Professional Documents
Culture Documents
Legal Notice
Co pyright 20 15 Red Hat, Inc.
This do cument is licensed by Red Hat under the Creative Co mmo ns Attributio n-ShareAlike 3.0
Unpo rted License. If yo u distribute this do cument, o r a mo dified versio n o f it, yo u must pro vide
attributio n to Red Hat, Inc. and pro vide a link to the o riginal. If the do cument is mo dified, all Red
Hat trademarks must be remo ved.
Red Hat, as the licenso r o f this do cument, waives the right to enfo rce, and agrees no t to assert,
Sectio n 4 d o f CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shado wman lo go , JBo ss, MetaMatrix, Fedo ra, the Infinity
Lo go , and RHCE are trademarks o f Red Hat, Inc., registered in the United States and o ther
co untries.
Linux is the registered trademark o f Linus To rvalds in the United States and o ther co untries.
Java is a registered trademark o f Oracle and/o r its affiliates.
XFS is a trademark o f Silico n Graphics Internatio nal Co rp. o r its subsidiaries in the United
States and/o r o ther co untries.
MySQL is a registered trademark o f MySQL AB in the United States, the Euro pean Unio n and
o ther co untries.
No de.js is an o fficial trademark o f Jo yent. Red Hat So ftware Co llectio ns is no t fo rmally
related to o r endo rsed by the o fficial Jo yent No de.js o pen so urce o r co mmercial pro ject.
The OpenStack Wo rd Mark and OpenStack Lo go are either registered trademarks/service
marks o r trademarks/service marks o f the OpenStack Fo undatio n, in the United States and o ther
co untries and are used with the OpenStack Fo undatio n's permissio n. We are no t affiliated with,
endo rsed o r spo nso red by the OpenStack Fo undatio n, o r the OpenStack co mmunity.
All o ther trademarks are the pro perty o f their respective o wners.
Abstract
Building a Lo ad Balancer Add-On system o ffers a highly available and scalable so lutio n fo r
pro ductio n services using specialized Linux Virtual Servers (LVS) fo r ro uting and lo adbalancing techniques. This bo o k discusses the co nfiguratio n o f high-perfo rmance systems and
services with Red Hat Enterprise Linux and the Lo ad Balancer Add-On fo r Red Hat Enterprise
Linux 6 .
T able of Contents
I.nt
. .roduct
. . . . . .ion
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3. . . . . . . . . .
1. Do c ument Co nventio ns
3
1.1. Typ o g rap hic Co nventio ns
4
1.2. Pull-q uo te Co nventio ns
5
1.3. No tes and Warning s
6
2 . Feed b ac k
6
. .hapt
C
. . . .er
. .1. .. .Load
. . . . Balancer
. . . . . . . . .Add. . . .O. n
. .O
. .verview
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7. . . . . . . . . .
1.1. A Bas ic Lo ad Balanc er Ad d -O n Co nfig uratio n
7
1.1.1. Data Rep lic atio n and Data Sharing Between Real Servers
9
1.1.1.1. Co nfig uring Real Servers to Sync hro niz e Data
9
1.2. A Three-Tier Lo ad Balanc er Ad d -O n Co nfig uratio n
9
1.3. Lo ad Balanc er Ad d -O n Sc hed uling O verview
10
1.3.1. Sc hed uling Alg o rithms
1.3.2. Server Weig ht and Sc hed uling
1.4. Ro uting Metho d s
1.4.1. NAT Ro uting
1.4.2. Direc t Ro uting
1.4.2.1. Direc t Ro uting and the ARP Limitatio n
1.5. Pers is tenc e and Firewall Marks
1.5.1. Pers is tenc e
1.5.2. Firewall Marks
1.6 . Lo ad Balanc er Ad d -O n A Blo c k Diag ram
1.6 .1. Lo ad Balanc er Ad d -O n Co mp o nents
1.6 .1.1. p uls e
1.6 .1.2. lvs
1.6 .1.3. ip vs ad m
1.6 .1.4. nanny
1.6 .1.5. /etc /s ys c o nfig /ha/lvs .c f
1.6 .1.6 . Piranha Co nfig uratio n To o l
1.6 .1.7. s end _arp
11
12
13
13
14
15
15
15
16
16
17
18
18
18
18
18
18
18
. .hapt
C
. . . .er
. .2. .. Init
. . . ial
. . .Load
. . . . Balancer
. . . . . . . . .Add. . . .O. n
. . Configurat
. . . . . . . . . .ion
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 9. . . . . . . . . .
2 .1. Co nfig uring Servic es o n the LVS Ro uter
19
2 .2. Setting a Pas s wo rd fo r the Piranha Co nfig uratio n To o l
2 .3. Starting the Piranha Co nfig uratio n To o l Servic e
2 .3.1. Co nfig uring the Piranha Co nfig uratio n To o l Web Server Po rt
2 .4. Limiting Ac c es s To the Piranha Co nfig uratio n To o l
2 .5. Turning o n Pac ket Fo rward ing
2 .6 . Co nfig uring Servic es o n the Real Servers
20
20
21
21
22
22
. .hapt
C
. . . .er
. .3.
. .Set
. . .t.ing
. . . Up
. . . Load
. . . . .Balancer
. . . . . . . . Add....O
. .n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2. 3. . . . . . . . . .
3 .1. The NAT Lo ad Balanc er Ad d -O n Netwo rk
23
3 .1.1. Co nfig uring Netwo rk Interfac es fo r Lo ad Balanc er Ad d -O n with NAT
23
3 .1.2. Ro uting o n the Real Servers
24
3 .1.3. Enab ling NAT Ro uting o n the LVS Ro uters
25
3 .2. Lo ad Balanc er Ad d -O n via Direc t Ro uting
26
3 .2.1. Direc t Ro uting and arp tab les _jf
27
3 .2.2. Direc t Ro uting and ip tab les
28
3 .3. Putting the Co nfig uratio n To g ether
28
3 .3.1. G eneral Lo ad Balanc er Ad d -O n Netwo rking Tip s
29
3 .3.1.1. Tro ub les ho o ting Virtual IP Ad d res s Is s ues
30
3 .4. Multi-p o rt Servic es and Lo ad Balanc er Ad d -O n
30
30
30
31
31
32
32
32
33
34
. .hapt
C
. . . .er
. .4. .. Configuring
. . . . . . . . . . . t.he
. . .Load
. . . . Balancer
. . . . . . . . .Add. . . .O. n
. . wit
. . .h. Piranha
. . . . . . . .Configurat
. . . . . . . . . ion
...T
. .ool
. . . . . . . . . . . . . 35
...........
4 .1. Nec es s ary So ftware
35
4 .2. Lo g g ing Into the Piranha Co nfig uratio n To o l
35
4 .3. CO NTRO L/MO NITO RING
36
4 .4. G LO BAL SETTING S
38
4 .5. REDUNDANCY
40
4 .6 . VIRTUAL SERVERS
42
4 .6 .1. The VIRTUAL SERVER Sub s ec tio n
43
4 .6 .2. REAL SERVER Sub s ec tio n
46
.6 .3. EDIT MO NITO RING SCRIPTS Sub s ec tio n
4
4 .7. Sync hro niz ing Co nfig uratio n Files
4 .7.1. Sync hro niz ing lvs .c f
4 .7.2. Sync hro niz ing s ys c tl
4 .7.3. Sync hro niz ing Netwo rk Pac ket Filtering Rules
4 .8 . Starting the Lo ad Balanc er Ad d -O n
49
51
51
52
52
52
. .ppendix
A
. . . . . . . A.
. . Using
. . . . . . t.he
. . .Load
. . . . Balancer
. . . . . . . . .Add. . . .O. n
. . wit
. . .h. t. he
. . .High
. . . . .Availabilit
. . . . . . . . y. .Add. . . .O
. .n. . . . . . . . . . . . . . 54
...........
. .ppendix
A
. . . . . . . B.
. . .Revision
. . . . . . . .Hist
. . . ory
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
...........
I.ndex
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
...........
Introduction
This document provides information about installing, configuring, and managing the Load Balancer
Add-On components. The Load Balancer Add-On provides load balancing through specialized
routing techniques that dispatch traffic to a pool of servers.
The audience of this document should have advanced working knowledge of Red Hat Enterprise
Linux and understand the concepts of clusters, storage, and server computing.
This document is organized as follows:
Chapter 1, Load Balancer Add-On Overview
Chapter 2, Initial Load Balancer Add-On Configuration
Chapter 3, Setting Up Load Balancer Add-On
Chapter 4, Configuring the Load Balancer Add-On with Piranha Configuration Tool
Appendix A, Using the Load Balancer Add-On with the High Availability Add-On
For more information about Red Hat Enterprise Linux 6, refer to the following resources:
Red Hat Enterprise Linux Installation Guide Provides information regarding installation of Red Hat
Enterprise Linux 6.
Red Hat Enterprise Linux Deployment Guide Provides information regarding the deployment,
configuration and administration of Red Hat Enterprise Linux 6.
For more information about the Load Balancer Add-On and related products for Red Hat Enterprise
Linux 6, refer to the following resources:
High Availability Add-On Overview Provides a high-level overview of the High Availability Add-On,
Resilient Storage Add-On, and the Load Balancer Add-On.
Configuring and Managing the High Availability Add-On Provides information about configuring and
managing the High Availability Add-On (also known as Red Hat Cluster) for Red Hat Enterprise
Linux 6.
Logical Volume Manager Administration Provides a description of the Logical Volume Manager
(LVM), including information on running LVM in a clustered environment.
Global File System 2: Configuration and Administration Provides information about installing,
configuring, and maintaining the Red Hat Resilient Storage Add-On (also known as Red Hat
Global File System 2).
DM Multipath Provides information about using the D evice-Mapper Multipath feature of Red Hat
Enterprise Linux 6.
Release Notes Provides information about the current release of Red Hat products.
This document and other Red Hat documents are available in HTML, PD F, and EPUB versions online
at http://access.redhat.com/documentation/docs.
Whether mono-spaced bold or proportional bold, the addition of italics indicates replaceable or
variable text. Italics denotes text you do not input literally or displayed text that changes depending
on circumstance. For example:
To connect to a remote machine using ssh, type ssh username@ domain.name at a
shell prompt. If the remote machine is exampl e. co m and your username on that
machine is john, type ssh jo hn@ exampl e. co m.
The mo unt -o remo unt file-system command remounts the named file system.
For example, to remount the /ho me file system, the command is mo unt -o remo unt
/ho me.
To see the version of a currently installed package, use the rpm -q package
command. It will return a result as follows: package-version-release.
Note the words in bold italics above: username, domain.name, file-system, package, version and
release. Each word is a placeholder, either for text you enter when issuing a command or for text
displayed by the system.
Aside from standard usage for presenting the title of a work, italics denotes the first use of a new and
important term. For example:
Publican is a DocBook publishing system.
Desktop
Desktop1
photos
scripts
stuff
svgs
svn
Source-code listings are also set in mo no -spaced ro man but add syntax highlighting as follows:
static int kvm_vm_ioctl_deassign_device(struct kvm *kvm,
struct kvm_assigned_pci_dev *assigned_dev)
{
int r = 0;
struct kvm_assigned_dev_kernel *match;
mutex_lock(& kvm->lock);
match = kvm_find_assigned_dev(& kvm->arch.assigned_dev_head,
assigned_dev->assigned_dev_id);
if (!match) {
printk(KERN_INFO "%s: device hasn't been assigned
before, "
"so cannot be deassigned\n", __func__);
r = -EINVAL;
goto out;
}
kvm_deassign_device(kvm, match);
kvm_free_assigned_device(kvm, match);
out:
mutex_unlock(& kvm->lock);
return r;
}
Note
Notes are tips, shortcuts or alternative approaches to the task at hand. Ignoring a note should
have no negative consequences, but you might miss out on a trick that makes your life easier.
Important
Important boxes detail things that are easily missed: configuration changes that only apply to
the current session, or services that need restarting before an update will apply. Ignoring a
box labeled Important will not cause data loss but may cause irritation and frustration.
Warning
Warnings should not be ignored. Ignoring warnings will most likely cause data loss.
2. Feedback
If you spot a typo, or if you have thought of a way to make this manual better, we would love to hear
from you. Please submit a report in Bugzilla (http://bugzilla.redhat.com/bugzilla/) against the Product
R ed H at En t erp rise Lin u x 6 and the component d o c- Lo ad _B alan cer_Ad min ist rat io n .
If you have a suggestion for improving the documentation, try to be as specific as possible. If you
have found an error, please include the section number and some of the surrounding text so we can
find it easily.
interval, it initiates a failover and assumes the role of the active router. D uring failover, the backup
router takes over the VIP addresses serviced by the failed router using a technique known as ARP
spoofing where the backup LVS router announces itself as the destination for IP packets addressed
to the failed node. When the failed node returns to active service, the backup node assumes its hotbackup role again.
The simple, two-layered configuration used in Figure 1.1, A Basic Load Balancer Add-On
Configuration is best for serving data which does not change very frequently such as static
webpages because the individual real servers do not automatically sync data between each node.
1.1.1. Dat a Replicat ion and Dat a Sharing Bet ween Real Servers
Since there is no built-in component in Load Balancer Add-On to share the same data between the
real servers, the administrator has two basic options:
Synchronize the data across the real server pool
Add a third layer to the topology for shared data access
The first option is preferred for servers that do not allow large numbers of users to upload or change
data on the real servers. If the configuration allows large numbers of users to modify data, such as
an e-commerce website, adding a third layer is preferable.
10
balancing on the real server pool. This flexibility is due to the variety of scheduling algorithms an
administrator can choose from when configuring Load Balancer Add-On. Load Balancer Add-On
load balancing is superior to less flexible methods, such as Round-Robin DNS where the hierarchical
nature of D NS and the caching by client machines can lead to load imbalances. Additionally, the
low-level filtering employed by the LVS router has advantages over application-level request
forwarding because balancing loads at the network packet level causes minimal computational
overhead and allows for greater scalability.
Using scheduling, the active router can take into account the real servers' activity and, optionally, an
administrator-assigned weight factor when routing service requests. Using assigned weights gives
arbitrary priorities to individual machines. Using this form of scheduling, it is possible to create a
group of real servers using a variety of hardware and software combinations and the active router
can evenly load each real server.
The scheduling mechanism for Load Balancer Add-On is provided by a collection of kernel patches
called IP Virtual Server or IPVS modules. These modules enable layer 4 (L4) transport layer switching,
which is designed to work well with multiple servers on a single IP address.
To track and route packets to the real servers efficiently, IPVS builds an IPVS table in the kernel. This
table is used by the active LVS router to redirect requests from a virtual server address to and
returning from real servers in the pool. The IPVS table is constantly updated by a utility called
ipvsadm adding and removing cluster members depending on their availability.
11
12
13
The real server then processes the request and returns the packets to the LVS router which uses
network address translation to replace the address of the real server in the packets with the LVS
router's public VIP address. This process is called IP masquerading because the actual IP addresses
of the real servers is hidden from the requesting clients.
Using this NAT routing, the real servers may be any kind of machine running various operating
systems. The main disadvantage is that the LVS router may become a bottleneck in large cluster
deployments because it must process outgoing as well as incoming requests.
The i pvs modules utilize their own internal NAT routines that are independent of iptables and
ip6tables NAT. This will facilitate both ipv4 and ipv6 NAT when the real server is configured for NAT
as opposed to D R in the /etc/keepal i ved /keepal i ved . co nf file.
14
15
On remembers the last connection for a specified period of time. If that same client IP address
connects again within that period, it is sent to the same server it connected to previously
bypassing the load-balancing mechanisms. When a connection occurs outside the time window, it is
handled according to the scheduling rules in place.
Persistence also allows the administrator to specify a subnet mask to apply to the client IP address
test to control which addresses have a higher level of persistence, thereby grouping connections to
that subnet.
Grouping connections destined for different ports can be important for protocols which use more
than one port to communicate, such as FTP. However, persistence is not the most efficient way to
deal with the problem of grouping together connections destined for different ports. For these
situations, it is best to use firewall marks.
16
17
1 .6 .1 .1 . pul se
This is the controlling process which starts all other daemons related to LVS routers. At boot time, the
daemon is started by the /etc/rc. d /i ni t. d /pul se script. It then reads the configuration file
/etc/sysco nfi g /ha/l vs. cf. On the active router, pul se starts the LVS daemon. On the backup
router, pul se determines the health of the active router by executing a simple heartbeat at a userconfigurable interval. If the active router fails to respond after a user-configurable interval, it initiates
failover. D uring failover, pul se on the backup router instructs the pul se daemon on the active
router to shut down all LVS services, starts the send _arp program to reassign the floating IP
addresses to the backup router's MAC address, and starts the l vs daemon.
1 .6 .1 .2 . l vs
The l vs daemon runs on the active LVS router once called by pul se. It reads the configuration file
/etc/sysco nfi g /ha/l vs. cf, calls the i pvsad m utility to build and maintain the IPVS routing
table, and assigns a nanny process for each configured Load Balancer Add-On service. If nanny
reports a real server is down, l vs instructs the i pvsad m utility to remove the real server from the
IPVS routing table.
1 .6 .1 .3. i pvsad m
This service updates the IPVS routing table in the kernel. The l vs daemon sets up and administers
Load Balancer Add-On by calling i pvsad m to add, change, or delete entries in the IPVS routing
table.
1 .6 .1 .4 . nanny
The nanny monitoring daemon runs on the active LVS router. Through this daemon, the active router
determines the health of each real server and, optionally, monitors its workload. A separate process
runs for each service defined on each real server.
1 .6 .1 .6 . Piranha Co nfigurat io n T o o l
This is the Web-based tool for monitoring, configuring, and administering Load Balancer Add-On.
This is the default tool to maintain the /etc/sysco nfi g /ha/l vs. cf Load Balancer Add-On
configuration file.
1 .6 .1 .7 . send _arp
This program sends out ARP broadcasts when the floating IP address changes from one node to
another during failover.
Chapter 2, Initial Load Balancer Add-On Configuration reviews important post-installation configuration
steps you should take before configuring Red Hat Enterprise Linux to be an LVS router.
18
Note
The LVS router node that becomes the active node once Load Balancer Add-On is started is
also referred to as the primary node. When configuring Load Balancer Add-On, use the
Piran h a C o n f ig u rat io n T o o l on the primary node.
Note
To attain root access, open a shell prompt and use the su - command followed by the root
password. For example:
$ su Password: root password
On the LVS router, there are three services which need to be set to activate at boot time:
The pi ranha-g ui service (primary node only)
The pul se service
The sshd service
If you are clustering multi-port services or using firewall marks, you must also enable the i ptabl es
service.
It is best to set these services to activate in both runlevel 3 and runlevel 5. To accomplish this using
chkco nfi g , type the following command for each service:
/sbi n/chkco nfi g --l evel 35 daemon o n
In the above command, replace daemon with the name of the service you are activating. To get a list
of services on the system as well as what runlevel they are set to activate on, issue the following
command:
/sbi n/chkco nfi g --l i st
19
Warning
Turning any of the above services on using chkco nfi g does not actually start the daemon.
To do this use the /sbi n/servi ce command. See Section 2.3, Starting the Piran h a
C o n f ig u rat io n T o o l Service for an example of how to use the /sbi n/servi ce command.
Warning
For a password to be more secure, it should not contain proper nouns, commonly used
acronyms, or words in a dictionary from any language. D o not leave the password
unencrypted anywhere on the system.
If the password is changed during an active Piran h a C o n f ig u rat io n T o o l session, the
administrator is prompted to provide the new password.
20
Warning
If the command /sbi n/servi ce httpd sto p or /sbi n/servi ce httpd restart is
issued on an LVS router, you must start the pi ranha-g ui service by issuing the following
command:
/sbi n/servi ce pi ranha-g ui start
The pi ranha-g ui service is all that is necessary to begin configuring Load Balancer Add-On.
However, if you are configuring Load Balancer Add-On remotely, the sshd service is also required.
You do not need to start the pul se service until configuration using the Piran h a C o n f ig u rat io n
T o o l is complete. See Section 4.8, Starting the Load Balancer Add-On for information on starting
the pul se service.
21
Order deny,allow
Deny from all
Allow from 127.0.0.1
You can also allow specific hosts or subnets as seen in this example:
Order deny,allow
Deny from all
Allow from 192.168.1.100
Allow from 172.16.57
In this example, only Web browsers from the machine with the IP address of 192.168.1.100 and
machines on the 172.16.57/24 network can access the Piran h a C o n f ig u rat io n T o o l.
Warning
Editing the Piran h a C o n f ig u rat io n T o o l . htaccess file limits access to the configuration
pages in the /etc/sysco nfi g /ha/web/secure/ directory but not to the login and the help
pages in /etc/sysco nfi g /ha/web/. To limit access to this directory, create a . htaccess
file in the /etc/sysco nfi g /ha/web/ directory with o rd er, al l o w, and d eny lines identical
to /etc/sysco nfi g /ha/web/secure/. htaccess.
22
3.1.1. Configuring Net work Int erfaces for Load Balancer Add-On wit h NAT
To set up Load Balancer Add-On with NAT, you must first configure the network interfaces for the
public network and the private network on the LVS routers. In this example, the LVS routers' public
interfaces (eth0 ) will be on the 192.168.26/24 network (This is not a routable IP, but assume there is
a firewall in front of the LVS router) and the private interfaces which link to the real servers (eth1) will
be on the 10.11.12/24 network.
23
Important
Note that editing of the following files pertain to the netwo rk service. The Load Balancer Addon is not compatible with the Netwo rkManag er service.
So on the active or primary LVS router node, the public interface's network script,
/etc/sysco nfi g /netwo rk-scri pts/i fcfg -eth0 , could look something like this:
DEVICE=eth0
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.26.9
NETMASK=255.255.255.0
GATEWAY=192.168.26.254
The /etc/sysco nfi g /netwo rk-scri pts/i fcfg -eth1 for the private NAT interface on the LVS
router could look something like this:
DEVICE=eth1
BOOTPROTO=static
ONBOOT=yes
IPADDR=10.11.12.9
NETMASK=255.255.255.0
In this example, the VIP for the LVS router's public interface will be 192.168.26.10 and the VIP for the
NAT or private interface will be 10.11.12.10. So, it is essential that the real servers route requests back
to the VIP for the NAT interface.
Important
The sample Ethernet interface configuration settings in this section are for the real IP
addresses of an LVS router and not the floating IP addresses. To configure the public and
private floating IP addresses the administrator should use the Piran h a C o n f ig u rat io n
T o o l, as shown in Section 4.4, G LO BAL SET T ING S and Section 4.6.1, The VIR T UAL
SER VER Subsection .
After configuring the primary LVS router node's network interfaces, configure the backup LVS router's
real network interfaces taking care that none of the IP address conflict with any other IP addresses
on the network.
Important
Be sure each interface on the backup node services the same network as the interface on
primary node. For instance, if eth0 connects to the public network on the primary node, it must
also connect to the public network on the backup node as well.
24
topology is to set the gateway for the NAT floating IP address of the LVS router. In this example, that
address is 10.11.12.10.
Note
Once the network interfaces are up on the real servers, the machines will be unable to ping or
connect in other ways to the public network. This is normal. You will, however, be able to ping
the real IP for the LVS router's private interface, in this case 10.11.12.9.
So the real server's /etc/sysco nfi g /netwo rk-scri pts/i fcfg -eth0 file could look similar to
this:
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=10.11.12.1
NETMASK=255.255.255.0
GATEWAY=10.11.12.10
Warning
If a real server has more than one network interface configured with a G AT EWAY = line, the first
one to come up will get the gateway. Therefore if both eth0 and eth1 are configured and
eth1 is used for Load Balancer Add-On, the real servers may not route requests properly.
It is best to turn off extraneous network interfaces by setting O NBO O T = no in their network
scripts within the /etc/sysco nfi g /netwo rk-scri pts/ directory or by making sure the
gateway is correctly set in the interface which comes up first.
25
Warning
D o not configure the floating IP for eth0 : 1 or eth1: 1 by manually editing network scripts or
using a network configuration tool. Instead, use the Piran h a C o n f ig u rat io n T o o l as shown
in Section 4.4, G LO BAL SET T ING S and Section 4.6.1, The VIR T UAL SER VER
Subsection .
When finished, start the pul se service as shown in Section 4.8, Starting the Load Balancer AddOn . Once pul se is up and running, the active LVS router will begin routing requests to the pool of
real servers.
Important
It is not recommended to use the LVS router as a gateway for the real servers, as that
adds unneeded setup complexity as well as network load on the LVS router, which
reintroduces the network bottleneck that exists in NAT routing.
H ard ware
The hardware requirements of an Load Balancer Add-On system using direct routing is
similar to other Load Balancer Add-On topologies. While the LVS router needs to be
running Red Hat Enterprise Linux to process the incoming requests and perform loadbalancing for the real servers, the real servers do not need to be Linux machines to function
correctly. The LVS routers need one or two NICs each (depending on if there is a back-up
router). You can use two NICs for ease of configuration and to distinctly separate traffic
incoming requests are handled by one NIC and routed packets to real servers on the other.
Since the real servers bypass the LVS router and send outgoing packets directly to a client,
a gateway to the Internet is required. For maximum performance and availability, each real
server can be connected to its own separate gateway which has its own dedicated
connection to the carrier network to which the client is connected (such as the Internet or an
intranet).
26
So f t ware
There is some configuration outside of Piran h a C o n f ig u rat io n T o o l that needs to be
done, especially for administrators facing ARP issues when using Load Balancer Add-On
via direct routing. Refer to Section 3.2.1, D irect Routing and arptabl es_jf or
Section 3.2.2, D irect Routing and i ptabl es for more information.
27
As previously noted, the virtual IP addresses can not be configured to start on boot using the
Red Hat system configuration tools. One way to work around this issue is to place these
commands in /etc/rc. d /rc. l o cal .
4. Configure Piranha for D irect Routing. Refer to Chapter 4, Configuring the Load Balancer Add-On
with Piranha Configuration Tool for more information.
28
Important
The adapter devices on the LVS routers must be configured to access the same networks. For
instance if eth0 connects to public network and eth1 connects to the private network, then
these same devices on the backup LVS router must connect to the same networks.
Also the gateway listed in the first interface to come up at boot time is added to the routing
table and subsequent gateways listed in other interfaces are ignored. This is especially
important to consider when configuring the real servers.
After physically connecting together the hardware, configure the network interfaces on the primary
and backup LVS routers. This can be done using a graphical application such as syst em- co n f ig n et wo rk or by editing the network scripts manually. For more information about adding devices
using syst em- co n f ig - n et wo rk, see the chapter titled Network Configuration in the Red Hat Enterprise
Linux Deployment Guide. For the remainder of the chapter, example alterations to network interfaces
are made either manually or through the Piran h a C o n f ig u rat io n T o o l.
Warning
D o not use the i fup scripts to bring up any floating IP addresses you may configure
using Piran h a C o n f ig u rat io n T o o l (eth0 : 1 or eth1: 1). Use the servi ce
command to start pul se instead (see Section 4.8, Starting the Load Balancer AddOn for details).
B rin g in g D o wn R eal N et wo rk In t erf aces
To bring down a real network interface, use the following command as root, replacing N
with the number corresponding to the interface (eth0 and eth1).
/sbi n/i fd o wn ethN
C h eckin g t h e St at u s o f N et wo rk In t erf aces
If you need to check which network interfaces are up at any given time, type the following:
/sbi n/i fco nfi g
To view the routing table for a machine, issue the following command:
29
30
Warning
The commands above will take effect immediately, but do not persist through a reboot of the
system. To ensure network packet filter settings are restored upon reboot, refer to Section 3.6,
Saving Network Packet Filter Settings
3.5. Configuring FT P
File Transport Protocol (FTP) is an old and complex multi-port protocol that presents a distinct set of
challenges to an Load Balancer Add-On environment. To understand the nature of these challenges,
you must first understand some key things about how FTP works.
31
Passive C o n n ect io n s
When a passive connection is established, the client asks the FTP server to establish a
passive connection port, which can be on any port higher than 10,000. The server then
binds to this high-numbered port for this particular session and relays that port number
back to the client. The client then opens the newly bound port for the data connection. Each
data request the client makes results in a separate data connection. Most modern FTP
clients attempt to establish a passive connection when requesting data from servers.
Note
The client determines the type of connection, not the server. This means to effectively cluster
FTP, you must configure the LVS routers to handle both active and passive connections.
The FTP client/server relationship can potentially open a large number of ports that the
Piran h a C o n f ig u rat io n T o o l and IPVS do not know about.
Note
In order to enable passive FTP connections, ensure that you have the i p_vs_ftp kernel
module loaded, which you can do by running the command mo d pro be i p_vs_ftp as an
administrative user at a shell prompt.
32
Warning
If you are limiting the port range for passive connections, you must also configure the VSFTP
server to use a matching port range. This can be accomplished by adding the following lines
to /etc/vsftpd . co nf:
pasv_mi n_po rt= 10 0 0 0
pasv_max_po rt= 20 0 0 0
Setting pasv_ad d ress to override the real FTP server address should not be used since it is
updated to the virtual IP address by LVS.
For configuration of other FTP servers, consult the respective documentation.
This range should be a wide enough for most situations; however, you can increase this number to
include all available non-secured ports by changing 10 0 0 0 : 20 0 0 0 in the commands below to
10 24 : 6 5535.
The following i ptabl es commands have the net effect of assigning any traffic addressed to the
floating IP on the appropriate ports a firewall mark of 21, which is in turn recognized by IPVS and
forwarded appropriately:
/sbi n/i ptabl es -t mang l e -A P R ER O UT ING -p tcp -d n.n.n.n/32 --d po rt 21 -j
MAR K --set-mark 21
/sbi n/i ptabl es -t mang l e -A P R ER O UT ING -p tcp -d n.n.n.n/32 --d po rt
10 0 0 0 : 20 0 0 0 -j MAR K --set-mark 21
In the i ptabl es commands, n.n.n.n should be replaced with the floating IP for the FTP virtual server
defined in the VIR T UAL SER VER subsection of Piran h a C o n f ig u rat io n T o o l.
Warning
The commands above take effect immediately, but do not persist through a reboot of the
system. To ensure network packet filter settings are restored after a reboot, see Section 3.6,
Saving Network Packet Filter Settings
Finally, you need to be sure that the appropriate service is set to activate on the proper runlevels. For
more on this, refer to Section 2.1, Configuring Services on the LVS Router .
33
34
Chapt er 4 . Configuring t he Load Balancer Add- O n wit h Piranha Configurat ion T ool
Important
The configuration file for the Load Balancer Add-On follows strict formatting rules. Using the
Piran h a C o n f ig u rat io n T o o l is the best way to prevent syntax errors in the l vs. cf and
therefore prevent software failures.
35
Note
The fields for C UR R ENT LVS R O UT ING T ABLE and C UR R ENT LVS P R O C ESSES remain
blank until you actually start the Load Balancer Add-On, as shown in Section 4.8, Starting
the Load Balancer Add-On .
36
Chapt er 4 . Configuring t he Load Balancer Add- O n wit h Piranha Configurat ion T ool
37
4 .4 . G LO BAL
SET T ING S
The G LO BAL SET T ING S panel is where the you define the networking details for the primary LVS
router's public and private network interfaces.
38
Chapt er 4 . Configuring t he Load Balancer Add- O n wit h Piranha Configurat ion T ool
doing so will mean there is no alternate heartbeat channel for the backup LVS router to use
and therefore will create a single point of failure.
Note
The private IP address is not needed for D i rect R o uti ng configurations, as all
real servers as well as the LVS directors share the same virtual IP addresses and
should have the same IP route configuration.
Note
The primary LVS router's private IP can be configured on any interface that accepts
TCP/IP, whether it be an Ethernet adapter or a serial port.
T C P T i meo ut
Enter the time (in seconds) before a TCP session will timeout. The default timeout value is 0.
T C P Fi n T i meo ut
Enter the time (in seconds) before a TCP session will timeout after receiving a FIN packet.
The default timeout value is 0.
UD P T i meo ut
Enter the time (in seconds) before a UD P session will timeout. The default timeout value is 0.
Use netwo rk type
Click the NAT button to select NAT routing.
Click the D i rect R o uti ng button to select direct routing.
The next three fields deal specifically with the NAT router's virtual network interface connecting the
private network with the real servers. These fields do not apply to the direct routing network type.
NAT R o uter IP
Enter the private floating IP in this text field. This floating IP should be used as the gateway
for the real servers.
NAT R o uter netmask
If the NAT router's floating IP needs a particular netmask, select it from drop-down list.
NAT R o uter d evi ce
Use this text field to define the device name of the network interface for the floating IP
address, such as eth1: 1.
39
Note
You should alias the NAT floating IP address to the Ethernet interface connected to
the private network. In this example, the private network is on the eth1 interface, so
eth1: 1 is the floating IP address.
Warning
After completing this page, click the AC C EP T button to make sure you do not lose any
changes when selecting a new panel.
Note
The first time you visit this screen, it displays an " inactive" Backup status and an ENABLE
button. To configure the backup LVS router, click on the ENABLE button so that the screen
matches Figure 4.4, The R ED UND ANC Y Panel .
40
Chapt er 4 . Configuring t he Load Balancer Add- O n wit h Piranha Configurat ion T ool
41
If the primary LVS node does not respond after this number of seconds, then the backup
LVS router node will initiate failover.
Heartbeat runs o n po rt
This field sets the port at which the heartbeat communicates with the primary LVS node. The
default is set to 539 if this field is left blank.
The final section of the panel is for enabling and configuration of the optional Synchronization
D aemon and its various options. The Sync D aemon enables the active and backup LVS director to
keep TCP state synchronized. When enabled, the active director will send a message multicast over
the network with a configurable synchronization ID (or syncid) to a receiving backup director.
Warning
Red Hat Enterprise Linux 6.5 introduces a new sync message protocol format designed to
prevent interruptions to business services caused by premature timeout of persistent
connections on backup nodes, causing inconsistent state in the event of failover.
The new protocol format is not compatible with versions of Red Hat Enterprise Linux 6.4 or
earlier, or kernel versions prior to kernel-2.6.32-406.el6. It is recommended to upgrade backup
nodes before upgrading the master node to Red Hat Enterprise Linux 6.5.
To continue using the old format for sync messages (for example if you need to upgrade the
master node prior to the backup nodes), then set the value of sync_versi o n using the echo
command as root at a shell prompt as follows:
echo 0 > /proc/sys/net/ipv4/vs/sync_version
Warning
Remember to click the AC C EP T button after making any changes in this panel to make sure
you do not lose any changes when selecting a new panel.
42
SER VER S
Chapt er 4 . Configuring t he Load Balancer Add- O n wit h Piranha Configurat ion T ool
The VIR T UAL SER VER S panel displays information for each currently defined virtual server. Each
table entry shows the status of the virtual server, the server name, the virtual IP assigned to the
server, the netmask of the virtual IP, the port number to which the service communicates, the protocol
used, and the virtual device interface.
43
The VIR T UAL SER VER subsection panel shown in Figure 4.6, The VIR T UAL SER VER S
Subsection allows you to configure an individual virtual server. Links to subsections related
specifically to this virtual server are located along the top of the page. But before configuring any of
the subsections related to this virtual server, complete this page and click on the AC C EP T button.
44
Chapt er 4 . Configuring t he Load Balancer Add- O n wit h Piranha Configurat ion T ool
Vi rtual IP Ad d ress
Enter the virtual server's floating IP address in this text field.
Virt u al IP N et wo rk Mask
Set the netmask for this virtual server with the drop-down menu.
Fi rewal l Mark
D o not enter a firewall mark integer value in this field unless you are bundling multi-port
protocols or creating a multi-port virtual server for separate, but related protocols. In this
example, the above virtual server has a Fi rewal l Mark of 80 because we are bundling
connections to HTTP on port 80 and to HTTPS on port 443 using the firewall mark value of
80. When combined with persistence, this technique will ensure users accessing both
insecure and secure webpages are routed to the same real server, preserving state.
Warning
Entering a firewall mark in this field allows IPVS to recognize that packets bearing
this firewall mark are treated the same, but you must perform further configuration
outside of the Piran h a C o n f ig u rat io n T o o l to actually assign the firewall marks.
See Section 3.4, Multi-port Services and Load Balancer Add-On for instructions on
creating multi-port services and Section 3.5, Configuring FTP for creating a highly
available FTP virtual server.
D evi ce
Enter the name of the network device to which you want the floating IP address defined the
Vi rtual IP Ad d ress field to bind.
You should alias the public floating IP address to the Ethernet interface connected to the
public network. In this example, the public network is on the eth0 interface, so eth0 : 1
should be entered as the device name.
R e-entry T i me
Enter an integer value which defines the length of time, in seconds, before the active LVS
router attempts to bring a real server back into the pool after a failure.
Servi ce T i meo ut
Enter an integer value which defines the length of time, in seconds, before a real server is
considered dead and removed from the pool.
Q ui esce server
When the Q ui esce server radio button is selected, a real server weight will be set to 0
when it is unavailable. This effectively disables the real server. If the real server later
becomes available, the real servers will be re-enabled by restoring its original weight. If
Q ui esce server is disabled, the failed real server will be removed from the server table. If
and when the unavailable real server becomes available, it will be added back to the virtual
server table.
Lo ad mo ni to ri ng to o l
45
The LVS router can monitor the load on the various real servers by using either rup or
rupti me. If you select rup from the drop-down menu, each real server must run the rstatd
service. If you select rupti me, each real server must run the rwho d service.
Warning
Load monitoring is not the same as load balancing and can result in hard to predict
scheduling behavior when combined with weighted scheduling algorithms. Also, if
you use load monitoring, the real servers must be Linux machines.
Sched ul i ng
Select your preferred scheduling algorithm from the drop-down menu. The default is
Wei g hted l east-co nnecti o n. For more information on scheduling algorithms, see
Section 1.3.1, Scheduling Algorithms .
P ersi stence
If an administrator needs persistent connections to the virtual server during client
transactions, enter the number of seconds of inactivity allowed to lapse before a connection
times out in this text field.
Important
If you entered a value in the Fi rewal l Mark field above, you should enter a value
for persistence as well. Also, be sure that if you use firewall marks and persistence
together, that the amount of persistence is the same for each virtual server with the
firewall mark. For more on persistence and firewall marks, refer to Section 1.5,
Persistence and Firewall Marks .
Persist en ce N et wo rk Mask
To limit persistence to particular subnet, select the appropriate network mask from the dropdown menu.
Note
Before the advent of firewall marks, persistence limited by subnet was a crude way of
bundling connections. Now, it is best to use persistence in relation to firewall marks
to achieve the same result.
Warning
Remember to click the AC C EP T button after making any changes in this panel. To make sure
you do not lose changes when selecting a new panel.
46
Chapt er 4 . Configuring t he Load Balancer Add- O n wit h Piranha Configurat ion T ool
Clicking on the R EAL SER VER subsection link at the top of the panel displays the ED IT R EAL
SER VER subsection. It displays the status of the physical server hosts for a particular virtual service.
47
Note
This name is not the hostname for the machine, so make it descriptive and easily
identifiable.
Ad d ress
The real server's IP address. Since the listening port is already specified for the associated
virtual server, do not add a port number.
Wei g ht
48
Chapt er 4 . Configuring t he Load Balancer Add- O n wit h Piranha Configurat ion T ool
An integer value indicating this host's capacity relative to that of other hosts in the pool.
The value can be arbitrary, but treat it as a ratio in relation to other real servers in the pool.
For more on server weight, see Section 1.3.2, Server Weight and Scheduling .
Warning
Remember to click the AC C EP T button after making any changes in this panel. To make sure
you do not lose any changes when selecting a new panel.
49
Send i ng P ro g ram
For more advanced service verification, you can use this field to specify the path to a
service-checking script. This functionality is especially helpful for services that require
dynamically changing data, such as HTTPS or SSL.
To use this functionality, you must write a script that returns a textual response, set it to be
executable, and type the path to it in the Send i ng P ro g ram field.
Note
To ensure that each server in the real server pool is checked, use the special token
%h after the path to the script in the Send i ng P ro g ram field. This token is replaced
with each real server's IP address as the script is called by the nanny daemon.
The following is a sample script to use as a guide when composing an external servicechecking script:
#!/bin/sh
TEST=`dig -t soa example.com @ $1 | grep -c dns.example.com
if [ $TEST != "1" ]; then
echo "OK
else
echo "FAIL"
fi
Note
If an external program is entered in the Send i ng P ro g ram field, then the Send field
is ignored.
Send
Enter a string for the nanny daemon to send to each real server in this field. By default the
send field is completed for HTTP. You can alter this value depending on your needs. If you
leave this field blank, the nanny daemon attempts to open the port and assume the service
is running if it succeeds.
Only one send sequence is allowed in this field, and it can only contain printable, ASCII
characters as well as the following escape characters:
\n for new line.
\r for carriage return.
\t for tab.
\ to escape the next character which follows it.
Expect
Enter a the textual response the server should return if it is functioning properly. If you wrote
50
Chapt er 4 . Configuring t he Load Balancer Add- O n wit h Piranha Configurat ion T ool
your own sending program, enter the response you told it to send if it was successful.
Note
To determine what to send for a given service, you can open a tel net connection to
the port on a real server and see what is returned. For instance, FTP reports 220
upon connecting, so could enter q ui t in the Send field and 220 in the Expect field.
Warning
Remember to click the AC C EP T button after making any changes in this panel. To make sure
you do not lose any changes when selecting a new panel.
Once you have configured virtual servers using the Piran h a C o n f ig u rat io n T o o l, you must copy
specific configuration files to the backup LVS router. See Section 4.7, Synchronizing Configuration
Files for details.
Important
The /etc/sysctl . co nf and /etc/sysco nfi g /i ptabl es files do not change when you
configure the Load Balancer Add-On using the Piran h a C o n f ig u rat io n T o o l.
Warning
Both the active and backup LVS router nodes must have identical l vs. cf files. Mismatched
LVS configuration files between the LVS router nodes can prevent failover.
51
Important
To use scp the sshd must be running on the backup router, see Section 2.1, Configuring
Services on the LVS Router for details on how to properly configure the necessary services
on the LVS routers.
Issue the following command as the root user from the primary LVS router to sync the l vs. cf files
between the router nodes:
scp /etc/sysco nfi g /ha/l vs. cf n.n.n.n: /etc/sysco nfi g /ha/l vs. cf
In the command, replace n.n.n.n with the real IP address of the backup LVS router.
Important
If you are not sure whether or not packet forwarding is enabled in the kernel, see Section 2.5,
Turning on Packet Forwarding for instructions on how to check and, if necessary, enable
this key functionality.
52
Chapt er 4 . Configuring t he Load Balancer Add- O n wit h Piranha Configurat ion T ool
In one terminal, watch the kernel log messages with the command:
tai l -f /var/l o g /messag es
Then start the Load Balancer Add-On by typing the following command into the other terminal:
/sbi n/servi ce pul se start
Follow the progress of the pul se service's startup in the terminal with the kernel log messages. When
you see the following output, the pulse daemon has started properly:
g ratui to us l vs arps fi ni shed
To stop watching /var/l o g /messag es, type C trl +c.
From this point on, the primary LVS router is also the active LVS router. While you can make requests
to the Load Balancer Add-On at this point, you should start the backup LVS router before putting the
Load Balancer Add-On into service. To do this, simply repeat the process described above on the
backup LVS router node.
After completing this final step, the Load Balancer Add-On will be up and running.
53
54
Serving dynamic Web content with Load Balancer Add-On requires a three-tier configuration (as
shown in Figure A.1, Load Balancer Add-On with a High Availability Add-On ). This combination of
Load Balancer Add-On and High Availability Add-On allows for the configuration of a high-integrity,
no-single-point-of-failure e-commerce site. The High Availability Add-On can run a high-availability
instance of a database or a set of databases that are network-accessible to the Web servers.
A three-tier configuration is required to provide dynamic content. While a two-tier Load Balancer AddOn configuration is suitable if the Web servers serve only static Web content (consisting of small
amounts of infrequently changing data), a two-tier configuration is not suitable if the Web servers
serve dynamic content. D ynamic content could include product inventory, purchase orders, or
customer databases, which must be consistent on all the Web servers to ensure that customers have
access to up-to-date and accurate information.
Each tier provides the following functions:
First tier LVS router performing load-balancing to distribute Web requests.
Second tier A set of Web servers to serve the requests.
Third tier A High Availability Add-On to serve data to the Web servers.
In a Load Balancer Add-On configuration like the one in Figure A.1, Load Balancer Add-On with a
High Availability Add-On , client systems issue requests on the World Wide Web. For security
reasons, these requests enter a Web site through a firewall, which can be a Linux system serving in
that capacity or a dedicated firewall device. For redundancy, you can configure firewall devices in a
failover configuration. Behind the firewall is an LVS router that provides load balancing, which can
be configured in an active-standby mode. The active load-balancing router forwards the requests to
the set of Web servers.
Each Web server can independently process an HTTP request from a client and send the response
back to the client. The Load Balancer Add-On enables you to expand a Web site's capacity by
adding Web servers behind the LVS router; the LVS router performs load balancing across a wider
set of Web servers. In addition, if a Web server fails, it can be removed; Load Balancer Add-On
continues to perform load balancing across a smaller set of Web servers.
55
St even Levin e
R evisio n 2- 4
Wed Ju l 8 2015
Release for GA of Red Hat Enterprise Linux 6.7
St even Levin e
R evisio n 2- 1
T u e Ap r 14 2015
Release for Beta of Red Hat Enterprise Linux 6.7
St even Levin e
R evisio n 1- 13
T h u O ct 9 2014
Release for GA of Red Hat Enterprise Linux 6.6
St even Levin e
R evisio n 1- 10
T u e N o v 19 2013
Release for GA of Red Hat Enterprise Linux 6.5
Jo h n H a
R evisio n 1- 8
Fri Sep 27 2013
Release for Beta of Red Hat Enterprise Linux 6.5
Jo h n H a
R evisio n 1- 4
Wed N o v 28 2012
Release for Beta of Red Hat Enterprise Linux 6.4
Jo h n H a
R evisio n 1- 3
Mo n Ju n 18 2012
Release for GA of Red Hat Enterprise Linux 6.3
Jo h n H a
R evisio n 1- 2
Fri D ec 2 2011
Release for GA of Red Hat Enterprise Linux 6.2
Jo h n H a
R evisio n 1- 1
Wed N o v 10 2010
Initial release of book for Red Hat Enterprise Linux 6
Pau l K en n ed y
Index
Symbols
/et c/sysco n f ig /h a/lvs.cf f ile, /et c/sysco n f ig /h a/lvs.cf
A
arp t ab les_jf , D irect R o u t in g an d arp t ab les_jf
C
ch kco n f ig , C o n f ig u rin g Services o n t h e LVS R o u t er
clu st er
- using the Load Balancer Add-On with the High Availability Add-On, Using the Load
Balancer Add-On with the High Availability Add-On
co mp o n en t s
- of Load Balancer Add-On, Load Balancer Add-On Components
56
D
d irect ro u t in g
- and arptables_jf, D irect Routing and arptables_jf
F
f eed b ack, Feed b ack
FT P, C o n f ig u rin g FT P
- (see also Load Balancer Add-On)
H
H ig h Availab ilit y Ad d - O n
- and the Load Balancer Add-On , Using the Load Balancer Add-On with the High
Availability Add-On
- using the Load Balancer Add-On with, Using the Load Balancer Add-On with the
High Availability Add-On
I
in t ro d u ct io n , In t ro d u ct io n
- other Red Hat Enterprise Linux documents, Introduction
ip t ab les , C o n f ig u rin g Services o n t h e LVS R o u t er
ip vsad m p ro g ram, ip vsad m
J
jo b sch ed u lin g , Lo ad B alan cer Ad d - O n , Lo ad B alan cer Ad d - O n Sch ed u lin g
O verview
L
least co n n ect io n s ( see jo b sch ed u lin g , Lo ad B alan cer Ad d - O n )
Lo ad B alan cer Ad d - O n
- /etc/sysconfig/ha/lvs.cf file, /etc/sysconfig/ha/lvs.cf
- components of, Load Balancer Add-On Components
- date replication, real servers, D ata Replication and D ata Sharing Between Real
Servers
- direct routing
- and arptables_jf, D irect Routing and arptables_jf
- requirements, hardware, D irect Routing, Load Balancer Add-On via D irect
Routing
- requirements, network, D irect Routing, Load Balancer Add-On via D irect
Routing
- requirements, software, D irect Routing, Load Balancer Add-On via D irect
Routing
-
57
- routing prerequisites, Configuring Network Interfaces for Load Balancer Add-On with
NAT
- scheduling, job, Load Balancer Add-On Scheduling Overview
- send_arp program, send_arp
- shared data, D ata Replication and D ata Sharing Between Real Servers
- starting the Load Balancer Add-On, Starting the Load Balancer Add-On
- synchronizing configuration files, Synchronizing Configuration Files
- three-tier
- Load Balancer Add-on, A Three-Tier Load Balancer Add-On Configuration
- using the Load Balancer Add-On with the High Availability Add-On, Using the Load
Balancer Add-On with the High Availability Add-On
LVS
- daemon, lvs
- lvs daemon, lvs
- NAT routing
- enabling, Enabling NAT Routing on the LVS Routers
- overview of, Load Balancer Add-On Overview
- real servers, Load Balancer Add-On Overview
lvs d aemo n , lvs
M
mu lt i- p o rt services, Mu lt i- p o rt Services an d Lo ad B alan cer Ad d - O n
- (see also Load Balancer Add-On)
N
n an n y d aemo n , n an n y
N AT
- enabling, Enabling NAT Routing on the LVS Routers
- routing methods, Load Balancer Add-On, Routing Methods
n et wo rk ad d ress t ran slat io n ( see N AT )
P
p acket f o rward in g , T u rn in g o n Packet Fo rward in g
- (see also Load Balancer Add-On)
Piran h a C o n f ig u rat io n T o o l , Piran h a C o n f ig u rat io n T o o l
- CONTROL/MONITORING , CONTROL/MONITORING
- ED IT MONITORING SCRIPTS Subsection, ED IT MONITORING SCRIPTS Subsection
58
R
real servers
- configuring services, Configuring Services on the Real Servers
ro u n d ro b in ( see jo b sch ed u lin g , Lo ad B alan cer Ad d - O n )
ro u t in g
- prerequisites for Load Balancer Add-On, Configuring Network Interfaces for Load
Balancer Add-On with NAT
S
sch ed u lin g , jo b ( Lo ad B alan cer Ad d - O n ) , Lo ad B alan cer Ad d - O n Sch ed u lin g
O verview
secu rit y
- Piranha Configuration Tool , Limiting Access To the Piranha Configuration Tool
sen d _arp p ro g ram, sen d _arp
ssh d service, C o n f ig u rin g Services o n t h e LVS R o u t er
syn ch ro n iz in g co n f ig u rat io n f iles, Syn ch ro n iz in g C o n f ig u rat io n Files
W
weig h t ed least co n n ect io n s ( see jo b sch ed u lin g , Lo ad B alan cer Ad d - O n )
weig h t ed ro u n d ro b in ( see jo b sch ed u lin g , Lo ad B alan cer Ad d - O n )
59