[lvs-users] lvs for https

Mohammed Munazir Ul Hasan mdmunazir at gmail.com
Wed Jul 4 07:56:04 BST 2012 

Dear All,

>From last 3 years we were using ipvsadm (piranha) on rhel 5 for HTTP on 3
real server for Loadbalance all http request to 3 servers. And it was
working fine.

My company now wants to run our website on SSL (https). So, i add ssl-pool
to lvs.cf file and restarted the pulse service. Below is the configuration
for the same.

serial_no = 71
primary = xxx.xxx.xxx
primary_private = 192.168.1.3
service = lvs
backup_active = 1
backup = xxx.xxx.xxx
backup_private = 192.168.1.4
heartbeat = 1
heartbeat_port = 539
keepalive = 2
deadtime = 18
network = nat
nat_nmask = 255.255.255.255
debug_level = NONE
monitor_links = 1
virtual Web {
     active = 1
     address = xxx.xxx.xxx eth0:1
     vip_nmask = 255.255.255.248
     port = 80
     send = "GET / HTTP/1.0\r\n\r\n"
     expect = "HTTP"
     load_monitor = none
     scheduler = wlc
     protocol = tcp
     persistent = 60
     timeout = 45
     reentry = 15
     quiesce_server = 0
     server app1 {
         address = 192.168.1.3
         active = 1
         weight = 1
     }
     server app2 {
         address = 192.168.1.4
         active = 1
         weight = 1
     }
     server app3 {
         address = 192.168.1.12
         active = 1
         weight = 1
     }
}

## SSL Configuration
virtual ssl-pool {
active = 1
address = xxx.xxx.xxx eth0:1
vip_nmask = 255.255.255.248
port = 443
load_monitor = none
scheduler = wlc
protocol = tcp
persistent = 60
pmask = 255.255.255.248
timeout = 6
reentry = 15
quiesce_server = 1
server app1 {
address = 192.168.1.3
active = 1
weight = 1
}
server app2 {
address = 192.168.1.4
active = 1
weight = 1
}
server app3 {
address = 192.168.1.12
active = 1
weight = 1
}
}


What i notice that when I am hitting to ssl page i.e.
https://mydomain.org.sa. All traffic is going to 1 real server. Its not
distributing load to other realservers. When I stop httpd service on that
server. Then traffic is moving other 1 server, but still no loadbalancing
(but for HTTP loadbalancing is happing very well).

All InActiveConn is very heavy this is happening only 1 hit to website
also.

Please help me to get out from this problem.

I am using Piranha version piranha-0.8.4-9.3.el5 64bit.

Thanks & Regards
Munazir

More information about the lvs-users mailing list