24.09.2011 16:21, mike wrote: > On 11-09-24 05:02 AM, Vladislav Bogdanov wrote: >> 23.09.2011 21:15, mike wrote: >>> Last year I set up an HA cluster with ldirector pointing to 2 load >>> balanced "real" servers. We had jboss on the backend listening to the >>> Real IP on port 8080. Initially, we could not get the backend to reply - >>> we kept getting refused connections when we tried going through the VIP. >>> Thanks to Horms and a few others, I had the app guy start up jboss >>> listening on all interfaces (0.0.0.0) and all was well - worked perfectly. >>> >>> Well now I'm told they want several more "instances" of jboss all >>> listening on the same port, 8080 and so starting up listening on 0.0.0.0 >>> is not an option. My initial response was "guys, start each instance >>> listening to a different port - problem solved". They're not too happy >>> with this solution so I'm here asking - is there any way possible to >>> load balance to several jboss instances running on the same backend >>> servers and on the same port? >> (assuming you run linux) >> You can look at /proc/sys/net/ipv4/ip_nonlocal_bind tunable. >> Setting it to 1 allows you to configure applications to listen on >> non-existent IP address. And that address could be virtual, migrating >> over nodes. So, you have two clone instances of application, running on >> different nodes, and bound to the same non-wildcard address. Repeat for >> different application instances and addresses. >> >> This should help. >> >> Best, >> Vladislav >> _______________________________________________ >> Linux-HA mailing list >> [email protected] >> http://lists.linux-ha.org/mailman/listinfo/linux-ha >> See also: http://linux-ha.org/ReportingProblems >> > Thanks Vladislav, > > If I understand you correctly then I should set ip_nonlocal_bind_tunable > to 1 on both backend servers (not the director servers) and then bind > the applications to the VIP on the same backend servers. I already have > the VIP added to the loopback on the backend servers.
This way you can bind app to specific VIP, not to wildcard address. Just specify that VIP in their configuration. And you can remove VIP from loopbacks and leave it to pacemaker to place it on a real interface. From my experience, having address on loopback and then adding it to real interface does not always work fine. At least I had problems with IPSEC on such setups. Sure, You can bind several app instances to different specific VIPs and have them running in standby mode until VIP is migrated to that node. Vladislav _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
