主機:10.28.10.123
備機:10.28.10.108
vip:10.28.10.251
用yum安裝了keepalived,配置好后,啟動keepalived。但是在備機無法ping通vip。關閉主機上的keepalived,單獨啟動備機上的keepalived,同樣也無法在主機ping通vip,求指點一二
iptables已經關閉,selinux設定為permissive
ip a如下:
[root@localhost keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 06:3a:94:00:00:54 brd ff:ff:ff:ff:ff:ff
inet 10.28.10.123/24 brd 10.28.10.255 scope global ens3
valid_lft forever preferred_lft forever
inet 10.28.10.251/24 scope global secondary ens3
valid_lft forever preferred_lft forever
inet6 fe80::43a:94ff:fe00:54/64 scope link
valid_lft forever preferred_lft forever
keepalived.conf配置如下:
! Configuration File for keepalived
global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER #備機為BACKUP
interface ens3
virtual_router_id 51
priority 100 #備機為99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.28.10.251
}
}
uj5u.com熱心網友回復:
參考了網上的一些解決方法,未能解決。求大神指點一二。。。uj5u.com熱心網友回復:
備機有系結vip嗎uj5u.com熱心網友回復:
會的,主備啟動,均會各自系結vip懷疑是vrrp的問題,但是不知道怎么解決了
uj5u.com熱心網友回復:
關閉iptables selinux重啟網路服務
查看nginx keepalived是否啟動
備機interface 是不是ens3
主備機是否相互ping通
uj5u.com熱心網友回復:
謝了。
重啟網路服務的時候失敗了
[root@localhost keepalived]# systemctl restart network.service
Job for network.service failed. See 'systemctl status network.service' and 'journalctl -xn' for details.
[root@localhost keepalived]# systemctl status network.service
network.service - LSB: Bring up/down networking
Loaded: loaded (/etc/rc.d/init.d/network)
Active: failed (Result: exit-code) since Thu 2015-10-22 04:54:37 EDT; 7s ago
Process: 6857 ExecStart=/etc/rc.d/init.d/network start (code=exited, status=1/FAILURE)
Oct 22 04:54:37 localhost.localdomain network[6857]: RTNETLINK answers: File exists
Oct 22 04:54:37 localhost.localdomain network[6857]: RTNETLINK answers: File exists
Oct 22 04:54:37 localhost.localdomain network[6857]: RTNETLINK answers: File exists
Oct 22 04:54:37 localhost.localdomain network[6857]: RTNETLINK answers: File exists
Oct 22 04:54:37 localhost.localdomain network[6857]: RTNETLINK answers: File exists
Oct 22 04:54:37 localhost.localdomain network[6857]: RTNETLINK answers: File exists
Oct 22 04:54:37 localhost.localdomain network[6857]: RTNETLINK answers: File exists
Oct 22 04:54:37 localhost.localdomain systemd[1]: network.service: control process exited, code=exited status=1
Oct 22 04:54:37 localhost.localdomain systemd[1]: Failed to start LSB: Bring up/down networking.
Oct 22 04:54:37 localhost.localdomain systemd[1]: Unit network.service entered failed state.
uj5u.com熱心網友回復:
備機的interface確實是ens3,主備機可以互相ping通的uj5u.com熱心網友回復:
router_iduj5u.com熱心網友回復:
你的意思是?uj5u.com熱心網友回復:
router_id LVS_DEVEL 名字改不一樣的uj5u.com熱心網友回復:
改了,還是不行uj5u.com熱心網友回復:
備機 ip a 發來看看uj5u.com熱心網友回復:
好的,這是備機啟動keepalived的情況[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 06:99:e4:00:00:45 brd ff:ff:ff:ff:ff:ff
inet 10.28.10.108/24 brd 10.28.10.255 scope global ens3
valid_lft forever preferred_lft forever
inet 10.28.10.251/24 scope global secondary ens3
valid_lft forever preferred_lft forever
inet6 fe80::499:e4ff:fe00:45/64 scope link
valid_lft forever preferred_lft forever
我現在測驗只啟動了主機的keepalived,雖然有vip,但是其他機器根本ping不通這個vip
uj5u.com熱心網友回復:
補充下,這些機器都是cloudstack創建的虛擬機uj5u.com熱心網友回復:
關主機 ,開備機 ping不通自己VIP?uj5u.com熱心網友回復:
可以的,兩臺機器都可以在本機ping通自己的vipuj5u.com熱心網友回復:
裝個nginxuj5u.com熱心網友回復:
我也碰到這個狀況了,環境是docker,不知道樓主的問題解決沒有uj5u.com熱心網友回復:
解決了嗎?
uj5u.com熱心網友回復:
請問,問題解決了嗎uj5u.com熱心網友回復:
實際經驗告訴我主機備機都有vip的情況就是防火墻或路由的問題了兩臺機器都不能互相訪問的話,就會有兩個vip,且不能訪問,檢查防火墻,centos 7 以后是firewall
uj5u.com熱心網友回復:
如果做了防火墻,主備都要加入以下規則 192.100.1.211 這里代表主機,再備機上做,反之
firewall-cmd --permanent --zone=public --remove-rich-rule="rule family="ipv4" source address="192.100.1.211" port port="112" protocol="tcp" accept"
firewall-cmd --reload
firewall-cmd --permanent --zone=public --remove-rich-rule="rule family="ipv4" source address="224.0.0.18" port port="112" protocol="tcp" accept"
vvrp是112埠的·
uj5u.com熱心網友回復:
VIP系結成功了,但是ping不通,請大神指教uj5u.com熱心網友回復:
若兩臺機器配置了防火墻,需要放開組播地址的權限:iptables -I INPUT -i eth3 -d 224.0.0.18 -j ACCEPT
service iptables save
service iptables restart
uj5u.com熱心網友回復:
你的那個vip是申請的vip么?好像用一臺主機的ip是不行的,我試過申請的是vip,還得關聯那兩臺主備機uj5u.com熱心網友回復:
重啟完網卡后,在重啟下機器應該就好了吧,反正我是這樣的。uj5u.com熱心網友回復:
瞎雞巴扯,主備啟動,備用機是不會系結vip的。備用機接管才會系結vip 如果主備都系結vip 是要出問題的
uj5u.com熱心網友回復:
同問,解決了嗎?另外:申請vip?是什么意思,謝謝。uj5u.com熱心網友回復:
問度娘了,申請的VIP,指的是跟ISP申請的公網IP?測驗環境哪來這個呢?
uj5u.com熱心網友回復:
樓主,你的問題解決了嗎?我遇到了同樣的問題,已經弄了半天了還是沒解決!我是在vmware里面搭建的虛擬機,也是在主機上可以得到vip ,備機上沒有vip,正常的情況下這是正確的,但是也遇到了客戶端ping不同vip地址,也不能訪問nginx的2臺后臺web服務器,幫你頂一下吧!!!uj5u.com熱心網友回復:
我的也是啊,玩的vmware虛擬機,把iptables規則全部清空了,selinux關閉了,客戶端無法ping通VIP,realserver可以uj5u.com熱心網友回復:
vrrp_strict 注釋了嗎?轉載請註明出處,本文鏈接:https://www.uj5u.com/caozuo/80330.html
標籤:系統維護與使用區