Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Linux Virtual Server: Users

[lvs-users] 2 Quick Questions

  

 
Linux Virtual Server users RSS feed   Index | Next | Previous | View Threaded


eric.robinson at pmcipa

Oct 30, 2007, 9:09 AM

Post #1 of 8 (688 views)
Permalink
[lvs-users] 2 Quick Questions
I have a 2-node Linux-HA active/passive cluster running as an LVS-nat
load balancer with ldirectord. Each node has a physical IP address. The
active cluster node also has a virtual IP address that gets taken over
by the other node in the event of a primary node failure. The LVS
virtual servers are all bound to the virtual IP.

1. I've notice that when ldirectord checks to see whether RealServers
are up, it uses the node's physical IP address as the source. This
complicates our business partner VPN configs. Is there a way to make it
use the virtual IP address instead?

2. Is there a hard limit to the number of virtual servers? Right now I'm
running 50-60 of them and the LVS machine is not working especially
hard. It's using about 500MB RAM and runs at less than 10% average CPU.

--
Eric Robinson

Sorry about the following disclaimer. It's appended by the corporate
mail server...



Disclaimer - October 30, 2007
This email and any files transmitted with it are confidential and intended solely for LinuxVirtualServer.org users mailing list.. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physician Select Management (PSM) or Physician's Managed Care (PMC). Warning: Although the message sender has taken reasonable precautions to ensure no viruses are present in this email, neither PSM nor PMC can accept responsibility for any loss or damage arising from the use of this email or attachments.

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


jmack at wm7d

Oct 30, 2007, 12:06 PM

Post #2 of 8 (659 views)
Permalink
Re: [lvs-users] 2 Quick Questions [In reply to]
On Tue, 30 Oct 2007, Robinson, Eric wrote:

> 1. I've notice that when ldirectord checks to see whether RealServers
> are up, it uses the node's physical IP address as the source. This
> complicates our business partner VPN configs. Is there a way to make it
> use the virtual IP address instead?

yes. my ancient configure script does that (it only sets up
realservers and not failover directors, so no-one uses it
anymore). AFAIconcerned, this is the only way to do it,
since you don't have to get your service to listen on the
RIP as well.

You ssh from the director to the RIP and run a test on the
realserver for the service of interest. I use multiscan (see
sourceforge for this general purpose service tester - it's a
bit old now, but services haven't changed).

director:# ssh $realserver_name '/usr/local/bin/multiscan -t $vip'

multiscan returns the ports open and you can grep for your
service. This isn't as stringent a test as requiring the
service to return a valid string from a query, but it was
good enough for me. You could substitute mon or your own
test for the service.

> 2. Is there a hard limit to the number of virtual servers?

a virtual server is a VIP;port. Is that what you're asking?

> Right now I'm running 50-60 of them and the LVS machine is
> not working especially hard. It's using about 500MB RAM
> and runs at less than 10% average CPU.

the limit is the amount of memory used for connections, not
the number of virtual services, it's about
116bytes/connection.

> Sorry about the following disclaimer. It's appended by the corporate
> mail server...

I have one of those too, but I can get out to my personal
account from work and look like a normal person.

Joe

--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


jmack at wm7d

Oct 30, 2007, 12:09 PM

Post #3 of 8 (649 views)
Permalink
Re: [lvs-users] 2 Quick Questions [In reply to]
On Tue, 30 Oct 2007, Robinson, Eric wrote:

>
> I have a 2-node Linux-HA active/passive cluster running as an LVS-nat
> load balancer with ldirectord. Each node has a physical IP address. The
> active cluster node also has a virtual IP address that gets taken over
> by the other node in the event of a primary node failure. The LVS
> virtual servers are all bound to the virtual IP.
>
> 1. I've notice that when ldirectord checks to see whether RealServers
> are up, it uses the node's physical IP address as the source.


oops. you're using LVS-NAT. There is no VIP on the
realserver, only the RIP. What other IP is there to test?

> This complicates our business partner VPN configs. Is
> there a way to make it use the virtual IP address instead?

you don't have the VIP on the realserver.

Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


eric.robinson at pmcipa

Oct 30, 2007, 4:01 PM

Post #4 of 8 (652 views)
Permalink
Re: [lvs-users] 2 Quick Questions [In reply to]
> oops. you're using LVS-NAT. There is no VIP on the realserver,
> only the RIP. What other IP is there to test?

I said I was using LVS-nat because all of my ldirectord.cf entries
include the "masq" directive. I may be mangling my terms. Just because
I've been sucessfully using LVS/ldirectord for a year on a national
scale doesn't mean I know how to talk about it. :-)

My load-balancer computer has about 60 entries like this:

# Virtual Server for tomcat(site001), Outside to Inside
virtual=192.168.5.100:3001
real=192.168.10.61:3001 masq
real=192.168.10.62:3001 masq
service=http
request="/checkup.html"
receive="site001_tomcat_is_up"
scheduler=lblc
protocol=tcp
checktype=3
persistent=360

My question really was this: is there a fixed limit to the number of
these entries that LVS/ldirectord will support, or is it just limited by
system resources? I assume it is the latter. If so, then do you think I
am likely to see performance bottlenecks at some point soon? Right now
everything is fine, but I'm concerned about the ol'
straw-that-breaks-the-camel's-back syndrome.

--
Eric Robinson


Again, the annoying server-appended disclaimer...




Disclaimer - October 30, 2007
This email and any files transmitted with it are confidential and intended solely for LinuxVirtualServer.org users mailing list.. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physician Select Management (PSM) or Physician's Managed Care (PMC). Warning: Although the message sender has taken reasonable precautions to ensure no viruses are present in this email, neither PSM nor PMC can accept responsibility for any loss or damage arising from the use of this email or attachments.

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


jmack at wm7d

Oct 30, 2007, 6:16 PM

Post #5 of 8 (653 views)
Permalink
Re: [lvs-users] 2 Quick Questions [In reply to]
On Tue, 30 Oct 2007, Robinson, Eric wrote:

> My question really was this: is there a fixed limit to the number of
> these entries that LVS/ldirectord will support,

no

Joe


-- Joseph Mack NA3T EME(B,D), FM05lw North Carolina jmack
(at) wm7d (dot) net - azimuthal equidistant map generator at
http://www.wm7d.net/azproj.shtml Homepage
http://www.austintek.com/ It's GNU/Linux!

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


eric.robinson at pmcipa

Oct 31, 2007, 3:31 AM

Post #6 of 8 (645 views)
Permalink
Re: [lvs-users] 2 Quick Questions [In reply to]
>> My question really was this: is there a fixed limit to the number of
>> these entries that LVS/ldirectord will support,

> no

Then is there a practical limit? When does LVS or ldirectord start to
bog down?

--
Eric Robinson
Director of Information Technology
Physician Select Management, LLC
775.720.2082



Disclaimer - October 31, 2007
This email and any files transmitted with it are confidential and intended solely for LinuxVirtualServer.org users mailing list.. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physician Select Management (PSM) or Physician's Managed Care (PMC). Warning: Although the message sender has taken reasonable precautions to ensure no viruses are present in this email, neither PSM nor PMC can accept responsibility for any loss or damage arising from the use of this email or attachments.

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


graeme at graemef

Oct 31, 2007, 5:17 AM

Post #7 of 8 (643 views)
Permalink
Re: [lvs-users] 2 Quick Questions [In reply to]
On Wed, 2007-10-31 at 02:31 -0800, Robinson, Eric wrote:
> Then is there a practical limit? When does LVS or ldirectord start to
> bog down?

It depends entirely on your local environment:

1. Line speed
2. CPU speed
3. Bus speed
4. What else the director might be doing

So if you have uncontended gigabit ethernet connections using PCI-e 1.1
cards and a really, really fast processor with masses of RAM (and the
right kernel to support it) then you'll get vastly greater performance
than, say, a Pentium-III motherboard from six years ago with 512MB RAM
connected via FastEthernet to a contended T3.

I appreciate that this is fairly obvious, but it demonstrates clearly
that the more resource you can throw at the problem, the more power you
will get - more RAM means you can handle more connections, and the
faster bus means you can get them in (and out, if necessary) a lot
faster.

Unfortunately there's no real-life current baseline for this. If only we
had a lab and a traffic generator ;-)

Graeme


_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


eric.robinson at pmcipa

Oct 31, 2007, 6:06 AM

Post #8 of 8 (647 views)
Permalink
Re: [lvs-users] 2 Quick Questions [In reply to]
> I appreciate that this is fairly obvious

True, but thanks for the input anyway. Like I said in an earlier
message, the computer running LVS/ldirectord is working at less than 10%
CPU, so I'm going to guess that my 60 virtual servers are not making it
work too hard. However, it's often unsafe to assume that you'll get
linear scaling. For all I knew, there could have been a known crunch
point where the LVS or ldirectord code begins to step on itself and
things come to a grinding halt. That would be an very unpleasant
surprise. :-)

--
Eric Robinson
Director of Information Technology
Physician Select Management, LLC
775.720.2082



Disclaimer - October 31, 2007
This email and any files transmitted with it are confidential and intended solely for LinuxVirtualServer.org users mailing list.. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physician Select Management (PSM) or Physician's Managed Care (PMC). Warning: Although the message sender has taken reasonable precautions to ensure no viruses are present in this email, neither PSM nor PMC can accept responsibility for any loss or damage arising from the use of this email or attachments.

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

Linux Virtual Server users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.