Назад | Перейти на главную страницу

keepalived не слушает виртуальный IP

Я учусь использовать keepalived; пока на одной машине - просто чтобы убедиться, что пересылка работает.

Я запустил фиктивный веб-сервер, прослушивающий 192.168.56.200:8080. Он просто отвечает с именем хоста.

$ curl http://192.168.56.200:8080/
controller-1

Теперь я настроил keepalived (/etc/keepalived/keepalived.conf):

virtual_server 192.168.111.1 8082 {
  delay_loop 30
  lb_algo rr
  lb_kind DR
  persistence_timeout 50
  protocol TCP
  real_server 192.168.56.200 8080 {
    weight 1
    TCP_CHECK {
    }
  }
}

vrrp_instance VI_1 {
  state MASTER
  interface eth0
  virtual_router_id 1
  priority 100
  virtual_ipaddress {
    192.168.111.1/24
  }
}

Однако, похоже, это не работает:

$ curl http://192.168.111.1:8082/
curl: (7) couldn't connect to host
$ telnet 192.168.111.1 8082
Trying 192.168.111.1...
telnet: Unable to connect to remote host: Connection refused

И действительно, согласно netstat -apn | grep 8082, никто не слушает порт 8082, хотя keepalived, вероятно, должен.

Что не так с моей конфигурацией?

Еще немного полезной информации:

$ ip a
...
2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:4e:4b:c6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.111.1/24 scope global eth0
    inet6 fe80::a00:27ff:fe4e:4bc6/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 08:00:27:9d:c4:b0 brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.200/24 scope global eth1
    inet6 fe80::a00:27ff:fe9d:c4b0/64 scope link 
       valid_lft forever preferred_lft forever

И системный журнал:

Aug 10 22:58:36 controller-1 Keepalived: Starting Keepalived v1.2.2 (12/23,2011)
Aug 10 22:58:36 controller-1 Keepalived: Starting Healthcheck child process, pid=5257
Aug 10 22:58:36 controller-1 Keepalived: Starting VRRP child process, pid=5258
Aug 10 22:58:36 controller-1 Keepalived_healthcheckers: Initializing ipvs 2.6
Aug 10 22:58:36 controller-1 Keepalived_healthcheckers: Registering Kernel netlink reflector
Aug 10 22:58:36 controller-1 Keepalived_healthcheckers: Registering Kernel netlink command channel
Aug 10 22:58:36 controller-1 Keepalived_healthcheckers: Opening file '/etc/keepalived/keepalived.conf'.
Aug 10 22:58:36 controller-1 Keepalived_healthcheckers: Configuration is using : 8775 Bytes
Aug 10 22:58:36 controller-1 Keepalived_vrrp: Registering Kernel netlink reflector
Aug 10 22:58:36 controller-1 Keepalived_vrrp: Registering Kernel netlink command channel
Aug 10 22:58:36 controller-1 Keepalived_vrrp: Registering gratutious ARP shared channel
Aug 10 22:58:36 controller-1 Keepalived_vrrp: Initializing ipvs 2.6
Aug 10 22:58:36 controller-1 Keepalived_vrrp: Opening file '/etc/keepalived/keepalived.conf'.
Aug 10 22:58:36 controller-1 Keepalived_vrrp: Configuration is using : 59356 Bytes
Aug 10 22:58:36 controller-1 Keepalived_vrrp: Using LinkWatch kernel netlink reflector...
Aug 10 22:58:36 controller-1 Keepalived_healthcheckers: Using LinkWatch kernel netlink reflector...
Aug 10 22:58:36 controller-1 Keepalived_healthcheckers: Activating healtchecker for service [192.168.56.200]:8080
Aug 10 22:58:37 controller-1 ntpd[1318]: Deleting interface #22 eth0, 192.168.111.1#123, interface stats: received=0, sent=0, dropped=0, active_time=76 secs
Aug 10 22:58:37 controller-1 ntpd[1318]: peers refreshed
Aug 10 22:58:37 controller-1 Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
Aug 10 22:58:38 controller-1 Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
Aug 10 22:58:38 controller-1 avahi-daemon[775]: Joining mDNS multicast group on interface eth0.IPv4 with address 192.168.111.1.
Aug 10 22:58:38 controller-1 avahi-daemon[775]: New relevant interface eth0.IPv4 for mDNS.
Aug 10 22:58:38 controller-1 avahi-daemon[775]: Registering new address record for 192.168.111.1 on eth0.IPv4.
Aug 10 22:58:40 controller-1 ntpd[1318]: Listen normally on 23 eth0 192.168.111.1 UDP 123
Aug 10 22:58:40 controller-1 ntpd[1318]: peers refreshed
Aug 10 22:58:40 controller-1 ntpd[1318]: new interface(s) found: waking up resolver
Aug 10 22:58:42 controller-1 ntpd_intres[1320]: host name not found: 0.ubuntu.pool.ntp.org
Aug 10 22:58:42 controller-1 ntpd_intres[1320]: host name not found: 1.ubuntu.pool.ntp.org
Aug 10 22:58:42 controller-1 ntpd_intres[1320]: host name not found: 2.ubuntu.pool.ntp.org
Aug 10 22:58:42 controller-1 ntpd_intres[1320]: host name not found: 3.ubuntu.pool.ntp.org
Aug 10 22:58:42 controller-1 ntpd_intres[1320]: host name not found: ntp.ubuntu.com

В sysctl включены ip_forward и ip_nonlocal_bind.

Ваше серверное приложение должно слушать 0.0.0.0:8080не только на 192.168.56.200:8080.

Используйте это, чтобы проверить, где сервер слушает:

netstat -nlta | grep 8080

Скорее всего, вы найдете это:

tcp        0      0 192.168.56.200:8080           0.0.0.0:*               LISTEN

Это указывает на то, что служба явно прослушивает этот адрес, а не любые другие адреса, которые могут быть настроены в системе. Вы также можете использовать notify_ директивы для сигнализации активности при изменении состояния (например, для перезапуска службы, чтобы она знала о новом IP-адресе (ах)).

notify_master "/etc/init.d/service start"
notify_backup "/etc/init.d/service stop"
notify_fault  "/etc/init.d/service stop"