lvs-tun 节点未连接

tag-icon tag-icon lvs piranha
lvs-tun 节点未连接

我正在使用隧道设置 LVS 集群。目标是拥有两台控制器服务器(位于不同的数据中心)和一台真实服务器(目前,稍后将在负载平衡中添加更多服务器)。真实服务器通过端口 80、443 和 8080 访问

我已经成功配置了我的主机,它运行良好,所有端口都打开,数据流通顺畅

但是,备份控制器只能通过端口 443 连接到真实服务器。这是我在 /var/log/messages 中得到的输出:

Oct 27 12:25:20 vps4252 pulse[2819]: STARTING PULSE AS MASTER
Oct 27 12:25:38 vps4252 pulse[2819]: partner dead: activating lvs
Oct 27 12:25:38 vps4252 lvsd[2821]: starting virtual service https active: 443
Oct 27 12:25:38 vps4252 lvsd[2821]: create_monitor for https/node1 running as pid 2831
Oct 27 12:25:38 vps4252 lvsd[2821]: starting virtual service http_8080 active: 8080
Oct 27 12:25:38 vps4252 lvsd[2821]: create_monitor for http_8080/node1 running as pid 2833
Oct 27 12:25:38 vps4252 nanny[2831]: starting LVS client monitor for 103.13.xxx.xxx:443 -> 103.29.zzz.zzz:443
Oct 27 12:25:38 vps4252 nanny[2833]: starting LVS client monitor for 103.13.xxx.xxx:8080 -> 103.29.zzz.zzz:8080
Oct 27 12:25:38 vps4252 nanny[2831]: [ active ] making 103.29.zzz.zzz:443 available
Oct 27 12:25:43 vps4252 pulse[2823]: gratuitous lvs arps finished

(忽略缺失的 80 端口行,我当时为了测试而禁用了它)

看起来 Nanny 进程只能通过端口 443 连接到真实服务器。但是,使用 netcat 或 curl,我可以通过其他 2 个端口获得正确的响应。

这是我的 lvs.cf(作为单个服务器):

serial_no = 36
primary = 103.13.yyy.yyy
service = lvs
backup = 0.0.0.0
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = tunnel
debug_level = NONE
virtual http {
    active = 1
    address = 103.13.xxx.xxx eth0:1
    vip_nmask = 255.255.255.255
    port = 80
    send = "GET / HTTP/1.0\r\n\r\n"
    expect = "HTTP"
    use_regex = 0
    load_monitor = none
    scheduler = rr
    protocol = tcp
    timeout = 6
    reentry = 15
    quiesce_server = 0
    #Define nodes
    server node1 {
        address = 103.29.zzz.zzz
        active = 1
        port = 80
        weight = 1
    }
}
virtual https {
    active = 1
    address = 103.13.xxx.xxx eth0:1
    vip_nmask = 255.255.255.255
    port = 443
    send = "GET / HTTP/1.0\r\n\r\n"
    expect = "HTTP"
    use_regex = 0
    load_monitor = none
    scheduler = rr
    protocol = tcp
    timeout = 6
    reentry = 15
    quiesce_server = 0
    #Define nodes
    server node1 {
        address = 103.29.zzz.zzz
        active = 1
        port = 443
        weight = 1
    }
}
virtual http_8080 {
    active = 1
    address = 103.13.xxx.xxx eth0:1
    vip_nmask = 255.255.255.255
    port = 8080
    send = "GET / HTTP/1.0\r\n\r\n"
    expect = "HTTP"
    use_regex = 1
    protocol = tcp
    #Define nodes
    server node1 {
        address = 103.29.zzz.zzz
        active = 1
        port = 8080
        weight = 1
    }
}

真实服务器上的隧道已正确设置(毕竟 443 端口正在运行)

所以我很困惑...有没有办法强制节点处于活动状态,即使保姆没有找到它?

答案1

这个问题通过创建一个 bash 脚本来 ping 真实服务器,并从 lvs 配置文件中调用它来解决。

相关内容