Sunday, March 20, 2011

Load balancing HTTPD with Ldirectord

Requirement:
1 ldirectord load balancer - IP: 10.100.1.56

2 HTTPD Server
SERVER01 - IP: 10.100.1.59
SERVER02 - IP: 10.100.1.60
Virtual IP: 10.100.1.58

Linux Distro Used: CentOS 5.5

############Ldirectord setup########################

1. Ldirectord setup - Packages required: heartbeat heartbeat-ldirectord ipvsadm. Repository I used is Epel which as of this writing, heartbeat*-2.1.4. is the available version.

install command: yum install heartbeat heartbeat-ldirectord ipvsadm

2. Create a virtual interface for eth0 for file /etc/sysconfig/network-scripts/ifcfg-eth0:0

#/etc/sysconfig/network-scripts/ifcfg-eth0:0
DEVICE=eth0:0
BOOTPROTO=none
BROADCAST=10.100.255.255
HWADDR=00:14:AA:00:00:1F
IPADDR=10.100.1.58
NETMASK=255.255.0.0
NETWORK=10.100.0.0
ONBOOT=yes

3. Edit /etc/sysctl.conf

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

4. Create /etc/ha.d/ldirectord.cf

#/etc/ha.d/ldirectord.cf
checktimeout=10
checkinterval=2
autoreload=no
logfile="/var/log/ldirectord.log"
quiescent=no
emailalert = "admin@mycompany.com"
virtual=10.100.1.58:80
real=10.100.1.59:80 gate 100
real=10.100.1.60:80 gate 1
service=http
request="check.html"
receive="check_dont_delete_me"
scheduler=wrr
protocol=tcp
checktype=negotiate
#
virtual=10.100.1.58:443
real=10.100.1.59:443 gate 100
real=10.100.1.60:443 gate 1
service=http
request="check.html"
receive="check_dont_delete_me"
scheduler=wrr
protocol=tcp
checktype=connect
#On the checktype for the https config
#I used hecktype=connect since negotiate will not work
#it wont be able to get the certificate.

#For the real server entry the 100 set the prio
# 1 set less priority

##########Real Server Setup#####################

1. Create a virtual loopback interface.

vim /etc/sysconfig/network-scripts/ifcfg-lo:0

DEVICE=lo:0
IPADDR=10.100.1.58
NETMASK=255.255.255.255
ONBOOT=yes
NAME=loopback

2. Edit /etc/sysctl.conf

#Append the ff below:

net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.eth0.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.eth0.arp_announce = 2

3. issue the command

Ifup eth0:0
sysctl -p

4. create a file check.html at real server
Document Root Dir.

echo “check_dont_delete_me” > /var/www/html/check.html

This should be accessible directly by ldirector for check purpose

5. Do the same on Real Server 2

#########Checking###########

Command to check: ipvsadm -L -n
Posted by at