Red Hat APPLICATION SERVER - JONAS Przewodnik Instalacji

Linux Virtual Server Administration5.1Linux Virtual Server (LVS)for Red Hat EnterpriseLinux 5.1ISBN: N/APublication date:

rh-lvs(EN)-5.1 (2007-10-30T17:36)By mentioning this manual's identifier, we know exactly which version of the guide you have.If you have a sugges

Linux Virtual Server OverviewLinux Virtual Server (LVS) is a set of integrated software components for balancing the IP loadacross a set of real serve

Figure 1.1. A Basic LVS ConfigurationService requests arriving at the LVS routers are addressed to a virtual IP address, or VIP. Thisis a publicly-rou

The active router also dynamically monitors the overall health of the specific services on the realservers through simple send/expect scripts. To aid

Each of the real servers then accesses a shared data source over the network.Figure 1.2. A Three-Tier LVS ConfigurationThis configuration is ideal for

available database for transactions. Additionally, using an active-active configuration with RedHat Cluster Manager, administrators can configure one

Weighted Round-Robin SchedulingDistributes each request sequentially around the pool of real servers but gives more jobs toservers with greater capaci

Distributes requests to the pool of real servers by looking up the source IP in a static hashtable. This algorithm is designed for LVS routers with mu

Figure 1.3. LVS Implemented with NAT RoutingIn the example, there are two NICs in the active LVS router. The NIC for the Internet has a realIP address

which uses network address translation to replace the address of the real server in the packetswith the LVS routers public VIP address. This process i

Building a Linux Virtual Server (LVS) system offers highly-available and scalable solution forproduction services using specialized routing and load-b

Figure 1.4. LVS Implemented with Direct RoutingIn the typical direct routing LVS setup, the LVS router receives incoming server requeststhrough the vi

While there are many advantages to using direct routing in LVS, there are limitations as well.The most common issue with LVS via direct routing is wit

it is handled according to the scheduling rules in place.Persistence also allows the administrator to specify a subnet mask to apply to the client IPa

Figure 1.5. LVS ComponentsThe pulse daemon runs on both the active and passive LVS routers. On the backup router,pulse sends a heartbeat to the public

6.1. LVS ComponentsSection 6.1.1, “pulse” shows a detailed list of each software component in an LVS router.6.1.1. pulseThis is the controlling proces

Chapter 2, Initial LVS Configuration reviews important post-installation configuration steps youshould take before configuring Red Hat Enterprise Linu

16

Initial LVS ConfigurationAfter installing Red Hat Enterprise Linux, you must take some basic steps to set up both theLVS routers and the real servers.

/sbin/chkconfig --level 35 daemon onIn the above command, replace daemon with the name of the service you are activating. To geta list of services on

following command as root:/sbin/service piranha-gui startor/sbin/service piranha-gui restartIssuing this command starts a private session of the Apach

Linux Virtual Server Administration: Linux Virtual Server(LVS) for Red Hat Enterprise Linux 5.1Copyright © You need to override this in your local ent

Now that the Piranha Configuration Tool is running, you may wish to consider limiting whohas access to the tool over the network. The next section rev

configuration pages in the /etc/sysconfig/ha/web/secure/ directory but notto the login and the help pages in /etc/sysconfig/ha/web/. To limit access t

22

Setting Up LVSLVS consists of two basic groups: the LVS routers and the real servers. To prevent a singlepoint of failure, each groups should contain

which link to the real servers (eth1) will be on the 10.11.12/24 network.So on the active or primary LVS router node, the public interface's netw

1.2. Routing on the Real ServersThe most important thing to remember when configuring the real servers network interfaces in aNAT topology is to set t

firewall marks, see Section 4, “Multi-port Services and LVS”.Once forwarding is enabled on the LVS routers and the real servers are set up and have th

topologies. While the LVS router needs to be running Red Hat Enterprise Linux to processthe incoming requests and perform load-balancing for the real

they contain the real IP of the server instead. The only node that should respond to ARPrequests for any of the VIPs is the current active LVS node.2.

two separate Apache HTTP Server services bound to port 80, because both must bind toINADDR_ANY instead of the virtual IP addresses.To configure direct

Linux Virtual Server Administration

Configuration Tool.3.1. General LVS Networking TipsConfigure the real IP addresses for both the public and private networks on the LVS routersbefore a

occur within the length of time specified by the persistence parameter. For more on assigningpersistence to a virtual server, see Section 6.1, “The VI

HTTP and HTTPS virtual servers. These commands have the net effect of assigning any trafficaddressed to the VIP on the appropriate ports a firewall ma

effectively cluster FTP, you must configure the LVS routers to handle both activeand passive connections.The FTP client/server relationship can potent

WarningIf you are limiting the port range for passive connections, you must also configurethe VSFTP server to use a matching port range. This can be a

runlevels. For more on this, refer to Section 1, “Configuring Services on the LVS Routers”.6. Saving Network Packet Filter SettingsAfter configuring t

36

Configuring the LVS Routers withPiranha Configuration ToolThe Piranha Configuration Tool provides a structured approach to creating the necessaryconfi

Figure 4.1. The Welcome PanelClick on the Login button and enter piranha for the Username and the administrativepassword you created in the Password f

Figure 4.2. The CONTROL/MONITORING PanelAuto updateThe status display on this page can be updated automatically at a user configurableinterval. To ena

Introduction ... vii1. Document Conventions

CHANGE PASSWORDClicking this button takes you to a help screen with information on how to change theadministrative password for the Piranha Configurat

Primary server private IPEnter the real IP address for an alternative network interface on the primary LVS node. Thisaddress is used solely as an alte

TipYou should alias the NAT floating IP address to the Ethernet interface connectedto the private network. In this example, the private network is on

Figure 4.4. The REDUNDANCY PanelRedundant server public IPEnter the public real IP address for the backup LVS router node.Redundant server private IPE

Assume dead after (seconds)If the primary LVS node does not respond after this number of seconds, then the backupLVS router node will initiate failove

Figure 4.5. The VIRTUAL SERVERS PanelEach server displayed in the VIRTUAL SERVERS panel can be configured on subsequentscreens or subsections.To add a

any of the subsections related to this virtual server, complete this page and click on theACCEPT button.Figure 4.6. The VIRTUAL SERVERS SubsectionName

Enter the virtual server's floating IP address in this text field.Virtual IP Network MaskSet the netmask for this virtual server with the drop-do

Load monitoring toolThe LVS router can monitor the load on the various real servers by using either rup orruptime. If you select rup from the drop-dow

WarningRemember to click the ACCEPT button after making any changes in this panel.To make sure you do not lose changes when selecting a new panel.6.2.

3. CONTROL/MONITORING ...384. GLOBAL SETTINGS ...

Figure 4.8. The REAL SERVER Configuration PanelThis panel consists of three entry fields:NameA descriptive name for the real server.TipThis name is no

WeightAn integer value indicating this host's capacity relative to that of other hosts in the pool. Thevalue can be arbitrary, but treat it as a

Figure 4.9. The EDIT MONITORING SCRIPTS SubsectionSending ProgramFor more advanced service verification, you can use this field to specify the path to

Only one send sequence is allowed in this field, and it can only contain printable, ASCIIcharacters as well as the following escape characters:• \n fo

• /etc/sysconfig/iptables — If you are using firewall marks, you should synchronize one ofthese files based on which network packet filter you are usi

ImportantIf you are not sure whether or not packet forwarding is enabled in the kernel, seeSection 5, “Turning on Packet Forwarding” for instructions

requests to LVS at this point, you should start the backup LVS router before putting LVS intoservice. To do this, simply repeat the process described

Appendix A. Using LVS with Red HatClusterYou can use LVS routers with a Red Hat Cluster to deploy a high-availability e-commerce sitethat provides loa

Figure A.1. LVS with a Red Hat ClusterServing dynamic Web content with LVS requires a three-tier configuration (as shown inFigure A.1, “LVS with a Red

configuration is suitable if the Web servers serve only static Web content (consisting of smallamounts of infrequently changing data), a two-tier conf

IntroductionThis document provides information about installing, configuring, and managing Red Hat VirtualLinux Server (LVS) components. LVS provides

60

IndexSymbols/etc/sysconfig/ha/lvs.cf file, 14Aarptables_jf, 27Cchkconfig, 17clusterusing LVS with Red Hat Cluster, 57componentsof LVS, 14Ddirect routi

network address translation (see NAT)Ppacket forwarding, 21(see also LVS)Piranha Configuration Tool, 14CONTROL/MONITORING, 38EDIT MONITORING SCRIPTS S

• Using Device-Mapper Multipath — Provides information about using the Device-MapperMultipath feature of Red Hat Enterprise Linux 5.• Using GNBD with

Additionally, the manual uses different strategies to draw your attention to pieces of information.In order of how critical the information is to you,