName mytest > ??????? DocumentRoot /var/www/html/test > ??????? CustomLog /var/log/test_access_log combined > ??????? AddDefaultCharset UTF-8 > ??????? Redirect Permanent / https://piranhatest.com/ > > > > ??????? ServerName piranhatest.com > ??????? DocumentRoot /var/www/html > ??????? AddDefaultCharset UTF-8 > > > I have all the certtificate and required configuration in ssl.conf for 443. > But it does not work and complain that I do not have virtualhost for > 192.168.1.3:443. If i do not add this virtualhost for 192.168.1.3:443, > ipvsadm -L do not even list the real server of 443. 192.168.1.3 is my real > server and 192.168.1.1 is my VIP. > > How does Piranha handles this ? does the Real server eth0 and eth0:1 has to > be configured on port 443 ? or is there something in configuration I can do > so the lvs listen on port 80 and redirect to one of the Real server then > serve sties with RS VIP interface ? I am getting confused. > > All I am trying to now is I have a site obviously users connects with port > 80 but I would like to redirect to 443 /https port and I want to do this > with my piranha setup. Any hint would be appreciated. > > Khapare > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list -- -- Andrey Feldman From khapare77 at gmail.com Mon Jan 30 14:42:28 2012 From: khapare77 at gmail.com (Khapare Joshi) Date: Mon, 30 Jan 2012 14:42:28 +0000 Subject: http and https redirection In-Reply-To: References: Message-ID: HI, i think you are right. I noticed that Nanny is playing integral role in lvs. I used the script like : TEST=`/usr/bin/lynx -head -dump http://$1 2>/dev/null | grep -c "HTTP/1.1 301" ` if [ "$TEST" == "1" ] then echo "OK" else echo "FAIL" fi And this worked well for me. Thanks for your help On Wed, Jan 25, 2012 at 10:04 AM, Andrey Feldman wrote: > Hi. > Maybe nanny just can't understand HTTPS, so it expected something like > "200 OK" from the host, but there is an SSL handshake. > Try to use send_program in lvs.cf: > send_program = "curl https://1.0.0.0" > expect = "OK" > Or something like this. > > > On Tue, Jan 24, 2012 at 11:58 PM, Khapare Joshi > wrote: > > Hello all, > > > > my load balancer seems now working and it does the fail over. I have now > > issue with https. I added the VIP in piranha interface both for port 80 > and > > 443 and added REAL server in these VIPs. I then opened port 80 and 443 on > > active router (I am not sure if port 443 require to open as client > actually > > connects to port 80 ). Then I added VIP address on Real server and > > configure apache to listen on port 443. I have a virtual section in REAL > > server as below: > > > > > > > > ServerName mytest > > DocumentRoot /var/www/html/test > > CustomLog /var/log/test_access_log combined > > AddDefaultCharset UTF-8 > > Redirect Permanent / https://piranhatest.com/ > > > > > > > > ServerName piranhatest.com > > DocumentRoot /var/www/html > > AddDefaultCharset UTF-8 > > > > > > I have all the certtificate and required configuration in ssl.conf for > 443. > > But it does not work and complain that I do not have virtualhost for > > 192.168.1.3:443. If i do not add this virtualhost for 192.168.1.3:443, > > ipvsadm -L do not even list the real server of 443. 192.168.1.3 is my > real > > server and 192.168.1.1 is my VIP. > > > > How does Piranha handles this ? does the Real server eth0 and eth0:1 has > to > > be configured on port 443 ? or is there something in configuration I can > do > > so the lvs listen on port 80 and redirect to one of the Real server then > > serve sties with RS VIP interface ? I am getting confused. > > > > All I am trying to now is I have a site obviously users connects with > port > > 80 but I would like to redirect to 443 /https port and I want to do this > > with my piranha setup. Any hint would be appreciated. > > > > Khapare > > > > _______________________________________________ > > Piranha-list mailing list > > Piranha-list at redhat.com > > https://www.redhat.com/mailman/listinfo/piranha-list > > > > -- > -- > Andrey Feldman > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: