keepalived vip removed with dhcp renewal【原创】

最近发现公司云平台服务器的vip有丢失的现象,查看keepalived日志

Jun  1 17:00:06 lb1 dhclient: DHCPREQUEST of 10.0.0.2 on eth0 to 10.0.0.3 port 67 (xid=0x6deab016)
Jun  1 17:00:06 lb1 dhclient: DHCPNAK from 10.0.0.3 (xid=0x6deab016)
Jun  1 17:00:06 lb1 dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3 (xid=0x37e1db6a)
Jun  1 17:00:06 lb1 dhclient: DHCPREQUEST of 10.0.0.2 on eth0 to 255.255.255.255 port 67 (xid=0x37e1db6a)
Jun  1 17:00:06 lb1 dhclient: DHCPOFFER of 10.0.0.2 from 10.0.0.3
Jun  1 17:00:06 lb1 dhclient: DHCPACK of 10.0.0.2 from 10.0.0.3
Jun  1 17:00:06 lb1 dhclient: bound to 10.0.0.2 -- renewal in 38223 seconds.
Jun  1 17:00:07 lb1 ntpd[1321]: Deleting interface #8 eth0, 10.0.255.254#123, interface stats: received=7, sent=0, dropped=0, active_time=145198 secs
Jun  1 17:00:07 lb1 ntpd[1321]: peers refreshed

发现是云平台DHCP刷新直接把vip删掉,但是由于俩台机器的keepalived vrrp_script监控应用服务都是正常的,所以主备关系没有改变,如果没有特意加ping vip的策略,会导致keepalived没有发现此问题。

解决方法:

1、如果应平台的服务器可以改成固定IP,可以将网卡改为固定IP,这样就不会使用DHCP了

cat /etc/sysconfig/network-scripts/ifcfg-eth0 
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=10.0.0.2
NETMASK=255.255.255.0
GATEWAY=10.0.0.1

 

2、如果不可以更改网卡IP,就在keepalived配置文件中增加dont_track_primary参数

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    dont_track_primary
    virtual_router_id 89
    priority 100
    advert_int 1
    nopreempt
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.17
    }
}

dont track primary:忽略VRRP的interface错误

如果有两块网卡,可以搭配track interface使用

track interface:跟踪接口,设置额外的监控,里面任意一块网卡出现问题,都会进入故障(FAULT)状态,例如,用nginx做均衡器的时候,内网必须正常工作,如果内网出问题了,这个均衡器也就无法运作了,所以必须对内外网同时做健康检查

vrrp_instance http {
state MASTER
interface eth0
dont_track_primary
track_interface {
eth0
eth1
}

 

官方原文

# Ignore VRRP interface faults (default unset)
           dont_track_primary

           # optional, monitor these as well.
           # go to FAULT state if any of these go down if unweighted.
           # When a weight is specified in track_interface, instead of setting the vrrp
           # instance to the FAULT state in case of failure, its priority will be
           # increased by the weight when the interface is up (for positive weights),
           # or decreased by the weight's absolute value when the interface is down
           # (for negative weights). The weight must be comprised between -254 and +254
           # inclusive. 0 is the default behaviour which means that a failure implies a
           # FAULT state. The common practice is to use positive weights to count a
           # limited number of good services so that the server with the highest count
           # becomes master. Negative weights are better to count unexpected failures
           # among a high number of interfaces, as it will not saturate even with high
           # number of interfaces.
           track_interface {
               eth0
               eth1
               eth2 weight <-253..253>
                ...
           }

           # add a tracking script to the interface
           # (<SCRIPT_NAME> is the name of the vrrp_track_script entry)
           # The same principle as track_interface can be applied to track_script entries,
           # except that an unspecified weight means that the default weight declared in
           # the script will be used (which itself defaults to 0).

 

参考

https://serverfault.com/questions/601670/keepalived-vip-removed-with-dhcp-renewal

https://www.keepalived.org/manpage.html

 

posted @ 2019-06-06 10:24 paul_hch 阅读(...) 评论(...) 编辑 收藏