Mailing List Archive: Linux Virtual Server: Users

[lvs-users] Setting Up LVS

Index | Next | Previous | View Threaded

raph at domainarena

May 6, 2008, 7:16 AM

Post #1 of 4 (520 views)
Permalink

[lvs-users] Setting Up LVS

Hi Guys,
I apologise in advance if this seems obvious to you, but this is my first
attempt at installing/configuring LVS.
I understand most of the How-To so far ! well...the theory anyway!

The confusing bit is 'where to start' really.
Here's how my home network is conf'ed:
Cable modem --> Debian etch box setup as a gateway (2NICs: eth0 dhcp, eth1 =
10.1.1.1) --> switch --> workstation 1 (.200)
==> Workstation2 (.201)
==> Workstation 3 (.202)
==> ...etc
==> Server1 (.205)
==> Server2 (.206)
==> Server3 (.207)
==> Server4 (.208)
Now i understand that this is more than enough to test LVS.
What i intend to do is use Server1 as the director and server2,3,4 as the
realservers.
In terms of forwarding type i assume LVS-NAT is probably the easiest/more
convenient with regards to my systems.
I will install a bare install of Debian etch on all 4 servers (1dir +
3realservers).
As i understand it, the latest kernel used by Debian supports ipvs.

What i want to achieve at first is a very simple highly available cluster
serving one website (HTTP).
Ie: browse to a website, see which node i'm connected to, unplug the node
and see if i can still see the website.

I hope this is enough info for you to picture what i have and where i want
to go :-)

Here are a few questions to put me in the right direction if you don't mind
(it's more logistical than technical stuff really...)

Can you confirm that i should follow these steps in order:
1- Build the machines with completely bare OS installs
2- Configure the director
3- Configure each realserver

One thing i'm not sure of is: if the 2.6 kernel is already patched to
support ipvs, do i simply need to install ipvsadm (i checked and there's a
ready made deb package for it) to manage ipvs? No silly kernel recompile to
do?
Also, since i'm gonna go for a LVS-NAT forwarding method i understand i
won't have to deal with the arp issue. Is that right?

In the above setup, can i use my debian gateway server as the client to test
from ? I'm not too familiar with routing stuff or iptables rules and am a
bit worried that my lack of knowledge in this domain will screw my tests if
i try to test from an outside client.

Now a quick couple of questions about the configure script and other tools
provided in the howto:
I want to start with one director only (for simplicity...since i'm a noob),
but my ultimate challenge will be to implement this at work with a fully
resilient solution (2 directors failover). Is it easy to just add a director
to the equation in the future? Do you recommend UltraMonkey? Or am i going
to over complicate things with that?

I'm a bit worried that the quite is really old and that some new config
scripts (that would make my experience much easier) are out there and i
don't know about them :-). Any advice/scripts would be much appreciated!

Anyway,
Thanks a gazillion for your precious time.
Looking forward to reading you on the list.
Raph

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

kees at tweakers

May 6, 2008, 7:27 AM

Post #2 of 4 (505 views)
Permalink

Re: [lvs-users] Setting Up LVS [In reply to]

> -----Original Message-----
> Here are a few questions to put me in the right direction if you don't
> mind
> (it's more logistical than technical stuff really...)
>
> Can you confirm that i should follow these steps in order:
> 1- Build the machines with completely bare OS installs
> 2- Configure the director
> 3- Configure each realserver
Doesn't really matter in which order you do it, but ye, you need
realservers, and you need a director. Only thing to 'configure' on the
realservers (if you use them in LVS nat) is to use the director as gateway,
and have an 'internal' network.

> One thing i'm not sure of is: if the 2.6 kernel is already patched to
> support ipvs, do i simply need to install ipvsadm (i checked and
If you use debian, it is simply 'apt-get install ipvsadm iptables' on the
director and you have all you need

> Also, since i'm gonna go for a LVS-NAT forwarding method i understand i
> won't have to deal with the arp issue. Is that right?
Unless you want to failover the director.

> In the above setup, can i use my debian gateway server as the client to
> test
> from ? I'm not too familiar with routing stuff or iptables rules and am
> a
> bit worried that my lack of knowledge in this domain will screw my
> tests if
> i try to test from an outside client.
As long as the realservers are on a seperate internal network it should not
be a problem.
If you do a request from .1 to .205 which gets handled by .206 than .206
will try to reply to .1, but .1 never requested anything from .206, so the
connection will fail.

What you need to do is give server1 another IP/network beside .205, lets say
192.168.1.1 (eth0:I or some alias if you do not have enough network cards),
and give the realservers only an 192.168.1.x IP and have them use
192.168.1.1 as gateway.

Anyway, by far the best way to learn IPVS is to just do it and test it. If
you use VM's or a some testservers you cannot go wrong. And read up on
iptables / ipvsadm, and just test :)

-kees

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

raph at domainarena

May 6, 2008, 7:41 AM

Post #3 of 4 (489 views)
Permalink

Re: [lvs-users] Setting Up LVS [In reply to]

> -----Original Message-----
> Here are a few questions to put me in the right direction if you don't
> mind
> (it's more logistical than technical stuff really...)
>
> Can you confirm that i should follow these steps in order:
> 1- Build the machines with completely bare OS installs
> 2- Configure the director
> 3- Configure each realserver
Doesn't really matter in which order you do it, but ye, you need
realservers, and you need a director. Only thing to 'configure' on the
realservers (if you use them in LVS nat) is to use the director as gateway,
and have an 'internal' network.

> One thing i'm not sure of is: if the 2.6 kernel is already patched to
> support ipvs, do i simply need to install ipvsadm (i checked and
If you use debian, it is simply 'apt-get install ipvsadm iptables' on the
director and you have all you need

> Also, since i'm gonna go for a LVS-NAT forwarding method i understand i
> won't have to deal with the arp issue. Is that right?
Unless you want to failover the director.

> In the above setup, can i use my debian gateway server as the client to
> test
> from ? I'm not too familiar with routing stuff or iptables rules and am
> a
> bit worried that my lack of knowledge in this domain will screw my
> tests if
> i try to test from an outside client.
As long as the realservers are on a seperate internal network it should not
be a problem.
If you do a request from .1 to .205 which gets handled by .206 than .206
will try to reply to .1, but .1 never requested anything from .206, so the
connection will fail.

What you need to do is give server1 another IP/network beside .205, lets say
192.168.1.1 (eth0:I or some alias if you do not have enough network cards),
and give the realservers only an 192.168.1.x IP and have them use
192.168.1.1 as gateway.

Anyway, by far the best way to learn IPVS is to just do it and test it.
That's right! Just wanted to start on the right path that's all ;)

If you use VM's or a some testservers you cannot go wrong. And read up on
iptables / ipvsadm, and just test :)
iptables is scary but i guess i'll have to read about it at some point or
another!

Anyway, thanks a lot Kees. Very useful information. I'm sure i won't get it
right the first time so you might hear from me again hehe.

___________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

graeme at graemef

May 14, 2008, 4:08 AM

Post #4 of 4 (444 views)
Permalink

Re: [lvs-users] Setting Up LVS [In reply to]

Hi Raph

On Tue, 2008-05-06 at 15:16 +0100, Raphael Gangneux wrote:
> I apologise in advance if this seems obvious to you, but this is my first
> attempt at installing/configuring LVS.

My advice is: keep it simple, and build from that.

Get yourself one director and one realserver. Make sure that you can do
the ipvsadm stuff *by hand* on the director before moving towards
keepalived, ldirectord, heartbeat, mon, ultramonkey et al to produce a
fully load-balanced+HA solution.

Remember the following general points:

1. The realservers can't be clients of the LVS.
2. The director can't be a client of the LVS.
3. Any clients *should* - unless you have a very specific need otherwise
- be on a different IP subnet to your realservers, ideally on a
different LAN segment.

The first two points are very specific, and complex to work around.

The third one is a generalisation applicable to LVS-NAT and can be
worked around by forcing them to only talk via the director.

How have you got on so far?

Graeme

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact lists@gossamer-threads.com