Mailing List Archive: Linux Virtual Server: Users

[lvs-users] keepalived

Index | Next | Previous | View Threaded

weite at web

Sep 10, 2007, 2:37 PM

Post #1 of 10 (615 views)
Permalink

[lvs-users] keepalived

Hello!
I've a problem with keepalived. When the http service is not available
than the server is removed from the pool, but when the service is
running the server will not come back in the pool. Does someone had the
same Problem and can tell me why?

! Configuration File for keepalived

global_defs
{
notification_email
{
root
}
notification_email_from x[at]y.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LV1
}

virtual_server 192.168.1.2 80
{
delay_loop 6
lb_algo rr
lb_kind NAT
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP

real_server 192.168.2.30 80
{
weight 10
SSL_GET
{
url
{
path /webroot/check.sh
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 5
}
}

}

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

jmack at wm7d

Sep 10, 2007, 3:50 PM

Post #2 of 10 (597 views)
Permalink

Re: [lvs-users] keepalived [In reply to]

On Mon, 10 Sep 2007, Andre Weitekamp wrote:

> Hello! I've a problem with keepalived. When the http
> service is not available than the server is removed from
> the pool, but when the service is running the server will
> not come back in the pool. Does someone had the same
> Problem and can tell me why?

I'm not a keepalived person, but since we haven't been
getting a lot of replies from Alexandre (or Horm for
ldirectord), I'm going to have a go at it (everyone else
feel free to step in).

I seem to remember that keepalived sends the signals that a
machine is up or down, but you have to write the scripts to
take it out of service of bring it back into service. Do you
have a script that brings the server/service back
on-line/adds it to ipvsadm?

Joe

--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

graeme at graemef

Sep 10, 2007, 4:11 PM

Post #3 of 10 (592 views)
Permalink

Re: [lvs-users] keepalived [In reply to]

On Mon, 2007-09-10 at 23:37 +0200, Andre Weitekamp wrote:
> I've a problem with keepalived. When the http service is not available
> than the server is removed from the pool, but when the service is
> running the server will not come back in the pool. Does someone had the
> same Problem and can tell me why?

This has been discussed a few times over on the keepalived list over the
years, and is usually down to a bad config. In your case, it looks OK
and keepalived will start, but... you're not telling the healthchecker
what result code to scan for.

You probably need:

SSL_GET {
url {
path /webroot/check.sh
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 5
}

Try this and see.

Graeme

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

graeme at graemef

Sep 10, 2007, 4:13 PM

Post #4 of 10 (596 views)
Permalink

Re: [lvs-users] keepalived [In reply to]

I spotted something else odd, too:

On Mon, 2007-09-10 at 23:37 +0200, Andre Weitekamp wrote:
> virtual_server 192.168.1.2 80
> {
> delay_loop 6
> lb_algo rr
> lb_kind NAT
> nat_mask 255.255.255.0
> persistence_timeout 50
> protocol TCP
>
> real_server 192.168.2.30 80
> {
> weight 10
> SSL_GET
> {
> url
> {
> path /webroot/check.sh
> }
> connect_timeout 3
> nb_get_retry 3
> delay_before_retry 5
> }
> }
>
> }

Do you really have an HTTPS server on port 80? If not, that needs to be
HTTP_GET and not SSL_GET.

Graeme

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

graeme at graemef

Sep 10, 2007, 4:15 PM

Post #5 of 10 (594 views)
Permalink

Re: [lvs-users] keepalived [In reply to]

On Mon, 2007-09-10 at 15:50 -0700, Joseph Mack NA3T wrote:
> I'm not a keepalived person, but since we haven't been
> getting a lot of replies from Alexandre (or Horm for
> ldirectord), I'm going to have a go at it (everyone else
> feel free to step in).

OK... oh, I did already :)

> I seem to remember that keepalived sends the signals that a
> machine is up or down, but you have to write the scripts to
> take it out of service of bring it back into service. Do you
> have a script that brings the server/service back
> on-line/adds it to ipvsadm?

That hasn't been the case since I first used keepalived back in 2003 -
the healthcheck code is pretty good, if the config is right, and feeds
directly into the LVS management part. Server stops responding, it goes
out of the pool. Starts again, back it comes. No additional scripting
required!

Graeme

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

stuart at vio

Sep 10, 2007, 4:28 PM

Post #6 of 10 (590 views)
Permalink

Re: [lvs-users] keepalived [In reply to]

Looking on my Keepalived v1.1.12 implementation I see no external scripts to
handle adding or removing machines in the pool.

What do you see in your log file? below is expected log output from a simple
tcp port check.

Sep 10 23:15:16 lb1 Keepalived_healthcheckers: TCP connection to
[192.168.2.22:443] failed !!!
Sep 10 23:15:16 lb1 Keepalived_healthcheckers: Removing service
[192.168.2.22:443] from VS [x.x.x.x:443]

Sep 10 23:15:52 lb1 Keepalived_healthcheckers: TCP connection to
[192.168.2.22:443] success.
Sep 10 23:15:52 lb1 Keepalived_healthcheckers: Adding service
[192.168.2.22:443] to VS [x.x.x.x:443]

Stuart

On 10/9/07 23:50, "Joseph Mack NA3T" <jmack[at]wm7d.net> wrote:

> On Mon, 10 Sep 2007, Andre Weitekamp wrote:
>
>> Hello! I've a problem with keepalived. When the http
>> service is not available than the server is removed from
>> the pool, but when the service is running the server will
>> not come back in the pool. Does someone had the same
>> Problem and can tell me why?
>
> I'm not a keepalived person, but since we haven't been
> getting a lot of replies from Alexandre (or Horm for
> ldirectord), I'm going to have a go at it (everyone else
> feel free to step in).
>
> I seem to remember that keepalived sends the signals that a
> machine is up or down, but you have to write the scripts to
> take it out of service of bring it back into service. Do you
> have a script that brings the server/service back
> on-line/adds it to ipvsadm?
>
> Joe

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

weite at web

Sep 11, 2007, 10:16 AM

Post #7 of 10 (583 views)
Permalink

Re: [lvs-users] keepalived [In reply to]

I've found the problem. I don't need any scripts or something else.
Keepalived add and remove the Server.
Keepalived has 4 Healthckeck frameworks. I used SSL_GET and HTTP_GET,
but the two methods doesn't add the server back. I don't know why, but
TCP_CHECK do this. So I use TCP_CHECK with the connect_port option and
all is well.

By the way. Now I've the problem with the alert email. Everytime I get a
501 Error from the smtp protocol. :)

Stuart walmsley schrieb:
> Looking on my Keepalived v1.1.12 implementation I see no external scripts to
> handle adding or removing machines in the pool.
>
> What do you see in your log file? below is expected log output from a simple
> tcp port check.
>
> Sep 10 23:15:16 lb1 Keepalived_healthcheckers: TCP connection to
> [192.168.2.22:443] failed !!!
> Sep 10 23:15:16 lb1 Keepalived_healthcheckers: Removing service
> [192.168.2.22:443] from VS [x.x.x.x:443]
>
>
> Sep 10 23:15:52 lb1 Keepalived_healthcheckers: TCP connection to
> [192.168.2.22:443] success.
> Sep 10 23:15:52 lb1 Keepalived_healthcheckers: Adding service
> [192.168.2.22:443] to VS [x.x.x.x:443]
>
>
>
> Stuart
>
>
> On 10/9/07 23:50, "Joseph Mack NA3T" <jmack[at]wm7d.net> wrote:
>
>
>> On Mon, 10 Sep 2007, Andre Weitekamp wrote:
>>
>>
>>> Hello! I've a problem with keepalived. When the http
>>> service is not available than the server is removed from
>>> the pool, but when the service is running the server will
>>> not come back in the pool. Does someone had the same
>>> Problem and can tell me why?
>>>
>> I'm not a keepalived person, but since we haven't been
>> getting a lot of replies from Alexandre (or Horm for
>> ldirectord), I'm going to have a go at it (everyone else
>> feel free to step in).
>>
>> I seem to remember that keepalived sends the signals that a
>> machine is up or down, but you have to write the scripts to
>> take it out of service of bring it back into service. Do you
>> have a script that brings the server/service back
>> on-line/adds it to ipvsadm?
>>
>> Joe
>>
>
>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
> Send requests to lvs-users-request[at]LinuxVirtualServer.org
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
>

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

graeme at graemef

Sep 11, 2007, 12:23 PM

Post #8 of 10 (586 views)
Permalink

Re: [lvs-users] keepalived [In reply to]

On Tue, 2007-09-11 at 19:16 +0200, Andre Weitekamp wrote:
> I've found the problem. I don't need any scripts or something else.
> Keepalived add and remove the Server.
> Keepalived has 4 Healthckeck frameworks. I used SSL_GET and HTTP_GET,
> but the two methods doesn't add the server back. I don't know why, but
> TCP_CHECK do this. So I use TCP_CHECK with the connect_port option and
> all is well.

To reiterate what I said in response to your post, you didn't configure
the HTTP_GEt or SSL_GET properly in the first place - it needs a
response code. Unfortunately the config parser in keepalived is not what
it could be; ideally it would cough and fall over if it found a check
misconfigured like that.

Making it use TCP_CHECK is all well and good... until your webserver
jams up because too many clients are connected. It'll still accept
connections but will report BUSY instead of OK when a proper request is
made, but the TCP_CHECK simply completes the SYN SYN/ACK ACK three-way
handshake and then closes the connection. As long as you remember that,
you'll be OK with it.

> By the way. Now I've the problem with the alert email. Everytime I get a
> 501 Error from the smtp protocol. :)

501 means that something wasn't right in the command's arguments. You
may need to debug that further, but I'd surmise that there's a delay
before HELO/EHLO and keepalived merrily goes on without handling the
delay.

Graeme

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

graeme at graemef

Feb 18, 2008, 1:48 AM

Post #9 of 10 (409 views)
Permalink

Re: [lvs-users] keepalived [In reply to]

Hi Emiliano

On Sat, 2008-02-16 at 10:27 -0200, emiliano[at]zoioroxo.com.br wrote:
> Friends, all good. I have server with keepalived I wanted to make
> keepalived to function with a external one with I scheme internal with
> ips private
>
> KEEPALIVED IP 200.233.100.2 EXTERNAL
> 10.250.150.1 wink 2003
> 10.250.150.2 wink 2003
> 10.250.150.3 wink 2003

I'm not 100% sure what you mean.

If you mean: you'd like to use keepalived with one public virtual IP
(VIP), with three private realservers behind it, that's possible.

If you meant something else, please let us know.

Graeme

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

achapela.rexistros at gmail

Feb 18, 2008, 1:59 AM

Post #10 of 10 (395 views)
Permalink

Re: [lvs-users] keepalived [In reply to]

emiliano[at]zoioroxo.com.br escribi�:
> Friends, all good. I have server with keepalived I wanted to make
> keepalived to function with a external one with I scheme internal with
> ips private
>
> KEEPALIVED IP 200.233.100.2 EXTERNAL
> 10.250.150.1 wink 2003
> 10.250.150.2 wink 2003
> 10.250.150.3 wink 2003
>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
> Send requests to lvs-users-request[at]LinuxVirtualServer.org
> or go to http://lists.graemef.net/mailman/listinfo/lvs-user
What do you want ?? A configuration ??

If you want one IP external and three internal servers, it is possible
to do with keepalived.

I recommend you to read this http://www.keepalived.org/documentation.html

Best regards

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact lists@gossamer-threads.com