LVS

Revision as of 14:48, 27 March 2005

This text is a DRAFT, do not use it, base any work on it or anything else.

Needed:

Linux kernel 2.6.10+ (for IPVS patch) heartbeat ipvsadm keepalived ldirectord

We can use IP, 207.142.131.213 which is free. All clients will be sent on this IP which is assigned to a director box on a virtual interface (eth0:1). In case of failure (detected by heartbeat, the ip is switched on the other director box). That IP is know as the virtual ip (VIP).

So bascily we handle everything on our side, no more dns load balancing.

Hearbeat

Configuration file (/etc/heartbeat/ha.cf) sample in ha.cf.

ldirectord

Configuration file (/etc/ha.d/ldirectord.cf) sample in ldirectord.cf.

Network configuration

ldirector server(s) and squids need to be in the SAME broadcast network. They all share the VIP so the squids should not honour arp requests directed to the virtual VIP.

The only server that should answer on the VIP is the ldirector box, so you have to stop squids from answering arp requests that does not match their real ip. This is done by editing /etc/sysctl.conf:

net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2

Now add VIP on the squid loopback:

/sbin/ip addr add 207.142.131.213/32 dev lo brd + scope host

Eventually apply /etc/sysctl changes:

echo '2' > /proc/sys/net/ipv4/conf/lo/arp_announce
echo '1' > /proc/sys/net/ipv4/conf/lo/arp_ignore

scope host directive makes the address only valid on this host.

The squid daemon is then set to listen on VIP (wich is on lo:0).