I had trouble getting LVS to work with DNS. The issue is with nanny.
I'm guessing that nanny was designed originally for HTTP and so it is text
oriented.
Through mainly trial and error, I got nanny to properly probe my DNS Real
Servers.
I'm sure there is a better/easier way ( like configuring nanny to just
make sure UDP port 53 is listening on the real server ) but I used the
script function of nanny ( -e and -x ).
-e tells nanny to run an external script and -x specifies the expected
result to consider the real server viable. You may also add --regex to
have nanny interpret -x as a regex ( but honestly, I couldn't get regex to
work). Keep in mind that the nanny parameters are specified in the lvs.cf
-- pulse runs nanny for LVS.
So, since I could get regex to work, I had to write my own custom script:
nslookup ( I put it in /root/nslookup for nowŠ I'll have to move it
eventually). It is listed here:
#!/bin/bash
# This program is a thin wrapper on nslookup
# The program simply returns the exit status of
# nslookup so that it can be evaluated by 'nanny'
# Nanny should be configured to expect a '0' for a healthy DNS server.
[ $# -ne 2 ] && echo 1
/usr/bin/nslookup $* >& /dev/null
echo $?
And here is the lvs.cf:
primary = X.X.X.X
primary_private = 192.168.30.62
service = lvs
backup_active = 1
backup = Y.Y.Y.Y
backup_private = 192.168.30.63
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = nat
nat_router = 192.168.30.64 eth0:1
nat_nmask = 255.255.252.0
debug_level = NONE
monitor_links = 0
syncdaemon = 0
virtual DNS {
active = 1
address = Z.Z.Z.Z eth1:1
vip_nmask = 255.255.255.224
port = 53
expect = "0"
use_regex = 0
send_program = "/root/nslookup google.com %h"
load_monitor = none
scheduler = wrr
protocol = udp
timeout = 6
reentry = 15
quiesce_server = 0
server dns-int-02 {
address = 192.168.29.2
active = 1
weight = 1
}
server dns-int-01 {
address = 192.168.29.1
active = 1
weight = 1
}
}
As you can see in config above, I am executing the program /root/nslookup.
I also pass a valid name to the nslookup command since nslookup will
return with a non-zero status if it can't resolve a name ( of course, if
your DNS is not recursive you'll need to choose a name it does have ).
Lastly, please review /var/log/messages to see if nanny is doing its job.
On CentOS, nanny logged all of its messages with its PID.
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
I'm guessing that nanny was designed originally for HTTP and so it is text
oriented.
Through mainly trial and error, I got nanny to properly probe my DNS Real
Servers.
I'm sure there is a better/easier way ( like configuring nanny to just
make sure UDP port 53 is listening on the real server ) but I used the
script function of nanny ( -e and -x ).
-e tells nanny to run an external script and -x specifies the expected
result to consider the real server viable. You may also add --regex to
have nanny interpret -x as a regex ( but honestly, I couldn't get regex to
work). Keep in mind that the nanny parameters are specified in the lvs.cf
-- pulse runs nanny for LVS.
So, since I could get regex to work, I had to write my own custom script:
nslookup ( I put it in /root/nslookup for nowŠ I'll have to move it
eventually). It is listed here:
#!/bin/bash
# This program is a thin wrapper on nslookup
# The program simply returns the exit status of
# nslookup so that it can be evaluated by 'nanny'
# Nanny should be configured to expect a '0' for a healthy DNS server.
[ $# -ne 2 ] && echo 1
/usr/bin/nslookup $* >& /dev/null
echo $?
And here is the lvs.cf:
primary = X.X.X.X
primary_private = 192.168.30.62
service = lvs
backup_active = 1
backup = Y.Y.Y.Y
backup_private = 192.168.30.63
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = nat
nat_router = 192.168.30.64 eth0:1
nat_nmask = 255.255.252.0
debug_level = NONE
monitor_links = 0
syncdaemon = 0
virtual DNS {
active = 1
address = Z.Z.Z.Z eth1:1
vip_nmask = 255.255.255.224
port = 53
expect = "0"
use_regex = 0
send_program = "/root/nslookup google.com %h"
load_monitor = none
scheduler = wrr
protocol = udp
timeout = 6
reentry = 15
quiesce_server = 0
server dns-int-02 {
address = 192.168.29.2
active = 1
weight = 1
}
server dns-int-01 {
address = 192.168.29.1
active = 1
weight = 1
}
}
As you can see in config above, I am executing the program /root/nslookup.
I also pass a valid name to the nslookup command since nslookup will
return with a non-zero status if it can't resolve a name ( of course, if
your DNS is not recursive you'll need to choose a name it does have ).
Lastly, please review /var/log/messages to see if nanny is doing its job.
On CentOS, nanny logged all of its messages with its PID.
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users