Brett Delle Grazie @ 17/02/2011 10:24 -0300 dixit:
Hi,
On 17 February 2011 12:58, Carlos G Mendioroz <t...@huapi.ba.ar> wrote:
Hi,
I've found that ipaddr2 can use clusterip when running as clone.
(please correct me if I use some word in a not correct way,
denoting I fail to get some concept)
But my understanding is that clusterip might be beneficial also
in the active/standby case because of its use of a single mac
address.
Not really - its simpler (networking wise) and safer to use floating
IP addresses for standard HA. Otherwise all traffic is being
duplicated to both nodes which ties up bandwidth unnecessarily -
that's the major
downside to ClusterIP.
I guess it's a design issue, so it depends.
I've seen the bandwidth argument, but this applies only to, in my case,
to requests going to a server. BW is very low in this direction.
I'm trying to get a fast failover (subsecond). I don't like gratuitous
ARP that much.
Indeed it could be argued that with multiple floating IPs used with
DNS round-robin,
ClusterIP becomes almost unnecessary.
DNS is out of the question. A node already talking to the cluster knows
the cluster IP already.
The problem with floating IP, as commented, is ARP caching.
FYI ClusterIP target in iptables has been deprecated, the successor is
cluster-match
but I don't think there is a resource agent which uses it yet.
Noted, thanks. I don't mind upgrading/changing/making an RA if needed.
I would create the active with 1 node and the standby alike,
but "demote" the standby by forcing it not to answer.
Why? - you lose functionality here such as the system _automatically_
correcting
for failure - which is, I assume, why you want to use Pacemaker.
How come I loose anything ? When I say "I would demote...", I mean
"I would make the RA demote..."
Questions:
-any obvious issue here ?
-I see some posts with CLUSTERIP and ARP related issues,
but I fail to understand a case where this happens.
If someone has a failure case I would appreciate it.
Our failure cases:
(1) It didn't work at all - resolved by (a)
(2) It didn't work under failure conditions (pulling the network cable
and/or power on one node) - we got lost connections, no response etc.
resolved by (b)
Our solutions were:
(a) Enable multicast mac addresses on the switch/firewall (otherwise
it doesn't work at all) and
(b) adding a static ARP entry for the IP to cluster mac address in the
switch/firewall.
1) I understand sort of, it's switch dependent, not really a CLUSTERIP
issue. (i.e. you need mcast to work)
2) This is what I'm after as a failure case.
Will test it, it should work (but again, the configuration I'm thinking
of is not the one used by current ipaddr2 RA).
Thanks for your comments!
--
Carlos G Mendioroz <t...@huapi.ba.ar> LW7 EQI Argentina
_______________________________________________
Pacemaker mailing list: Pacemaker@oss.clusterlabs.org
http://oss.clusterlabs.org/mailman/listinfo/pacemaker
Project Home: http://www.clusterlabs.org
Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
Bugs: http://developerbugs.linux-foundation.org/enter_bug.cgi?product=Pacemaker
