Just realized that my ldirector.cf file was set up for tunneling, as
indicated in the ipvsadm output. I changed it to look like this, which
is direct routing:
# Global Directives
checktimeout=2
checkinterval=2
logfile="/var/log/ldirectord"
# heartbeat.example.com
virtual=192.168.2.3:80
protocol=tcp
scheduler=lc
checktype=connect
checkport=80
#negotiatetimeout=10
real=192.168.2.16:80 gate
#real=172.28.185.38:389 ipip
#service=ldap
protocol=tcp
checktimeout=10
checkinterval=10
Now it works!
On 11-07-17 10:35 AM, mike wrote:
> Hello all,
>
> I set up a quick HA cluster yesterday. I've got 2 resource groups.
>
> *Here's a quick snapshot:
> *
> Online: [ firethorn vanderbilt ]
>
> Resource Group: Web_Cluster
> WebSite (ocf::heartbeat:apache): Started firethorn
> ClusterIP (ocf::heartbeat:IPaddr2): Started firethorn
> Resource Group: LVS_Cluster
> LdirectorIP (ocf::heartbeat:IPaddr2): Started firethorn
> ldirectord (ocf::heartbeat:ldirectord): Started firethorn
>
> The Web_Cluster group is a straight forward active/passive webserver
> cluster. Works perfectly.
>
> The ldirector set up is giving me issues. I've got everything installed
> correctly and on the face of it, it starts up fine. I am redirecting
> traffic to one web server only for now until I get this thing running.
>
> *Here is ipvsadm on the active server:*
> root@firethorn:/etc/ha.d# ipvsadm
> IP Virtual Server version 1.2.1 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
> TCP firethorn.local:www lc
> -> triglav.local:www Tunnel 1 0 0
>
> *On the back end server I created a secondary loopback pointing to the VIP*
> triglav www # ip addr show
> 1: lo:<LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 scope host lo
> inet 192.168.2.3/32 scope global lo:1
>
> triglav www # ifconfig lo:1
> lo:1 Link encap:Local Loopback
> inet addr:192.168.2.3 Mask:255.255.255.255
> UP LOOPBACK RUNNING MTU:16436 Metric:1
>
> *I added the following to the sysctl.conf on the backend server*
> net.ipv4.conf.all.arp_ignore = 1
> net.ipv4.conf.eth0.arp_ignore = 1
> net.ipv4.conf.all.arp_announce = 2
> net.ipv4.conf.eth0.arp_announce = 2
>
> *I added the following to the sysctl.conf to both front end LVS servers:*
> net.ipv4.ip_forward = 1
>
> *When I try to get to port 80 on the back end server via the VIP, it
> never gets there. Instead, it hangs and Inactive connections begin
> queuing up* *as you can see here:*
> root@firethorn:/etc/ha.d# ipvsadm
> IP Virtual Server version 1.2.1 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
> TCP firethorn.local:www lc
> -> triglav.local:www Tunnel 1 0 3
>
> *So, can anyone guess at what I missed? For some reason connections are
> not flowing through to the back end web server.*
>
> As usual - thanks for all replies and suggestions.
>
> - Mike
>
>
>
>
>
>
>
> _______________________________________________
> Linux-HA mailing list
> [email protected]
> http://lists.linux-ha.org/mailman/listinfo/linux-ha
> See also: http://linux-ha.org/ReportingProblems
>
_______________________________________________
Linux-HA mailing list
[email protected]
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems
