[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-virtual-server
Subject: Re: Keepalived VRRP help
From: Alexandre Cassen <Alexandre.Cassen () wanadoo ! fr>
Date: 2002-01-30 20:33:46
[Download RAW message or body]
Hi Victor,
>Hi. I couldn't find keepalived mailinglist for general questions so I
>thought maybe I could post here.
>I am trying to set up keepalived failover on two directors. I am a bit
>confused by the vocabulary in the VRRP section of the config.
>
>1. Does each director in keepalived cluster need to have it's own config
>file or can they share one file that is synced?
Have you red the UserGuide.pdf ? the last part explain the typical config
Each director run keepalived with the same configuration file. The only
difference reside in the VRRP instance. For example :
1. On director 1
vrrp_instance D1 {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type AH
auth_pass TEST
}
virtual_ipaddress {
10.0.0.110
}
}
vrrp_instance D2 {
state BACKUP
interface eth0
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type AH
auth_pass TEST
}
virtual_ipaddress {
10.0.0.111 <= IP must be different...
}
}
2. On director 2
vrrp_instance D1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type AH
auth_pass TEST
}
virtual_ipaddress {
10.0.0.110
}
}
vrrp_instance D2 {
state MASTER
interface eth0
virtual_router_id 52
priority 150
advert_int 1
authentication {
auth_type AH
auth_pass TEST
}
virtual_ipaddress {
10.0.0.111
}
}
=> Using this config you will have a active/active setup on your both
director on device eth0
=> You have 2 VRRP VIPs 10.0.0.110 & 10.0.0.111 that you will use for your
LVS VIP (virtual_server)
=> This a symetric configuration so you need one file on each director (not
1 file shared for 2 directors)
>2. How would I set up an active/passive setup with two examples below? I
>have two directors with one ethernet card in each. They loadbalance
>10.0.0.110:80.
1. On director 1
vrrp_instance D1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type AH
auth_pass TEST
}
virtual_ipaddress {
10.0.0.110
}
}
2. On director 2
vrrp_instance D1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type AH
auth_pass TEST
}
virtual_ipaddress {
10.0.0.110
}
}
=> active/passive configuration
=> VRRP VIP is 10.0.0.110 usable as LVS VIP
>Perhaps as a test, would be interesting to do an active/active setup
>loadbalancing two addresses (.110 and 111, where one goes to first web group
>and .111 to another, but making sure that each one covers the other one).
=> yes, my sample ... But I have to warn that synchronization instance must
be considered as beta version. But in a DR env you do not need this
functionnality (only for LVS NAT)
>3. VRRP Section: Is virtual_ipaddress the VIP? or is it the DIP? How do I
>assign the vrrp_instance to a specific Director? or is each director
>supposed to have a sep file? I looked at the
>http://keepalived.sourceforge.net/pdf/LVS-HA-using-VRRPv2.pdf but it seemed
>to use two interfaces and to be honest, I didn't really grasp exactly what
>was going on there.
Yes, you define your VRRP topology defining VRRP VIPs, those VIP can be
used to your LVS topology description. In your case you can define :
virtual_server 10.0.0.110 80 {
....
}
>http://keepalived.sourceforge.net/pdf/UserGuide.pdf (the last page)
>We have 4 VIP's, [192.168.1.10 -- 192.168.1.10.13]
>
>.10 and .11 -> .10 (mapped using sync ?)
>.12 and .13 -> .11 (mapped using sync ?)
Sync is used for NATed LVS : when you define VRRP instance on different
device interface. For example eth0 & eth1. the sync_instance garantee that
2 VRRP instance synchronized on a director stay in the same state. If
takeover on VRRP instance on eth0 the syn_instance defined on eth1 will
follow the takeover.
>Why do we need .13? Also, that means the client is supposed to connect to
>(.10,.11,.12,.13) ? How would this be done? Woul a domain have to be define
>with DNS rr setup pointing to multiple IPs?
Yes this sample setup,
1. On eth0 : we define VI_1(.100.10 & .100.11) active on one director and
VI_3(.100.12 & .100.13) active on the other
2. On eth1 : we define VI_2(.200.10) active on one director and
VI_4(.200.11) active on the other
Then because we use NAT routing path for VI_1 & VI_2 must be preserved (the
same for VI_3 & VI_4), this is why we use sync_instance.
If VI_1 then VI_1 VIPs are taked over on other director, and according to
sync_instance algo, VI_2 will be taked oved on director too, that will own
the 4 VRRP VIPs...
No DNS rr, one VIP can be used for WWW, other for SMTP, other for SSL, ...
>Ok, this is the data for question (2) What I want is to setup two directors,
>one active one passive for a VIP 10.0.0.110:
>
>DIP1: 10.0.0.249
>DIP2: 10.0.0.250
> VIP: 10.0.0.110
>RIP1: 10.0.0.5
>
>VIP interface is on eth0:110
>DIP interface is on eth0
>
>vrrp_instance D1 {
> state MASTER
> interface eth0
> virtual_router_id 51
> priority 100
> advert_int 1
> authentication {
> auth_type AH
> auth_pass TEST
> }
> virtual_ipaddress {
> 10.0.0.110
> }
>}
>
>vrrp_instance D2 {
> state BACKUP
> interface eth0
> virtual_router_id 52
> priority 100
> advert_int 1
> authentication {
> auth_type AH
> auth_pass TEST
> }
> virtual_ipaddress {
> 10.0.0.110
> }
>}
>
>What I don't understand is where is the binding that D2 goes to Secondary
>Director and D1 goes to Primary director? Or is that done by having multiple
>config files: one for D1 and one for D2?
According to the VRRP state declaration => If VRRP instance is configured
as MASTER then the VRRP VIPs will be owned by this director (on the other
director the state must be BACKUP otherwise there will be an forced master
election).
>(I am using the dr method)
>
>virtual_server 10.0.10.110 80 {
> delay_loop 6
> lb_algo rr
> lb_kind DR
> persistence_timeout 50
> protocol TCP
>
> real_server 10.0.0.5 80 {
> weight 1
> HTTP_GET {
> url {
> path /
> digest 2psb62f60cf378tad80336a8c362596a
> }
> connect_timeout 3
> nb_get_retry 3
> delay_before_retry 3
> }
> }
>}
Best regards,
Alexandre
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://www.in-addr.de/mailman/listinfo/lvs-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic