Changeset 1198 for branches/fc11-dev/lvs/debian
- Timestamp:
- Jun 14, 2009, 5:26:53 AM (15 years ago)
- Location:
- branches/fc11-dev/lvs/debian/config/etc
- Files:
-
- 2 deleted
- 4 edited
- 3 copied
Legend:
- Unmodified
- Added
- Removed
-
branches/fc11-dev/lvs/debian/config/etc/ha.d/ldirectord.cf
r1113 r1198 5 5 quiescent=no 6 6 7 virtual=18.181.0.46:25 7 # iptables rules caused SMTP to use FWM 3 8 virtual=3 8 9 real=18.181.0.53:25 gate 1024 9 10 real=18.181.0.57:25 gate 1024 10 real=18.181.0.167:25 gate 512 11 fallback=18.187.1.128:25 gate 11 real=18.181.0.167:25 gate 1024 12 12 service=smtp 13 13 scheduler=wlc 14 14 persistent=600 15 protocol= tcp15 protocol=fwm 16 16 checktype=negotiate 17 checkport=25 17 18 18 virtual=18.181.0.46:80 19 real=18.181.0.53:80 gate 1024 20 real=18.181.0.57:80 gate 1024 21 real=18.181.0.167:80 gate 512 22 fallback=127.0.0.1:80 gate 23 service=http 24 request="heartbeat/http" 19 # Apache (80, 443, and 444) uses FWM 2 20 virtual=2 21 real=18.181.0.53 gate 1024 22 real=18.181.0.57 gate 1024 23 real=18.181.0.167 gate 1024 24 fallback=127.0.0.1 gate 25 service=http 26 request="heartbeat/http" 25 27 virtualhost="scripts.mit.edu" 26 receive="1" 27 scheduler=wlc 28 persistent=600 29 protocol=tcp 30 checktype=negotiate 28 receive="1" 29 checktype=negotiate 30 checkport=80 31 scheduler=wlc 32 persistent=600 33 protocol=fwm 31 34 32 virtual=18.181.0.46:443 33 real=18.181.0.53:443 gate 1024 34 real=18.181.0.57:443 gate 1024 35 real=18.181.0.167:443 gate 512 36 fallback=18.187.1.128:443 gate 37 service=https 38 request="heartbeat/https" 39 virtualhost="scripts.mit.edu" 40 receive="1" 41 scheduler=wlc 42 persistent=600 43 protocol=tcp 44 checktype=negotiate 45 46 virtual=18.181.0.46:444 47 real=18.181.0.53:444 gate 1024 48 real=18.181.0.57:444 gate 1024 49 real=18.181.0.167:444 gate 512 50 fallback=18.187.1.128:444 gate 51 service=https 52 request="heartbeat/https" 53 virtualhost="scripts.mit.edu" 54 receive="1" 55 scheduler=wlc 56 persistent=600 57 protocol=tcp 58 checktype=negotiate 59 60 virtual=18.181.0.43:25 61 real=18.181.0.53:25 gate 1024 62 real=18.181.0.57:25 gate 1024 63 real=18.181.0.167:25 gate 512 64 fallback=18.187.1.128:25 gate 65 service=smtp 66 scheduler=wlc 67 persistent=600 68 protocol=tcp 69 checktype=negotiate 70 71 virtual=18.181.0.43:80 72 real=18.181.0.53:80 gate 1024 73 real=18.181.0.57:80 gate 1024 74 real=18.181.0.167:80 gate 512 75 fallback=127.0.0.1:80 gate 76 service=http 77 request="heartbeat/http" 78 receive="1" 79 scheduler=wlc 80 persistent=600 81 protocol=tcp 82 checktype=negotiate 83 84 virtual=18.181.0.43:443 85 real=18.181.0.53:443 gate 1024 86 real=18.181.0.57:443 gate 1024 87 real=18.181.0.167:443 gate 512 88 fallback=18.187.1.128:443 gate 89 service=https 90 request="heartbeat/https" 91 virtualhost="scripts.mit.edu" 92 receive="1" 93 scheduler=wlc 94 persistent=600 95 protocol=tcp 96 checktype=negotiate 97 98 virtual=18.181.0.43:444 99 real=18.181.0.53:444 gate 1024 100 real=18.181.0.57:444 gate 1024 101 real=18.181.0.167:444 gate 512 102 fallback=18.187.1.128:444 gate 103 service=https 104 request="heartbeat/https" 105 virtualhost="scripts.mit.edu" 106 receive="1" 107 scheduler=wlc 108 persistent=600 109 protocol=tcp 110 checktype=negotiate 111 112 virtual=18.181.0.50:25 113 real=18.181.0.53:25 gate 1024 114 real=18.181.0.57:25 gate 1024 115 real=18.181.0.167:25 gate 512 116 fallback=18.187.1.128:25 gate 117 service=smtp 118 scheduler=wlc 119 persistent=600 120 protocol=tcp 121 checktype=negotiate 122 123 virtual=18.181.0.50:80 124 real=18.181.0.53:80 gate 1024 125 real=18.181.0.57:80 gate 1024 126 real=18.181.0.167:80 gate 512 127 fallback=127.0.0.1:80 gate 128 service=http 129 request="heartbeat/http" 130 receive="1" 131 scheduler=wlc 132 persistent=600 133 protocol=tcp 134 checktype=negotiate 135 136 virtual=18.181.0.50:443 137 real=18.181.0.53:443 gate 1024 138 real=18.181.0.57:443 gate 1024 139 real=18.181.0.167:443 gate 512 140 fallback=18.187.1.128:443 gate 141 service=https 142 request="heartbeat/https" 143 virtualhost="scripts.mit.edu" 144 receive="1" 145 scheduler=wlc 146 persistent=600 147 protocol=tcp 148 checktype=negotiate 149 150 virtual=18.181.0.50:444 151 real=18.181.0.53:444 gate 1024 152 real=18.181.0.57:444 gate 1024 153 real=18.181.0.167:444 gate 512 154 fallback=18.187.1.128:444 gate 155 service=https 156 request="heartbeat/https" 157 virtualhost="scripts.mit.edu" 158 receive="1" 159 scheduler=wlc 160 persistent=600 161 protocol=tcp 162 checktype=negotiate 163 164 virtual=18.181.0.49:80 165 real=18.181.0.53:80 gate 1024 166 real=18.181.0.57:80 gate 1024 167 real=18.181.0.167:80 gate 512 168 fallback=127.0.0.1:80 gate 169 service=http 170 request="heartbeat/http" 171 virtualhost="scripts.mit.edu" 172 receive="1" 173 scheduler=wlc 174 persistent=600 175 protocol=tcp 176 checktype=negotiate 177 178 virtual=18.181.0.49:443 179 real=18.181.0.53:443 gate 1024 180 real=18.181.0.57:443 gate 1024 181 real=18.181.0.167:443 gate 512 182 fallback=18.187.1.128:443 gate 183 service=https 184 request="heartbeat/https" 185 virtualhost="scripts.mit.edu" 186 receive="1" 187 scheduler=wlc 188 persistent=600 189 protocol=tcp 190 checktype=negotiate 191 192 virtual=18.181.0.49:444 193 real=18.181.0.53:444 gate 1024 194 real=18.181.0.57:444 gate 1024 195 real=18.181.0.167:444 gate 512 196 fallback=18.187.1.128:444 gate 197 service=https 198 request="heartbeat/https" 199 virtualhost="scripts.mit.edu" 200 receive="1" 201 scheduler=wlc 202 persistent=600 203 protocol=tcp 204 checktype=negotiate 205 35 # Everything else uses FWM 1 and gets sent only to the primary 206 36 virtual=1 207 37 real=18.181.0.53 gate "heartbeat/services", "1" -
branches/fc11-dev/lvs/debian/config/etc/inetd.conf
r568 r1198 39 39 40 40 # Make it easy to remotely query these LVS servers 41 # Joe Presbrey <presbrey@mit.edu> 42 60001 stream tcp nowait nobody /usr/local/sbin/in.vs_main 43 60002 stream tcp nowait nobody /usr/local/sbin/in.vs_stat 44 60003 stream tcp nowait nobody /usr/local/sbin/in.vs_conn 41 79 stream tcp nowait root /sbin/ipvsadm -
branches/fc11-dev/lvs/debian/config/etc/lighttpd/lighttpd.conf
r1022 r1198 3 3 "mod_magnet", 4 4 ) 5 6 server.max-connections=4096 7 server.max-fds=9182 8 server.max-read-idle=5 5 9 6 10 ## a static document-root, for virtual-hosting take look at the -
branches/fc11-dev/lvs/debian/config/etc/network/if-up.d/iptables
r1005 r1198 1 1 #!/bin/sh 2 2 ## Joe Presbrey <presbrey@mit.edu> 3 ## Quentin Smith <quentin@mit.edu> 3 4 ## SIPB Scripts LVS Firewall marks 4 5 5 6 iptables -F -t mangle 6 7 8 # Create a table for regular scripts hosts 9 iptables -t mangle -N scripts 2>/dev/null || : 10 11 # scripts-vhosts.mit.edu 12 iptables -A PREROUTING -t mangle -d 18.181.0.46 -j scripts 7 13 # scripts.mit.edu 8 iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.46/31 --dports 25,80,443,444 -j MARK --set-mark 2 9 iptables -A PREROUTING -t mangle -m mark --mark 0 -d 18.181.0.46/31 -j MARK --set-mark 1 14 iptables -A PREROUTING -t mangle -d 18.181.0.43 -j scripts 15 # scripts-cert.mit.edu 16 iptables -A PREROUTING -t mangle -d 18.181.0.50 -j scripts 10 17 11 # scripts-new.mit.edu 12 iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.43 --dports 25,80,443,444 -j MARK --set-mark 2 13 iptables -A PREROUTING -t mangle -m mark --mark 0 -d 18.181.0.43 -j MARK --set-mark 1 18 # Send Apache-bound traffic to FWM 2 (load-balanced) 19 iptables -A scripts -t mangle -m tcp -m multiport -p tcp --dports 80,443,444 -j MARK --set-mark 2 20 # Send SMTP-bound traffic to FWM 3 (load-balanced) 21 iptables -A scripts -t mangle -m tcp -p tcp --dport 25 -j MARK --set-mark 3 22 # Send everything else to FWM 1 (primary) 23 iptables -A scripts -t mangle -m mark --mark 0 -j MARK --set-mark 1 14 24 15 # scripts-cert.mit.edu 16 iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.50/31 --dports 25,80,443,444 -j MARK --set-mark 2 17 iptables -A PREROUTING -t mangle -m mark --mark 0 -d 18.181.0.50/31 -j MARK --set-mark 1 18 19 # webzephyr.mit.edu 20 iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.49 --dports 80,443 -j MARK --set-mark 2 25 # webzephyr.mit.edu is special because its SMTP needs to always go to the primary (FWM 1) 26 iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.49 --dports 80,443,444 -j MARK --set-mark 2 21 27 iptables -A PREROUTING -t mangle -m mark --mark 0 -d 18.181.0.49 -j MARK --set-mark 1
Note: See TracChangeset
for help on using the changeset viewer.