Although we could obtain ldirectord on its own, we’ll get it as part of the Ultra Monkey package, which includes the heartbeat software for HA. Because Ultra Monkey isn’t a part of the standard Debian distribution, you’ll need to add these two lines to your Debian repository file (/etc/apt/sources.list) on the lb machine:
deb http://www.ultramonkey.org/download/3/ sarge main deb-src http://www.ultramonkey.org/download/3 sarge main
Then update the repository and get the package:
# apt-get update # apt-get install ultramonkey
The installation process will ask you some questions:
Do you want to automatically load IPVS rules on boot? No Select a daemon method. none
Our configuration will have one virtual server (the address that clients see, running ldirectord), which we’ll call the director, and two realservers (running Apache). The realservers can be connected to the director in one of three ways:
The realservers are in a NAT subnet behind the director and route their responses back through the director.
The realservers route their responses directly back to the client. All machines are on the same subnet and can find each other’s level-2 (Ethernet) addresses. They do not need to be pingable from outside their subnet.
The realservers can be on a different network from the director. They communicate by tunneling with IP-over-IP (IPIP) encapsulation.
We’re going to use DR, because it’s easy, it’s fast, and it scales well. With this method, we designate a VIP that is shared by the load balancer and the realservers. This causes an immediate problem: if all machines share the same VIP, how do we resolve the VIP to a single physical MAC address? This is called the ARP problem, because systems on the same LAN use the Address Resolution Protocol (ARP) to find each other, and ARP expects each system to have a unique IP address.
Many solutions require kernel patches or modules, and change along with changes to the Linux kernel. In 2.6 and above, a popular solution is to let the load balancer handle the ARP for the VIP and, on the realservers, to configure the VIP on aliases of the loopback device. The reason is that loopback devices do not respond to ARP requests.
That’s the approach we’ll take. We’ll configure the web servers first.