我无法在xen domU上正确运行keepalived。
我正在关注这个链接进行configuration,并且在一些本地虚拟机上运行(使用KVM运行)。 如果我设置了完全相同的configuration,但在xen domU上,它不起作用:两台服务器都不会互相看到并决定成为主设备(10.10.0.200是虚拟IP)
$ sudo ip addr sh eth0 # host1 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:16:3e:73:b0:78 brd ff:ff:ff:ff:ff:ff inet 10.10.0.100/24 brd 10.10.0.255 scope global eth0 inet 10.10.0.200/32 scope global eth0 inet6 fe80::216:3eff:fe73:b078/64 scope link valid_lft forever preferred_lft forever $ sudo ip addr sh eth0 # host2 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:16:3e:ee:5e:fd brd ff:ff:ff:ff:ff:ff inet 10.10.0.101/24 brd 10.10.0.255 scope global eth0 inet 10.10.0.200/32 scope global eth0 inet6 fe80::216:3eff:feee:5efd/64 scope link valid_lft forever preferred_lft forever 有没有一种方法,我可以debugging这个 – 看起来有些人可以使用keepalived氙下面的一些邮件列表,但没有太多的信息在他们的configuration。
域0有两个“真正的”以太网卡,eth0和eth1,eth0连接到networking:
我的xendconfiguration是:
(xend-relocation-server no) (network-script 'network-nat netdev=eth1') (vif-script vif-nat) (dom0-min-mem 1024) (enable-dom0-ballooning no) (total_available_memory 0) (dom0-cpus 0) (vncpasswd '')
而xend中/ etc / hosts中的相关部分是:
10.10.0.100 test1 test1 10.10.0.101 test2 test2
每个domU(test1和test2)分别configuration为10.10.0.100和10.10.0.101。 每个可以通过这些名称相互ping通(现在通过/ etc / hosts手动configuration)。 虚拟IP是10.10.0.200
请注意,现在我不太在意dom0(bridge vs …)中的networkingconfiguration,我希望在domU之间完成keepalived工作,作为第一步
目前在dom0上的ip表:
# Generated by iptables-save v1.4.8 on Tue Apr 19 12:52:04 2011 *filter :INPUT ACCEPT [37536:5302365] :FORWARD ACCEPT [5367:1221790] :OUTPUT ACCEPT [30601:3514407] -A FORWARD -m state --state RELATED,ESTABLISHED -m physdev --physdev-out vif8.0 -j ACCEPT -A FORWARD -p udp -m physdev --physdev-in vif8.0 -m udp --sport 68 --dport 67 -j ACCEPT -A FORWARD -m state --state RELATED,ESTABLISHED -m physdev --physdev-out vif8.0 -j ACCEPT -A FORWARD -s 10.10.0.101/32 -m physdev --physdev-in vif8.0 -j ACCEPT COMMIT # Completed on Tue Apr 19 12:52:04 2011 # Generated by iptables-save v1.4.8 on Tue Apr 19 12:52:04 2011 *nat :PREROUTING ACCEPT [1441667:468129452] :POSTROUTING ACCEPT [608454:36641119] :OUTPUT ACCEPT [608448:36640127] -A POSTROUTING -o eth1 -j MASQUERADE -A POSTROUTING -o eth1 -j MASQUERADE -A POSTROUTING -o eth1 -j MASQUERADE -A POSTROUTING -s 10.10.0.0/24 -o eth0 -j SNAT --to-source 192.168.3.9 COMMIT # Completed on Tue Apr 19 12:52:04 2011
至于保持活着configuration:
# test1 config vrrp_script chk_haproxy { # Requires keepalived-1.1.13 script "killall -0 haproxy" # cheaper than pidof interval 2 # check every 2 seconds weight 2 # add 2 points of prio if OK } vrrp_instance VI_1 { interface eth0 state MASTER virtual_router_id 51 priority 101 # 101 on master, 100 on backup virtual_ipaddress { 10.10.0.200 } track_script { chk_haproxy } }
和test2:
vrrp_script chk_haproxy { # Requires keepalived-1.1.13 script "killall -0 haproxy" # cheaper than pidof interval 2 # check every 2 seconds weight 2 # add 2 points of prio if OK } vrrp_instance VI_1 { interface eth0 state MASTER virtual_router_id 51 priority 100 # 101 on master, 100 on backup virtual_ipaddress { 10.10.0.200 } track_script { chk_haproxy } }
每个主持人都可以“相互”牵制:
# on test1 sudo arping test2 ARPING 10.10.0.101 from 10.10.0.100 eth0 Unicast reply from 10.10.0.101 [FE:FF:FF:FF:FF:FF] 751.879ms Unicast reply from 10.10.0.101 [FE:FF:FF:FF:FF:FF] 0.626ms ... # on test2 sudo arping test1 ARPING 10.10.0.100 from 10.10.0.101 eth0 Unicast reply from 10.10.0.100 [FE:FF:FF:FF:FF:FF] 105.399ms Unicast reply from 10.10.0.100 [FE:FF:FF:FF:FF:FF] 0.655ms
[编辑]如果我从keepalivedconfiguration删除track_script行,并重新启动,我得到以下日志:
Apr 19 13:35:06 test1 Keepalived: Terminating on signal Apr 19 13:35:06 test1 Keepalived: Stopping Keepalived v1.1.20 (08/18,2010) Apr 19 13:35:06 test1 Keepalived_vrrp: Terminating VRRP child process on signal Apr 19 13:35:06 test1 Keepalived_healthcheckers: Terminating Healthchecker child process on signal Apr 19 13:35:07 test1 Keepalived: Starting Keepalived v1.1.20 (08/18,2010) Apr 19 13:35:07 test1 Keepalived: Starting Healthcheck child process, pid=4848 Apr 19 13:35:07 test1 Keepalived: Starting VRRP child process, pid=4849 Apr 19 13:35:07 test1 Keepalived_healthcheckers: Initializing ipvs 2.6 Apr 19 13:35:07 test1 Keepalived_vrrp: Registering Kernel netlink reflector Apr 19 13:35:07 test1 Keepalived_vrrp: Registering Kernel netlink command channel Apr 19 13:35:07 test1 Keepalived_vrrp: Registering gratutious ARP shared channel Apr 19 13:35:07 test1 Keepalived_vrrp: Initializing ipvs 2.6 Apr 19 13:35:07 test1 Keepalived_healthcheckers: IPVS: Can't initialize ipvs: Protocol not available Apr 19 13:35:07 test1 Keepalived_healthcheckers: Registering Kernel netlink reflector Apr 19 13:35:07 test1 Keepalived_healthcheckers: Registering Kernel netlink command channel Apr 19 13:35:07 test1 Keepalived_healthcheckers: Opening file '/etc/keepalived/keepalived.conf'. Apr 19 13:35:07 test1 Keepalived_vrrp: IPVS: Can't initialize ipvs: Protocol not available Apr 19 13:35:07 test1 Keepalived_vrrp: Opening file '/etc/keepalived/keepalived.conf'. Apr 19 13:35:07 test1 Keepalived_healthcheckers: Configuration is using : 3103 Bytes Apr 19 13:35:07 test1 Keepalived_healthcheckers: Using LinkWatch kernel netlink reflector... Apr 19 13:35:07 test1 Keepalived_vrrp: Configuration is using : 31958 Bytes Apr 19 13:35:07 test1 Keepalived_vrrp: Using LinkWatch kernel netlink reflector... Apr 19 13:35:08 test1 Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE Apr 19 13:35:09 test1 Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
和:
Apr 19 13:34:43 test2 Keepalived: Terminating on signal Apr 19 13:34:43 test2 Keepalived: Stopping Keepalived v1.1.20 (08/18,2010) Apr 19 13:34:43 test2 Keepalived_vrrp: Terminating VRRP child process on signal Apr 19 13:34:43 test2 Keepalived_healthcheckers: Terminating Healthchecker child process on signal Apr 19 13:34:44 test2 Keepalived: Starting Keepalived v1.1.20 (08/18,2010) Apr 19 13:34:44 test2 Keepalived: Starting Healthcheck child process, pid=3811 Apr 19 13:34:44 test2 Keepalived: Starting VRRP child process, pid=3812 Apr 19 13:34:44 test2 Keepalived_healthcheckers: Initializing ipvs 2.6 Apr 19 13:34:44 test2 Keepalived_vrrp: Registering Kernel netlink reflector Apr 19 13:34:44 test2 Keepalived_vrrp: Registering Kernel netlink command channel Apr 19 13:34:44 test2 Keepalived_vrrp: Registering gratutious ARP shared channel Apr 19 13:34:44 test2 Keepalived_vrrp: Initializing ipvs 2.6 Apr 19 13:34:44 test2 Keepalived_healthcheckers: IPVS: Can't initialize ipvs: Protocol not available Apr 19 13:34:44 test2 Keepalived_healthcheckers: Registering Kernel netlink reflector Apr 19 13:34:44 test2 Keepalived_healthcheckers: Registering Kernel netlink command channel Apr 19 13:34:44 test2 Keepalived_healthcheckers: Opening file '/etc/keepalived/keepalived.conf'. Apr 19 13:34:44 test2 Keepalived_vrrp: IPVS: Can't initialize ipvs: Protocol not available Apr 19 13:34:44 test2 Keepalived_healthcheckers: Configuration is using : 3103 Bytes Apr 19 13:34:44 test2 Keepalived_healthcheckers: Using LinkWatch kernel netlink reflector... Apr 19 13:34:44 test2 Keepalived_vrrp: Opening file '/etc/keepalived/keepalived.conf'. Apr 19 13:34:44 test2 Keepalived_vrrp: Configuration is using : 31958 Bytes Apr 19 13:34:44 test2 Keepalived_vrrp: Using LinkWatch kernel netlink reflector... Apr 19 13:34:45 test2 Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE Apr 19 13:34:46 test2 Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
“状态大师”将会混淆事实,因为他们最初都会转换到MASTER并且假设IP(根据您的日志) – 您只需要在其中一个上使用MASTER,而在另一个上使用BACKUP(所以一开始被动)。
但是,由于它们都可能保持为MASTER,因此它们不能看到彼此的VRRP通告(如果能够在看到更高的优先级后宣布退出)。
检查你可以看到来自两台主机的组播stream量(tcpdump组播)。
编辑:废话,只是意识到这是相当古老 – 可能是有用的其他人使用keepalived。
你把它们都设置为“状态主机”,即使优先级不同,也会导致VRRP通告混乱。 尝试将test2设置为“状态备份”。 这已经为我修好了。
这也让我觉得有些事情正在发生。
Apr 19 13:34:44 test2 Keepalived_healthcheckers: IPVS: Can't initialize ipvs: Protocol not available
我会检查lsmod | grep ip,并确保你已经为ipvs加载了内核模块。
希望这可以帮助。