Keepalived: VRRP аварийно завершает работу и снова появляется при использовании auth_type AH

Я реализую аварийное переключение на основе keepalived для моих узлов / службы, используя auth_type в качестве AH. При запуске службы keepalived служба аварийно завершает работу, и в журналах не отображается много подробностей о сбое. Я сталкиваюсь с проблемой только тогда, когда auth_type - AH. Все работает нормально, когда я изменяю auth_type на PASS.

Версия для ОС Linux: SUSE Linux Enterprise Server 12 (x86_64)

Keepalived версия: Keepalived v1.2.15 (04/17,2015)

Я попытался отключить брандмауэр. Кроме того, я добавил свойство net.ipv4.ip_nonlocal_bind = 1 в файл /etc/sysctl.conf и продолжаю сохранять ошибки.

Кто-нибудь может помочь / пролить свет на это?

Ниже приведены настройки поддержки активности для моих узлов.

Конфигурация узла 1:

! Configuration File for keepalived

global_defs {
   router_id vipr1_router
}

vrrp_script chk_nginx {
    # script to run periodically. exit code 0 for success
    script "/usr/bin/killall -0 nginx"

    # run the script every seconds
    interval 2

    # if script succeeds, increase node priority by this weight
    weight 100
}

vrrp_instance vrrp_vipr1 {
    # default state after startup
    state BACKUP

    # binding interface
    interface eth0

    # unique number 0..255 to differentiate multiple instances of vrrp
    # we're using least significant 8 bits of VIP to avoid collisions
    virtual_router_id 134

    # for electing master, highest priority wins. for same prioirty, highest 
    # ip address wins.
    priority 99

    # VRRP advert interval in seconds from master node. new master election 
    # starts if a backup node misses 3 continuous adverts.
    advert_int 3

    authentication {
        auth_type AH
        auth_pass 1111
    }

    track_script {
        chk_nginx
    }

    virtual_ipaddress {
        xxx.xxx.xxx.134/24
    }
}

Конфигурация узла 2:

! Configuration File for keepalived

global_defs {
   router_id vipr2_router
}

vrrp_script chk_nginx {
    # script to run periodically. exit code 0 for success
    script "/usr/bin/killall -0 nginx"

    # run the script every seconds
    interval 2

    # if script succeeds, increase node priority by this weight
    weight 100
}

vrrp_instance vrrp_vipr2 {
    # default state after startup
    state BACKUP

    # binding interface
    interface eth0

    # unique number 0..255 to differentiate multiple instances of vrrp
    # we're using least significant 8 bits of VIP to avoid collisions
    virtual_router_id 134

    # for electing master, highest priority wins. for same prioirty, highest 
    # ip address wins.
    priority 96

    # VRRP advert interval in seconds from master node. new master election 
    # starts if a backup node misses 3 continuous adverts.
    advert_int 3

    authentication {
        auth_type AH
        auth_pass 1111
    }

    track_script {
        chk_nginx
    }

    virtual_ipaddress {
        xxx.xxx.xxx.134/24
    }
}

Ниже приведен фрагмент журнала, содержащий сведения о сбое.

2017-12-07 12:34:30 [daemon] info systemd[1]: Starting Keepalived service...
2017-12-07 12:34:30 [daemon] info Keepalived[12262]: Starting Keepalived v1.2.15 (04/17,2015)
2017-12-07 12:34:30 [daemon] info systemd[1]: Started Keepalived service.
2017-12-07 12:34:30 [daemon] info Keepalived[12263]: Starting VRRP child process, pid=12264
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]: Registering Kernel netlink reflector
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]: Registering Kernel netlink command channel
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]: Registering gratuitous ARP shared channel
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]: Opening file '/etc/keepalived/keepalived.conf'.
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]: Configuration is using : 63992 Bytes
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]: ------< Global definitions >------
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:  Router ID = vipr1_router
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:  Smtp server connection timeout = 30
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:  Email notification from = root@vipr1
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:  VRRP IPv4 mcast group = 224.0.0.18
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:  VRRP IPv6 mcast group = 224.0.0.18
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]: ------< VRRP Topology >------
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:  VRRP Instance = vrrp_vipr1
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Want State = BACKUP
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Runing on device = eth0
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Using src_ip = xx.xx.xx.133
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Gratuitous ARP repeat = 5
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Gratuitous ARP refresh repeat = 1
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Virtual Router ID = 134
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Priority = 99
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Advert interval = 3sec
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Authentication type = IPSEC_AH
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Password = 1111
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Tracked scripts = 1
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:      chk_nginx weight 100
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Virtual IP = 1
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:      xx.xx.xx.134/24 dev eth0 scope global
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Using VRRP VMAC (flags:DOWN|xmit)
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]: ------< VRRP Scripts >------
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:  VRRP Script = chk_nginx
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Command = /usr/bin/killall -0 nginx
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Interval = 2 sec
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Timeout = 0 sec
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Weight = 100
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Rise = 1
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Fall = 1
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]:    Status = INIT
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]: Using LinkWatch kernel netlink reflector...
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]: VRRP_Instance(vrrp_vipr1) Entering BACKUP STATE
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]: VRRP sockpool: [ifindex(2), proto(51), unicast(0), fd(10,11)]
2017-12-07 12:34:30 [local1] info Keepalived_vrrp[12264]: VRRP_Script(chk_nginx) succeeded
2017-12-07 12:34:40 [daemon] alert Keepalived[12263]: VRRP child process(12264) died: Respawning
2017-12-07 12:34:40 [daemon] info Keepalived[12263]: Starting VRRP child process, pid=12275
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]: Registering Kernel netlink reflector
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]: Registering Kernel netlink command channel
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]: Registering gratuitous ARP shared channel
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]: Opening file '/etc/keepalived/keepalived.conf'.
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]: Configuration is using : 64064 Bytes
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]: ------< Global definitions >------
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]:  Router ID = vipr1_router
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]:  Smtp server connection timeout = 30
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]:  Email notification from = root@vipr1
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]:  VRRP IPv4 mcast group = 224.0.0.18
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]:  VRRP IPv6 mcast group = 224.0.0.18
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]: ------< VRRP Topology >------
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]:  VRRP Instance = vrrp_vipr1
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]:    Want State = BACKUP
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]:    Runing on device = eth0
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]:    Timeout = 0 sec
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]:    Weight = 100
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]:    Rise = 1
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]:    Fall = 1
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]:    Status = INIT
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]: Using LinkWatch kernel netlink reflector...
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]: VRRP_Instance(vrrp_vipr1) Entering BACKUP STATE
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]: VRRP sockpool: [ifindex(2), proto(51), unicast(0), fd(10,11)]
2017-12-07 12:34:40 [local1] info Keepalived_vrrp[12275]: VRRP_Script(chk_nginx) succeeded
2017-12-07 12:34:49 [daemon] alert Keepalived[12263]: VRRP child process(12275) died: Respawning
2017-12-07 12:34:49 [daemon] info Keepalived[12263]: Starting VRRP child process, pid=12288
....
Источник

0 ответов

Другие вопросы по тегам