我有两个系统,都是虚拟机。 configuration为使用桥接networking。 我试图让Keepalived来pipe理VIP的所有权 – 10.190.1.230。 我已经尝试了两个版本的keepalived-1.2.2和keepalived-1.2.1,从源头上构build。
ServerA - RHEL5.2 x64 - 10.190.1.228 - PRIORITY 50 ServerB - RHEL6 x64 - 10.190.1.229 - PRIORITY 101 VIP - 10.190.1.230 我的问题似乎在ServerB上keepalived不发送多播广告。 它看到多播广告。 来自ServerA:
[root@ServerB~]# tcpdump -vv -c 3 -i eth0 vrrp tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 10:18:10.760577 IP (tos 0x0, ttl 255, id 856, offset 0, flags [none], proto VRRP (112), length 40) 10.190.1.228 > 224.0.0.18: VRRPv2, Advertisement, vrid 151, prio 50, authtype none, intvl 1s, length 20, addrs: 10.190.1.230 10:18:11.762039 IP (tos 0x0, ttl 255, id 857, offset 0, flags [none], proto VRRP (112), length 40) 10.190.1.228 > 224.0.0.18: VRRPv2, Advertisement, vrid 151, prio 50, authtype none, intvl 1s, length 20, addrs: 10.190.1.230 10:18:12.762883 IP (tos 0x0, ttl 255, id 858, offset 0, flags [none], proto VRRP (112), length 40) 10.190.1.228 > 224.0.0.18: VRRPv2, Advertisement, vrid 151, prio 50, authtype none, intvl 1s, length 20, addrs: 10.190.1.230 3 packets captured 3 packets received by filter 0 packets dropped by kernel [root@ServerB~]#
如果我杀了ServerA上的keepalived,并保持tcpdump运行,我看不到数据包。 我正在使用以下简单的keepalivedconfiguration:
vrrp_instance VI_1 { interface eth0 state BACKUP virtual_router_id 151 priority 50 virtual_ipaddress { 10.190.1.230 } }
vrrp_instance VI_1 { interface eth0 state MASTER virtual_router_id 151 priority 100 virtual_ipaddress { 10.190.1.230 } }
ServerA,正确的,我猜,看到它不能看到从更高优先级的ServerB上的VRRPv2广告keepalived,持有的VIP:
[root@ServerA~]# ip add sh eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 08:00:27:59:58:c0 brd ff:ff:ff:ff:ff:ff inet 10.190.1.228/24 brd 10.190.1.255 scope global eth0 inet 10.190.1.230/32 scope global eth0 inet6 fe80::a00:27ff:fe59:58c0/64 scope link valid_lft forever preferred_lft forever [root@ServerA~]#
防火墙在两台机器上都是禁用的。 这两个接口都设置了MULTICAST标志。
我用iperf发布到VRRP组:
[root@ServerB~]# iperf -u -c 224.0.0.18 ------------------------------------------------------------ Client connecting to 224.0.0.18, UDP port 5001 Sending 1470 byte datagrams Setting multicast TTL to 1 UDP buffer size: 122 KByte (default) ------------------------------------------------------------ [ 3] local 10.190.1.229 port 32929 connected with 224.0.0.18 port 5001 ^C[ ID] Interval Transfer Bandwidth [ 3] 0.0- 0.6 sec 73.2 KBytes 1.05 Mbits/sec [ 3] Sent 51 datagrams [root@ServerB~]#
ServerA可以看到这个stream量:
[root@ServerA~]# tcpdump -c 3 -i eth0 host 224.0.0.18 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 10:37:30.460427 IP 10.190.1.229.33088 > vrrp.mcast.net.commplex-link: UDP, length 1470 10:37:30.472247 IP 10.190.1.229.33088 > vrrp.mcast.net.commplex-link: UDP, length 1470 10:37:30.482908 IP 10.190.1.229.33088 > vrrp.mcast.net.commplex-link: UDP, length 1470 3 packets captured 10 packets received by filter 0 packets dropped by kernel [root@ServerA~]#
以上将让我觉得这不是一个networking问题。 我没有路由表中的mutlicast路由,但上面提示我不需要一个。 多播stream量正在使用eth0。
最后,这里是从ServerB上的keepalived注销:
May 18 10:40:46 ServerB Keepalived: Starting Keepalived v1.2.1 (05/17,2011) May 18 10:40:46 ServerB Keepalived: Remove a zombie pid file /var/run/keepalived.pid May 18 10:40:46 ServerB Keepalived: Registering Kernel netlink reflector May 18 10:40:46 ServerB Keepalived: Registering Kernel netlink command channel May 18 10:40:46 ServerB Keepalived: Registering gratutious ARP shared channel May 18 10:40:46 ServerB Keepalived: Configuration is using : 55219 Bytes May 18 10:40:46 ServerB Keepalived: Using LinkWatch kernel netlink reflector...
我没有用-D开关运行它,这似乎是内存debugging,对我来说意义不大。 我已经把strace的输出上传到了这里 。
当我strace与-n标志keepalived(不要分叉),我得到以下输出后,上面链接的输出:
sendto(3, "<30>May 18 10:58:50 Keepalived: "..., 68, MSG_NOSIGNAL, NULL, 0) = 68 sendto(3, "<30>May 18 10:58:50 Keepalived: "..., 75, MSG_NOSIGNAL, NULL, 0) = 75 rt_sigaction(SIGCHLD, {0x411b60, [], SA_RESTORER|SA_RESTART, 0x3db5a32a20}, {SIG_DFL, [], 0}, 8) = 0 select(1024, [4 6], [], [], {1, 0}) = 0 (Timeout) select(1024, [4 6], [], [], {1, 0}) = 0 (Timeout) select(1024, [4 6], [], [], {1, 0}) = 0 (Timeout) select(1024, [4 6], [], [], {1, 0}) = 0 (Timeout) [ etc ..]
这与ServerA上工作keepalived的strace输出相反,我可以在其中看到sendto(),sendmdg()和recmsg()调用。
男孩我感到愚蠢。 我把我的keepalived.conf文件保存为/ etc / keepalived /中的keepalived.cfg文件(想想我从haproxy.cfg中select了这个文件)。 Keepalived会查找/etc/keepalived/keepalive.conf。 我开始keepalived没有-f标志,所以它开始没有configuration。
如果我使用-d选项(将conf转储到syslog),我会看到它使用默认的configuration,而不是拿起我的设置。