1. I typically always run my LB behind a hardware firewall (and the hardware firewall allows me to create multiple networks on it's interface, i.e. 10.0.0.x and 192.168.1.x
2. Personal preference really, but I find the best and easiest stack to be heartbeat/ldirectord (using LVS-DR) 3. I (personal opinion) find it very advantageous to have an inactive director, and I use the machine for minor duties when it's not the primary 4. Depending on what you need, we're using this successfully in one client's infrastructure. They use php sessions, and even when a failover occurs (and you can statefully sync the sessions using ipvsadm), users remain logged in, with their shopping cart, etc. For scalability, I would not recommend placing session data in mysql (though memcache is an option) Welcome to the mailing list. Michael S. Moody Sr. Systems Engineer Global Systems Consulting Web: http://www.GlobalSystemsConsulting.com -----Original Message----- From: Ryan King [mailto:[EMAIL PROTECTED] Sent: Thursday, November 06, 2008 9:55 AM To: [email protected] Subject: [lvs-users] LVS 101 Hello All- I'm early in the research/planning stage of a project for which we would like to implement LVS (will only serve HTTP, currently thinking LVS-NAT). I've been following this list for several months, and researching LVS in an attempt to become familiar with how people are using it, and common problems encountered, etc. My first basic questions are: 1) Are people typically running their Directors as internet-facing boxes, setup also as a firewall (as I routinely hear their VIP talked about as being externally accessible), or is a separate firewall typically sitting on the perimeter? 2) I haven't fully read the mini-howto, and I know that's the first place to start when I'm ready to touch hardware, so I'm trying not to ask questions that make Joe or others angry :), but from looking at the lvs site, I see many methods of accomplishing HA/LB (http://www.linuxvirtualserver.org/HighAvailability.html) i.e. piranha/keepalived/ultramonkey/heartbeat+ldirectord/etc... is there one particular method that you endorse, or is more "road-tested"? 3) The active/inactive director setup quickly caught my eye, as I'm nearly OCD when it comes to increasing efficiencies of a system, which led me quickly to your paper on active/active (http://www.ultramonkey.org/papers/lvs_jan_2004). Are many/any people out there actually using this and/or having success? I haven't come across much discussion on this topic, so wasn't sure if other advances/changes in LVS have made it less desirable, or possibly it presents significant new challenges in setup, etc...? 4) Our project will be PHP/mySQL-based, relying on PHP session data for client connection state. I've read enough to realize there may be significant issues with connection synch between the directors on failover and/or recovery of failed director, is this a correct assumption? If so, this could become a defining issue for our programming team, as I've read a common work-around for these issues involves designing the code to maintain session data in mySQL instead, so that regardless of the answering real server, this data is available. Obviously, that would be good to know before the first line of code is written... :) Thanks so much in advance for any advice or knowledge anyone is willing to pour out... _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
