Hi, On 17 February 2011 13:47, Carlos G Mendioroz <[email protected]> wrote: > Brett Delle Grazie @ 17/02/2011 10:24 -0300 dixit: >> >> Hi, >> >> On 17 February 2011 12:58, Carlos G Mendioroz <[email protected]> wrote: >>> >>> Hi, >>> I've found that ipaddr2 can use clusterip when running as clone. >>> (please correct me if I use some word in a not correct way, >>> denoting I fail to get some concept) >>> >>> But my understanding is that clusterip might be beneficial also >>> in the active/standby case because of its use of a single mac >>> address. >> >> Not really - its simpler (networking wise) and safer to use floating >> IP addresses for standard HA. Otherwise all traffic is being >> duplicated to both nodes which ties up bandwidth unnecessarily - >> that's the major >> downside to ClusterIP. > > I guess it's a design issue, so it depends. > I've seen the bandwidth argument, but this applies only to, in my case, > to requests going to a server. BW is very low in this direction. > I'm trying to get a fast failover (subsecond). I don't like gratuitous ARP > that much.
Okay. > >> >> Indeed it could be argued that with multiple floating IPs used with >> DNS round-robin, >> ClusterIP becomes almost unnecessary. > > DNS is out of the question. A node already talking to the cluster knows > the cluster IP already. > The problem with floating IP, as commented, is ARP caching. Okay, but here I'm out of my depth. You're better off asking a network expert either about how to minimise ARP caching or of possible network based alternatives. > >> FYI ClusterIP target in iptables has been deprecated, the successor is >> cluster-match >> but I don't think there is a resource agent which uses it yet. > > Noted, thanks. I don't mind upgrading/changing/making an RA if needed. > >>> I would create the active with 1 node and the standby alike, >>> but "demote" the standby by forcing it not to answer. >> >> Why? - you lose functionality here such as the system _automatically_ >> correcting >> for failure - which is, I assume, why you want to use Pacemaker. > > How come I loose anything ? When I say "I would demote...", I mean > "I would make the RA demote..." I thought you meant manually demote. > >>> Questions: >>> -any obvious issue here ? >>> -I see some posts with CLUSTERIP and ARP related issues, >>> but I fail to understand a case where this happens. >>> If someone has a failure case I would appreciate it. >> >> Our failure cases: >> (1) It didn't work at all - resolved by (a) >> (2) It didn't work under failure conditions (pulling the network cable >> and/or power on one node) - we got lost connections, no response etc. >> resolved by (b) >> >> Our solutions were: >> (a) Enable multicast mac addresses on the switch/firewall (otherwise >> it doesn't work at all) and >> (b) adding a static ARP entry for the IP to cluster mac address in the >> switch/firewall. > > 1) I understand sort of, it's switch dependent, not really a CLUSTERIP > issue. (i.e. you need mcast to work) > 2) This is what I'm after as a failure case. > Will test it, it should work (but again, the configuration I'm thinking of > is not the one used by current ipaddr2 RA). > > Thanks for your comments! No problem, hope they save you some time. uCarp might be worth examining as well. > > -- > Carlos G Mendioroz <[email protected]> LW7 EQI Argentina > > ______________________________________________________________________ > This email has been scanned by the MessageLabs Email Security System. > For more information please visit http://www.messagelabs.com/email > ______________________________________________________________________ > -- Best Regards, Brett Delle Grazie _______________________________________________ Pacemaker mailing list: [email protected] http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://developerbugs.linux-foundation.org/enter_bug.cgi?product=Pacemaker
