[lvs-users] Keepalived - HTTPS Issue with multiple HTTPS virtual server blocks

eneal Mon, 23 Jun 2008 08:58:39 -0700

Does anyone have any additional thoughts here? I'm still stuck and not  
sure how to proceed.


----- Forwarded message from [EMAIL PROTECTED] -----
     Date: Fri, 30 May 2008 08:03:00 -0400
     From: [EMAIL PROTECTED]
Reply-To: "LinuxVirtualServer.org users mailing list."  
<lvs-users@linuxvirtualserver.org>
  Subject: Re: [lvs-users] Keepalived - HTTPS Issue with multiple  
HTTPS virtual server blocks
       To: lvs-users@linuxvirtualserver.org

Quoting Graeme Fowler <[EMAIL PROTECTED]>:

> On Thu, 2008-05-29 at 20:30 -0400, [EMAIL PROTECTED] wrote:
>> Yes I'm aware of those problems. But I'm not encountering those issues.
>> What I'm seeing is that my http wont work, but https will work.

I want to clarify my issue here. I think I may have to do some
wireshark dumps and tcpdumps - but the problem is erratic. What seems
to occur is that http or https will work intermittently on the virtual
servers I added at the bottom...

>
> I believe you need to post your complete, unobfuscated keepalived config
> (apart from the AH secrets) file to be checked - the only time I ever
> saw something like this happening (in the dim recesses of my mind) it
> was due to a misplaced brace in the configuration causing virtual server
> instances to run into one another.

Here you go...

! Configuration File for keepalived

global_defs {
          notification_email {
                  [EMAIL PROTECTED]

          }
          notification_email_from [EMAIL PROTECTED]
          smtp_server mail3.businessgrade.com
          smtp_connect_timeout 30
          router_id lvs2
}


vrrp_instance VI_1 {
          state BACKUP
          interface bond0
          virtual_router_id 50
          preempt
          priority 80
          advert_int 1
          authentication {
                  auth_type AH
                  auth_pass *******
          }
          virtual_ipaddress {
                  66.151.104.42
                  66.151.105.242

          }
}
vrrp_instance VI_2 {
          state MASTER
          interface bond0
          virtual_router_id 51
          preempt
          priority 100
          advert_in 1
          authentication {
                  auth_type AH
                  auth_pass *******
          }
          virtual_ipaddress {
                  66.151.104.44
                  66.151.105.115
          }
}

virtual_server 66.151.104.42 25 {
          delay_loop 10
          lb_algo rr
          lb_kind DR
          persistence_timeout 50
          protocol TCP



          real_server 66.151.104.43 25 {
                  SMTP_CHECK {
                          connect_timeout 30
                          retry 2
                          delay_before_retry 5
                          helo_name "server20.businessgrade.com"
                          host {
                                  connect_ip 66.151.104.43
                                  connect_port 25


                          }
                   }
          }

          real_server 66.151.104.45 25 {
                  SMTP_CHECK {
                          connect_timeout 30
                          retry 2
                          delay_before_retry 5
                          helo_name "server20.businessgrade.com"
                          host {
                                  connect_ip 66.151.104.45
                                  connect_port 25


                           }
                  }
          }
}
virtual_server 66.151.104.44 25 {
          delay_loop 10
          lb_algo rr
          lb_kind DR
          persistence_timeout 50
          protocol TCP



          real_server 66.151.104.43 25 {
                  SMTP_CHECK {
                          connect_timeout 30
                          retry 2
                          delay_before_retry 5
                          helo_name "server20.businessgrade.com"
                          host {
                                  connect_ip 66.151.104.43
                                  connect_port 25


                          }
                   }
          }

          real_server 66.151.104.45 25 {
                  SMTP_CHECK {
                          connect_timeout 30
                          retry 2
                          delay_before_retry 5
                          helo_name "server20.businessgrade.com"
                          host {
                                  connect_ip 66.151.104.45
                                  connect_port 25


                           }
                  }
          }
}


virtual_server 66.151.105.242 80 {
          delay_loop 6
          lb_algo rr
          lb_kind DR
          persistence_timeout 50
          protocol TCP

          real_server 66.151.105.240 80 {
                  weight 1
                  HTTP_GET {
                  url {
                          path /status.cfm
                          digest 56291e28e084bebdb83b53f2dda1536e
                  }
                  connect_timeout 3
                  nb_get_retry 3
                  delay_before_retry 3
                  }
          }
          real_server 66.151.105.241 80 {
                  weight 1
                  HTTP_GET {
                  url {
                          path /status.cfm
                          digest 56291e28e084bebdb83b53f2dda1536e
                  }
                  connect_timeout 3
                  nb_get_retry 3
                  delay_before_retry 3
                  }
          }
}

virtual_server 66.151.105.115 80 {
          delay_loop 10
          lb_algo rr
          lb_kind DR
          persistence_timeout 50
          protocol TCP

          real_server 66.151.105.113 81 {
                  weight 1
                  HTTP_GET {
                  url {
                          path /status.cfm
                          digest 56291e28e084bebdb83b53f2dda1536e
                  }
                  connect_timeout 20
                  nb_get_retry 2
                  delay_before_retry 5
                  }
          }
          real_server 66.151.105.114 81 {
                  weight 1
                  HTTP_GET {
                  url {
                          path /status.cfm
                          digest 56291e28e084bebdb83b53f2dda1536e
                  }
                  connect_timeout 20
                  nb_get_retry 2
                  delay_before_retry 5
                  }
          }
}

virtual_server 66.151.104.57 80 {
          delay_loop 10
          lb_algo rr
          lb_kind DR
          persistence_timeout 50
          protocol TCP
          virtualhost www.businessgrade.com

          real_server 66.151.104.65 81 {
                  weight 1
                  HTTP_GET {
                  url {
                          path /status.cfm
                          digest 56291e28e084bebdb83b53f2dda1536e
                  }
                  connect_timeout 30
                  nb_get_retry 2
                  delay_before_retry 5
                  }
          }
          real_server 66.151.104.60 81 {
                  weight 1
                  HTTP_GET {
                  url {
                          path /status.cfm
                          digest 56291e28e084bebdb83b53f2dda1536e
                  }
                  connect_timeout 30
                  nb_get_retry 2
                  delay_before_retry 5
                  }
          }
}
virtual_server 66.151.104.158 80 {
          delay_loop 10
          lb_algo rr
          lb_kind DR
          persistence_timeout 50
          protocol TCP
          virtualhost www.rvguidebook.com

          real_server 66.151.104.65 81 {
                  weight 1
                  HTTP_GET {
                  url {
                          path /status.cfm
                          digest 56291e28e084bebdb83b53f2dda1536e
                  }
                  connect_timeout 30
                  nb_get_retry 2
                  delay_before_retry 5
                  }
          }
          real_server 66.151.104.60 81 {
                  weight 1
                  HTTP_GET {
                  url {
                          path /status.cfm
                          digest 56291e28e084bebdb83b53f2dda1536e
                  }
                  connect_timeout 30
                  nb_get_retry 2
                  delay_before_retry 5
                  }
          }
}

virtual_server 66.151.104.167 80 {
          delay_loop 10
          lb_algo rr
          lb_kind DR
          persistence_timeout 50
          protocol TCP
          virtualhost www.lgww.com

          real_server 66.151.104.65 81 {
                  weight 1
                  HTTP_GET {
                  url {
                          path /status.cfm
                          digest 56291e28e084bebdb83b53f2dda1536e
                  }
                  connect_timeout 30
                  nb_get_retry 2
                  delay_before_retry 5
                  }
          }
          real_server 66.151.104.60 81 {
                  weight 1
                  HTTP_GET {
                  url {
                          path /status.cfm
                          digest 56291e28e084bebdb83b53f2dda1536e
                  }
                  connect_timeout 30
                  nb_get_retry 2
                  delay_before_retry 5
                  }
          }
}

virtual_server 66.151.104.57 443 {
      delay_loop 6
      lb_algo rr
      lb_kind DR
      persistence_timeout 50
      protocol TCP


      real_server 66.151.104.60 443 {
          weight 1
              connect_timeout 30
              nb_get_retry 2
              delay_before_retry 5
      }
      real_server 66.151.104.65 443 {
          weight 1
              connect_timeout 30
              nb_get_retry 2
              delay_before_retry 5
      }

}

virtual_server 66.151.104.158 443 {
      delay_loop 6
      lb_algo rr
      lb_kind DR
      persistence_timeout 50
      protocol TCP


      real_server 66.151.104.60 443 {
          weight 1
              connect_timeout 30
              nb_get_retry 2
              delay_before_retry 5
      }
      real_server 66.151.104.99 443 {
          weight 1
              connect_timeout 30
              nb_get_retry 2
              delay_before_retry 5
      }

}



> If you don't want to post the whole thing here, please send it me
> off-list and I'll look at it.

The virtual IPs for the last server blocks are not active yet. We
pulled them back because of the issues. We left the server blocks in
place so that we can easily turn them back up when we identify our
problem.

>
> Going back to your first question - this could well be to do with
> keepalived, not LVS, so we'll see :)
>
> Graeme
>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
> Send requests to [EMAIL PROTECTED]
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>



--------------------------------------------------------------------------------

This email and any files transmitted with it are confidential and are
intended solely for the use of the individual or entity to whom they
are addressed. This communication may contain material protected by
the attorney-client privilege. If you are not the intended recipient,
be advised that any use, dissemination, forwarding, printing or
copying is strictly prohibited. If you have received this email in
error, please contact the sender and delete all copies.




_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to [EMAIL PROTECTED]
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


----- End forwarded message -----


--------------------------------------------------------------------------------

This email and any files transmitted with it are confidential and are  
intended solely for the use of the individual or entity to whom they  
are addressed. This communication may contain material protected by  
the attorney-client privilege. If you are not the intended recipient,  
be advised that any use, dissemination, forwarding, printing or  
copying is strictly prohibited. If you have received this email in  
error, please contact the sender and delete all copies.




_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to [EMAIL PROTECTED]
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

[lvs-users] Keepalived - HTTPS Issue with multiple HTTPS virtual server blocks

Reply via email to