From robin-lists at robinbowes.com Thu Jul 15 01:05:22 2010 From: robin-lists at robinbowes.com (Robin Bowes) Date: Thu, 15 Jul 2010 02:05:22 +0100 Subject: Forward from one LVS instance to another? Message-ID: <4C3E5ED2.2090402@robinbowes.com> Hi, I'm running pulse/LVS to balance http/https traffic. I have identical setups in two DCs (with different IPs, of course). DC A looks like this: TCP $IP_A:http -> a048:http -> a046:http -> a044:http And DC B is the same, with a different IP: TCP $IP_B:http -> b048:http -> b046:http -> b044:http I'm using Direct Routing, and have an iptables REDIRECT in the *nat chain on each of the real servers. In DC A: -A PREROUTING -p tcp --dst $IP_A -m multiport --dports 80 -j REDIRECT In DC B: -A PREROUTING -p tcp --dst $IP_B -m multiport --dports 80 -j REDIRECT This all works just fine. Now, DC B is currently the "live" DC but we are planning a cutover to DC A. One of the things that this will involve is changing DNS records to point at $IP_A instead of $IP_B. The DNS change will take a while to propagate so I want to forward traffic that hits $IP_B after the cutover to $IP_A. What I thought I'd do is to simply specify $IP_A as the only real server of the LBs in DC B, ie: TCP $IP_B:http -> $IP_A:http However, this doesn't seem to work. So, I thought about it some more and figured I'd have to add a REDIRECT with the address of the original IP, eg. in DC A -A PREROUTING -p tcp --dst $IP_B -m multiport --dports 80 -j REDIRECT This didn't seem to work either. So, at this point I'm stumped. Anyone got any ideas how to make this work? Is this sort of thing possible with Direct Routing? R. From robin-lists at robinbowes.com Thu Jul 15 12:25:07 2010 From: robin-lists at robinbowes.com (Robin Bowes) Date: Thu, 15 Jul 2010 13:25:07 +0100 Subject: Forward from one LVS instance to another? In-Reply-To: <4C3E5ED2.2090402@robinbowes.com> References: <4C3E5ED2.2090402@robinbowes.com> Message-ID: <4C3EFE23.7030308@robinbowes.com> On 15/07/10 02:05, Robin Bowes wrote: > Is this sort of thing possible with Direct Routing? Answer: No, Direct Routing requires the real servers and the director to be on the same segment (piece of wire). They must be able to arp each other as packets are sent by link-layer from the director to the realservers. I need to use tunnelling. Some useful links: http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-Tun.html http://www.ultramonkey.org/papers/lvs_tutorial/html/ R. From fclift at verio.net Tue Jul 20 04:58:51 2010 From: fclift at verio.net (Fred Clift) Date: Tue, 20 Jul 2010 00:58:51 -0400 Subject: proposed changes to lvsd, nanny, pulse: seeking advice Message-ID: Hi. My company is using lvs and we've noticed a few issues. We have at least one local patch, and plan on making several more. I cribbed and slightly modified an internal wiki page about our proposed changes and bugs. In particular there is at least one verified bug in lvsd (mis-indexed re-read of config file), some missing features (as the documentation implies, or is missing - pulse re-reading the config file, doesn't pay attention to the status of it's child lvsd), nanny doesn't check it's arguments carefully and may unexpectedly exit etc. For a full detailed description of all the issues we've found, and for our proposed solutions, please see: http://clift.org/fred/lvs/lvs.html I have a couple of questions. First, can you direct me to the process for submitting patches for lvs/pulse/nanny, and second, are there other known issues with these programs that we might likely trip over? In particular are there nanny options that currently are arguably non-valid parameters (cause immediate nanny exit) - for example, a timeout of 0 is one. Are there others? Anyway, I'd appreciate anyone's feedback on our proposed changes and the patch submission process. Thanks. Fred Clift fclift at verio.net Verio Inc. This email message is intended for the use of the person to whom it has been sent, and may contain information that is confidential or legally protected. If you are not the intended recipient or have received this message in error, you are not authorized to copy, distribute, or otherwise use this message or its attachments. Please notify the sender immediately by return e-mail and permanently delete this message and any attachments. Verio, Inc. makes no warranty that this email is error or virus free. Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: From yocum at fnal.gov Tue Jul 20 11:06:06 2010 From: yocum at fnal.gov (Dan Yocum) Date: Tue, 20 Jul 2010 06:06:06 -0500 Subject: proposed changes to lvsd, nanny, pulse: seeking advice In-Reply-To: References: Message-ID: <4C45831E.1030803@fnal.gov> Fred, Submit bugs and patches using the Bugzilla interface: http://bugzilla.redhat.com. I reported the issue about all nannies unexpectedly exiting if all Real Servers (for a particular service) are unavailable. There's a patch in bugzilla, but to my knowledge it hasn't made it into TOT. That was over 2 years ago. Dan On 07/19/2010 11:58 PM, Fred Clift wrote: > Hi. My company is using lvs and we?ve noticed a few issues. We have at > least one local patch, and plan on making several more. > > I cribbed and slightly modified an internal wiki page about our proposed > changes and bugs. > > In particular there is at least one verified bug in lvsd (mis-indexed > re-read of config file), some missing features (as the documentation > implies, or is missing ? pulse re-reading the config file, doesn?t pay > attention to the status of it?s child lvsd), nanny doesn?t check it?s > arguments carefully and may unexpectedly exit etc. > > For a full detailed description of all the issues we?ve found, and for > our proposed solutions, please see: > > http://clift.org/fred/lvs/lvs.html > > I have a couple of questions. First, can you direct me to the process > for submitting patches for lvs/pulse/nanny, and second, are there other > known issues with these programs that we might likely trip over? In > particular are there nanny options that currently are arguably non-valid > parameters (cause immediate nanny exit) ? for example, a timeout of 0 is > one. Are there others? > > Anyway, I?d appreciate anyone?s feedback on our proposed changes and the > patch submission process. > > Thanks. > > Fred Clift > > fclift at verio.net > > Verio Inc. > > > This email message is intended for the use of the person to whom it has > been sent, and may contain information that is confidential or legally > protected. If you are not the intended recipient or have received this > message in error, you are not authorized to copy, distribute, or > otherwise use this message or its attachments. Please notify the sender > immediately by return e-mail and permanently delete this message and any > attachments. Verio, Inc. makes no warranty that this email is error or > virus free. Thank you. > > > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list -- Dan Yocum Fermilab 630.840.6509 yocum at fnal.gov, http://fermigrid.fnal.gov "I fly because it releases my mind from the tyranny of petty things." From rhurst at bidmc.harvard.edu Tue Jul 20 12:12:10 2010 From: rhurst at bidmc.harvard.edu (rhurst at bidmc.harvard.edu) Date: Tue, 20 Jul 2010 08:12:10 -0400 Subject: proposed changes to lvsd, nanny, pulse: seeking advice In-Reply-To: <4C45831E.1030803@fnal.gov> References: <4C45831E.1030803@fnal.gov> Message-ID: <50168EC934B8D64AA8D8DD37F840F3DE0562E6348B@EVS2CCR.its.caregroup.org> It has been our experience, too, that community contributed patches don't seem to go anywhere. And we would welcome them all. Perhaps it can get a chance to penetrate via the Fedora channels? -----Original Message----- From: piranha-list-bounces at redhat.com [mailto:piranha-list-bounces at redhat.com] On Behalf Of Dan Yocum Sent: Tuesday, July 20, 2010 7:06 AM To: Piranha clustering/HA technology Subject: Re: proposed changes to lvsd, nanny, pulse: seeking advice Fred, Submit bugs and patches using the Bugzilla interface: http://bugzilla.redhat.com. I reported the issue about all nannies unexpectedly exiting if all Real Servers (for a particular service) are unavailable. There's a patch in bugzilla, but to my knowledge it hasn't made it into TOT. That was over 2 years ago. Dan On 07/19/2010 11:58 PM, Fred Clift wrote: > Hi. My company is using lvs and we've noticed a few issues. We have > at least one local patch, and plan on making several more. > > I cribbed and slightly modified an internal wiki page about our > proposed changes and bugs. > > In particular there is at least one verified bug in lvsd (mis-indexed > re-read of config file), some missing features (as the documentation > implies, or is missing - pulse re-reading the config file, doesn't pay > attention to the status of it's child lvsd), nanny doesn't check it's > arguments carefully and may unexpectedly exit etc. > > For a full detailed description of all the issues we've found, and for > our proposed solutions, please see: > > http://clift.org/fred/lvs/lvs.html > > I have a couple of questions. First, can you direct me to the process > for submitting patches for lvs/pulse/nanny, and second, are there > other known issues with these programs that we might likely trip over? > In particular are there nanny options that currently are arguably > non-valid parameters (cause immediate nanny exit) - for example, a > timeout of 0 is one. Are there others? > > Anyway, I'd appreciate anyone's feedback on our proposed changes and > the patch submission process. > > Thanks. > > Fred Clift > > fclift at verio.net > > Verio Inc. > > > This email message is intended for the use of the person to whom it > has been sent, and may contain information that is confidential or > legally protected. If you are not the intended recipient or have > received this message in error, you are not authorized to copy, > distribute, or otherwise use this message or its attachments. Please > notify the sender immediately by return e-mail and permanently delete > this message and any attachments. Verio, Inc. makes no warranty that > this email is error or virus free. Thank you. > > > > _______________________________________________ > Piranha-list mailing list > Piranha-list at redhat.com > https://www.redhat.com/mailman/listinfo/piranha-list -- Dan Yocum Fermilab 630.840.6509 yocum at fnal.gov, http://fermigrid.fnal.gov "I fly because it releases my mind from the tyranny of petty things." _______________________________________________ Piranha-list mailing list Piranha-list at redhat.com https://www.redhat.com/mailman/listinfo/piranha-list From mgrac at redhat.com Wed Jul 21 09:37:59 2010 From: mgrac at redhat.com (Marek Grac) Date: Wed, 21 Jul 2010 11:37:59 +0200 Subject: proposed changes to lvsd, nanny, pulse: seeking advice In-Reply-To: References: Message-ID: <4C46BFF7.4090200@redhat.com> Hi, On 07/20/2010 06:58 AM, Fred Clift wrote: > > Hi. My company is using lvs and we've noticed a few issues. We have > at least one local patch, and plan on making several more. > > I cribbed and slightly modified an internal wiki page about our > proposed changes and bugs. > > In particular there is at least one verified bug in lvsd (mis-indexed > re-read of config file), some missing features (as the documentation > implies, or is missing -- pulse re-reading the config file, doesn't > pay attention to the status of it's child lvsd), nanny doesn't check > it's arguments carefully and may unexpectedly exit etc. > > For a full detailed description of all the issues we've found, and for > our proposed solutions, please see: > > http://clift.org/fred/lvs/lvs.html > I will check it. > I have a couple of questions. First, can you direct me to the process > for submitting patches for lvs/pulse/nanny, and second, are there > other known issues with these programs that we might likely trip > over? In particular are there nanny options that currently are > arguably non-valid parameters (cause immediate nanny exit) -- for > example, a timeout of 0 is one. Are there others? > > Anyway, I'd appreciate anyone's feedback on our proposed changes and > the patch submission process. > > Please create a bug in bugzilla.redhat.com (components ipvsadm & piranha). Currently there are two long-term open bugs 'LVS do nothing when VIP is down' and failure to start nanny kill all running nannies (mentioned in follow-ups; patch was discussed before and yes it works). Piranha is now part of fedora, so there is place to put upstream changes and create packages for other distro if needed. Piranha will work with SELinux as can be seen in RHEL6 beta (Fedora / RHEL5 will be ready soon). There is git repo with upstream available: http://git.fedorahosted.org/git/?p=piranha.git Patches to this repo does not have to pass RH processes (also no real QA) but it can be flexible enough. m, -------------- next part -------------- An HTML attachment was scrubbed... URL: