keepalived vip removed with dhcp renewal【原创】
最近发现公司云平台服务器的vip有丢失的现象,查看keepalived日志
Jun 1 17:00:06 lb1 dhclient: DHCPREQUEST of 10.0.0.2 on eth0 to 10.0.0.3 port 67 (xid=0x6deab016) Jun 1 17:00:06 lb1 dhclient: DHCPNAK from 10.0.0.3 (xid=0x6deab016) Jun 1 17:00:06 lb1 dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3 (xid=0x37e1db6a) Jun 1 17:00:06 lb1 dhclient: DHCPREQUEST of 10.0.0.2 on eth0 to 255.255.255.255 port 67 (xid=0x37e1db6a) Jun 1 17:00:06 lb1 dhclient: DHCPOFFER of 10.0.0.2 from 10.0.0.3 Jun 1 17:00:06 lb1 dhclient: DHCPACK of 10.0.0.2 from 10.0.0.3 Jun 1 17:00:06 lb1 dhclient: bound to 10.0.0.2 -- renewal in 38223 seconds. Jun 1 17:00:07 lb1 ntpd[1321]: Deleting interface #8 eth0, 10.0.255.254#123, interface stats: received=7, sent=0, dropped=0, active_time=145198 secs Jun 1 17:00:07 lb1 ntpd[1321]: peers refreshed
发现是云平台DHCP刷新直接把vip删掉,但是由于俩台机器的keepalived vrrp_script监控应用服务都是正常的,所以主备关系没有改变,如果没有特意加ping vip的策略,会导致keepalived没有发现此问题。
解决方法:
1、如果应平台的服务器可以改成固定IP,可以将网卡改为固定IP,这样就不会使用DHCP了
cat /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 TYPE=Ethernet ONBOOT=yes NM_CONTROLLED=no BOOTPROTO=static IPADDR=10.0.0.2 NETMASK=255.255.255.0 GATEWAY=10.0.0.1
2、如果不可以更改网卡IP,就在keepalived配置文件中增加dont_track_primary参数
vrrp_instance VI_1 { state BACKUP interface eth0 dont_track_primary virtual_router_id 89 priority 100 advert_int 1 nopreempt authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.0.0.17 } }
dont track primary:忽略VRRP的interface错误
如果有两块网卡,可以搭配track interface使用
track interface:跟踪接口,设置额外的监控,里面任意一块网卡出现问题,都会进入故障(FAULT)状态,例如,用nginx做均衡器的时候,内网必须正常工作,如果内网出问题了,这个均衡器也就无法运作了,所以必须对内外网同时做健康检查
vrrp_instance http {
state MASTER
interface eth0
dont_track_primary
track_interface {
eth0
eth1
}
官方原文
# Ignore VRRP interface faults (default unset) dont_track_primary # optional, monitor these as well. # go to FAULT state if any of these go down if unweighted. # When a weight is specified in track_interface, instead of setting the vrrp # instance to the FAULT state in case of failure, its priority will be # increased by the weight when the interface is up (for positive weights), # or decreased by the weight's absolute value when the interface is down # (for negative weights). The weight must be comprised between -254 and +254 # inclusive. 0 is the default behaviour which means that a failure implies a # FAULT state. The common practice is to use positive weights to count a # limited number of good services so that the server with the highest count # becomes master. Negative weights are better to count unexpected failures # among a high number of interfaces, as it will not saturate even with high # number of interfaces. track_interface { eth0 eth1 eth2 weight <-253..253> ... } # add a tracking script to the interface # (<SCRIPT_NAME> is the name of the vrrp_track_script entry) # The same principle as track_interface can be applied to track_script entries, # except that an unspecified weight means that the default weight declared in # the script will be used (which itself defaults to 0).
参考
https://serverfault.com/questions/601670/keepalived-vip-removed-with-dhcp-renewal
https://www.keepalived.org/manpage.html
