本文主要是介绍【Keepalived】VIP同时在主备节点出现问题排查,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
在生产环境中,我们一般会使用 keepalived + nginx 来搭建一套两节点或者三节点的软件负载,nginx主要根据配置,为后端应用提供请求的反向代理和负载均衡的功能,而 keepalived 则主要用于检测nginx服务状态,并完成VIP在主、备节点之间的漂移。
不过,在某些情况下,我们可能会遇到一个问题,就是VIP在主备节点上同时出现,这个问题一般是由于主、备节点无法正常通信,导致备节点认为主节点挂了,因此就将VIP设置给自己了。如下面所示,192.168.223.200这个VIP就在主、备节点上同时出现了。
主节点:
# systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability MonitorLoaded: loaded (/usr/lib/systemd/system/keepalived.service; enabled; vendor preset: disabled)Active: active (running) since 三 2024-04-10 14:49:23 CST; 22s agoDocs: man:keepalived(8)man:keepalived.conf(5)man:genhash(1)https://keepalived.orgProcess: 1080 ExecStart=/usr/local/keepalived/sbin/keepalived -f /etc/keepalived/keepalived.conf $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)Main PID: 1092 (keepalived)Tasks: 2CGroup: /system.slice/keepalived.service├─1092 /usr/local/keepalived/sbin/keepalived -f /etc/keepalived/keepalived.conf -D└─1097 /usr/local/keepalived/sbin/keepalived -f /etc/keepalived/keepalived.conf -D4月 10 14:49:26 vm-3rd89n7dd Keepalived_vrrp[1097]: Sending gratuitous ARP on ens33 for 192.168.223.200
4月 10 14:49:26 vm-3rd89n7dd Keepalived_vrrp[1097]: Sending gratuitous ARP on ens33 for 192.168.223.200
4月 10 14:49:26 vm-3rd89n7dd Keepalived_vrrp[1097]: Sending gratuitous ARP on ens33 for 192.168.223.200
4月 10 14:49:26 vm-3rd89n7dd Keepalived_vrrp[1097]: Sending gratuitous ARP on ens33 for 192.168.223.200
4月 10 14:49:31 vm-3rd89n7dd Keepalived_vrrp[1097]: (VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.223.200
4月 10 14:49:31 vm-3rd89n7dd Keepalived_vrrp[1097]: Sending gratuitous ARP on ens33 for 192.168.223.200
4月 10 14:49:31 vm-3rd89n7dd Keepalived_vrrp[1097]: Sending gratuitous ARP on ens33 for 192.168.223.200
4月 10 14:49:31 vm-3rd89n7dd Keepalived_vrrp[1097]: Sending gratuitous ARP on ens33 for 192.168.223.200
4月 10 14:49:31 vm-3rd89n7dd Keepalived_vrrp[1097]: Sending gratuitous ARP on ens33 for 192.168.223.200
4月 10 14:49:31 vm-3rd89n7dd Keepalived_vrrp[1097]: Sending gratuitous ARP on ens33 for 192.168.223.200
# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000link/ether 00:0c:29:a2:1b:cf brd ff:ff:ff:ff:ff:ffinet 192.168.223.199/24 brd 192.168.223.255 scope global noprefixroute ens33valid_lft forever preferred_lft foreverinet 192.168.223.200/32 scope global ens33valid_lft forever preferred_lft foreverinet6 fe80::7565:47f4:3a2b:ae8d/64 scope link noprefixroute valid_lft forever preferred_lft forever备节点
# systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability MonitorLoaded: loaded (/usr/lib/systemd/system/keepalived.service; enabled; vendor preset: disabled)Active: active (running) since 三 2024-04-10 14:51:29 CST; 3s agoDocs: man:keepalived(8)man:keepalived.conf(5)man:genhash(1)https://keepalived.orgProcess: 90867 ExecStart=/usr/local/keepalived/sbin/keepalived -f /etc/keepalived/keepalived.conf $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)Main PID: 90868 (keepalived)Tasks: 2CGroup: /system.slice/keepalived.service├─90868 /usr/local/keepalived/sbin/keepalived -f /etc/keepalived/keepalived.conf -D└─90869 /usr/local/keepalived/sbin/keepalived -f /etc/keepalived/keepalived.conf -D4月 10 14:51:31 vm-3f9h-45gds3nx Keepalived_vrrp[90869]: (VI_1) received an invalid passwd!
4月 10 14:51:32 vm-3f9h-45gds3nx Keepalived_vrrp[90869]: (VI_1) Receive advertisement timeout
4月 10 14:51:32 vm-3f9h-45gds3nx Keepalived_vrrp[90869]: (VI_1) Entering MASTER STATE
4月 10 14:51:32 vm-3f9h-45gds3nx Keepalived_vrrp[90869]: (VI_1) setting VIPs.
4月 10 14:51:32 vm-3f9h-45gds3nx Keepalived_vrrp[90869]: (VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.223.200
4月 10 14:51:32 vm-3f9h-45gds3nx Keepalived_vrrp[90869]: Sending gratuitous ARP on ens33 for 192.168.223.200
4月 10 14:51:32 vm-3f9h-45gds3nx Keepalived_vrrp[90869]: Sending gratuitous ARP on ens33 for 192.168.223.200
4月 10 14:51:32 vm-3f9h-45gds3nx Keepalived_vrrp[90869]: Sending gratuitous ARP on ens33 for 192.168.223.200
4月 10 14:51:32 vm-3f9h-45gds3nx Keepalived_vrrp[90869]: Sending gratuitous ARP on ens33 for 192.168.223.200
4月 10 14:51:32 vm-3f9h-45gds3nx Keepalived_vrrp[90869]: Sending gratuitous ARP on ens33 for 192.168.223.200
# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000link/ether 00:0c:29:4a:4c:27 brd ff:ff:ff:ff:ff:ffinet 192.168.223.198/24 brd 192.168.223.255 scope global noprefixroute ens33valid_lft forever preferred_lft foreverinet 192.168.223.200/32 scope global ens33valid_lft forever preferred_lft foreverinet6 fe80::9a4b:ab8e:4493:81b0/64 scope link noprefixroute valid_lft forever preferred_lft forever那为什么会出现主备节点无法正常通信呢?一般有以下几个原因:
1)主、备节点所在的服务器防火墙没有关闭(active-运行,inactive-关闭),可以使用下面的命令检查
systemctl status firewalld.service2)主、备节点上的keepalived配置不一致,涉及的配置如下:
第一,检查虚拟路由配置:virtual_router_id(主、备节点配置必须一致)第二,检查主备节点的通信密码:auth_pass(主、备节点配置必须一致)3)云上ECS服务器之间默认禁止互相通信(比如阿里云禁止组播),可以通过增加下面的单播配置来解决。
unicast_src_ip 192.168.223.197unicast_peer {192.168.223.198192.168.223.199}备注:197、198、199分别为集群的三个节点,unicast_src_ip 为本机IP,unicast_peer 为对端节点IP。
这篇关于【Keepalived】VIP同时在主备节点出现问题排查的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
