Login | Register For Free | Help	Search this list this category for: (Advanced)

Mailing List Archive: Linux Virtual Server: Users [lvs-users] Standby node in HA connects to its lo:0's instead of the lived server's VIP (CentOS 5)   Index | Next | Previous | View Flat

midair77 at gmail Mar 21, 2008, 5:11 PM Views: 399 Permalink [lvs-users] Standby node in HA connects to its lo:0's instead of the lived server's VIP (CentOS 5) Dear all. I tried to implement HA with 2 CentOS 5 servers (OpenLDAP) using LVS (Ultramonkey). At this point, I have a weird problem that when I was in the hot _standby_ real server and tried to ssh to the VIP using the VIP address, I actually ended up in the same server instead of the lived _real_ server. This caused problems because my OpenLdap slave server needs to be able to connect to the master server (lived server) to replicate but right now the slave server (hot _standby_) keeps connecting to itself. The whole things got complicated because of SSL/TLS certificates. This _standby_ server needs to connect to the VIP address that the master server uses to connect with start_tls thingy. I have set up /etc/hosts, arptables, /etc/sysctl.conf, /etc/sysconfig/network-scripts/ifcfg-lo and I can not think of a way to do anything else but removing the lo:0. My slave server was able to replicate and connect to the master server ASAP I removed VIP - lo:0 and restarted lo. Hosts on my LAN sshed to the VIP and got in the server (master) correctly when both servers are up. Here are the contents of these files: #/etc/hosts 127.0.0.1 localhost.localdomain localhost #VIP 192.168.10.15 red.mynetwork.com red #REAL servers 192.168.0.16 blue.mynetwork.com blue 192.168.0.14 green.mynetwork.com green #/etc/sysctl.conf net.ipv4.ip_forward = 1 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 net.ipv4.conf.eth0.arp_ignore = 1 net.ipv4.conf.eth0.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 net.ipv4.vs.expire_quiescent_template=1 #Centos's kernel seems not to have these #net.ipv4.conf.all.hidden = 1 #net.ipv4.conf.lo.hidden = 1 #/etc/sysconfig/arptables (on green) *filter :IN ACCEPT [37:1036] :OUT ACCEPT [7:196] :FORWARD ACCEPT [0:0] [0:0] -A IN -d 192.168.0.15 -j DROP [0:0] -A OUT -s 192.168.0.15 -o eth0 -j mangle --mangle-ip-s 192.168.0.14 COMMIT #/etc/sysconfig/network-scripts/ifcfg-lo DEVICE=lo IPADDR=127.0.0.1 NETMASK=255.0.0.0 NETWORK=127.0.0.0 BROADCAST=127.255.255.255 ONBOOT=yes NAME=loopback DEVICE=lo:0 IPADDR=192.168.0.15 NETMASK=255.255.255.255 NETWORK=192.168.0.0 BROADCAST=192.168.0.255 ONBOOT=yes NAME=loopback #/etc/sysconfig/network-scripts/ifcfg-eth0 (on green) DEVICE=eth0 BOOTPROTO=none HWADDR=00:0C:29:4A:2A:93 ONBOOT=yes NETMASK=255.255.255.0 IPADDR=192.168.0.14 GATEWAY=192.168.0.1 TYPE=Ethernet USERCTL=no IPV6INIT=no PEERDNS=yes #/etc/ha.d/ha.cf debugfile /var/log/ha-debug logfile /var/log/ha-log logfacility local0 mcast eth0 225.0.0.1 694 1 0 auto_failback on node blue.mynetwork.com node green.mynetwork.com ping 192.168.0.1 respawn hacluster /usr/lib64/heartbeat/ipfail apiauth ipfail gid=haclient uid=hacluster # /etc/ha.d/haresources blue.mynetwork.com \ ldirectord::ldirectord.cf \ LVSSyncDaemonSwap::master \ IPaddr2::192.168.0.15/24/eth0/192.168.0.255 #/etc/ha.d/ldirectord.cf checktimeout=10 checkinterval=60 autoreload=yes logfile="/var/log/ldirectord.log" emailalert="mee[at]mynetwork.com" quiescent=no virtual=192.168.0.15:389 real=192.168.0.16:389 gate real=192.168.0.14:389 gate fallback=127.0.0.1:389 service=ldap scheduler="rr" protocol=tcp checktype=negotiate checkport=389 login="cn=mee,dc=mynetwork,dc=com" passwd="onepassword" request="uid=bogus,dc=mynetwork,dc=com" receive="uid=bogus,dc=mynetwork,dc=com" on green server: ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn ip addr sh 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet 192.168.0.15/32 brd 192.168.0.255 scope global lo:0 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:0c:29:4a:2a:93 brd ff:ff:ff:ff:ff:ff inet 192.168.0.14/24 brd 192.168.0.255 scope global eth0 inet6 fe80::20c:29ff:fe4a:2a93/64 scope link tentative valid_lft forever preferred_lft forever 3: sit0: <NOARP> mtu 1480 qdisc noop link/sit 0.0.0.0 brd 0.0.0.0 on blue server ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.0.15:389 rr -> 192.168.0.14:389 Route 1 0 0 -> 192.168.0.16:389 Local 1 0 0 ip addr sh 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:0c:29:7c:1f:66 brd ff:ff:ff:ff:ff:ff inet 192.168.0.16/24 brd 192.168.0.255 scope global eth0 inet 192.168.0.15/24 brd 192.168.0.255 scope global secondary eth0 inet6 fe80::20c:29ff:fe7c:1f66/64 scope link tentative valid_lft forever preferred_lft forever 3: sit0: <NOARP> mtu 1480 qdisc noop link/sit 0.0.0.0 brd 0.0.0.0 chkconfig --list | grep 3:on acpid 0:off 1:off 2:off 3:on 4:on 5:on 6:off anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off arptables_jf 0:off 1:off 2:on 3:on 4:on 5:on 6:off atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off firstboot 0:off 1:off 2:off 3:on 4:off 5:on 6:off haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off heartbeat 0:off 1:off 2:on 3:on 4:on 5:on 6:off iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off ldap 0:off 1:off 2:off 3:on 4:off 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off ntpd 0:off 1:off 2:off 3:on 4:off 5:on 6:off readahead_early 0:off 1:off 2:on 3:on 4:on 5:on 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off vmware-tools 0:off 1:off 2:on 3:on 4:off 5:on 6:off Please point me to the right direction as I run out of things to fix this to work. Thank you very much. _______________________________________________ LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org Send requests to lvs-users-request[at]LinuxVirtualServer.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users

Subject User Time [lvs-users] Standby node in HA connects to its lo:0's instead of the lived server's VIP (CentOS 5) midair77 at gmail Mar 21, 2008, 5:11 PM     Re: [lvs-users] Standby node in HA connects to its lo:0's instead of the lived server's VIP (CentOS 5) jmack at wm7d Mar 21, 2008, 5:22 PM         Re: [lvs-users] Standby node in HA connects to its lo:0's instead of the lived server's VIP (CentOS 5) midair77 at gmail Mar 21, 2008, 6:07 PM     Re: [lvs-users] Standby node in HA connects to its lo:0's instead of the lived server's VIP (CentOS 5) midair77 at gmail Mar 21, 2008, 5:33 PM     Re: [lvs-users] Standby node in HA connects to its lo:0's instead of the lived server's VIP (CentOS 5) jmack at wm7d Mar 21, 2008, 6:08 PM

Index | Next | Previous | View Flat   Linux Virtual Server     Users

Interested in having your list archived? Contact lists@gossamer-threads.com
 

Web Applications & Managed Hosting Powered by Gossamer Threads Inc.