keepalived vip removed with dhcp renewal【原創】

最近發現公司雲平臺服務器的vip有丟失的現象，查看keepalived日誌

Jun  1 17:00:06 lb1 dhclient: DHCPREQUEST of 10.0.0.2 on eth0 to 10.0.0.3 port 67 (xid=0x6deab016)
Jun  1 17:00:06 lb1 dhclient: DHCPNAK from 10.0.0.3 (xid=0x6deab016)
Jun  1 17:00:06 lb1 dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3 (xid=0x37e1db6a)
Jun  1 17:00:06 lb1 dhclient: DHCPREQUEST of 10.0.0.2 on eth0 to 255.255.255.255 port 67 (xid=0x37e1db6a)
Jun  1 17:00:06 lb1 dhclient: DHCPOFFER of 10.0.0.2 from 10.0.0.3
Jun  1 17:00:06 lb1 dhclient: DHCPACK of 10.0.0.2 from 10.0.0.3
Jun  1 17:00:06 lb1 dhclient: bound to 10.0.0.2 -- renewal in 38223 seconds.
Jun  1 17:00:07 lb1 ntpd[1321]: Deleting interface #8 eth0, 10.0.255.254#123, interface stats: received=7, sent=0, dropped=0, active_time=145198 secs
Jun  1 17:00:07 lb1 ntpd[1321]: peers refreshed

發現是雲平臺DHCP刷新直接把vip刪掉，可是因爲倆臺機器的keepalived vrrp_script監控應用服務都是正常的，因此主備關係沒有改變，若是沒有特地加ping vip的策略，會致使keepalived沒有發現此問題。

解決方法：

一、若是應平臺的服務器能夠改爲固定IP，能夠將網卡改成固定IP，這樣就不會使用DHCP了

cat /etc/sysconfig/network-scripts/ifcfg-eth0 
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=10.0.0.2
NETMASK=255.255.255.0
GATEWAY=10.0.0.1

 

二、若是不能夠更改網卡IP，就在keepalived配置文件中增長dont_track_primary參數

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    dont_track_primary
    virtual_router_id 89
    priority 100
    advert_int 1
    nopreempt
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.17
    }
}

dont track primary：忽略VRRP的interface錯誤

若是有兩塊網卡，能夠搭配track interface使用

track interface：跟蹤接口，設置額外的監控，裏面任意一塊網卡出現問題，都會進入故障(FAULT)狀態，例如，用nginx作均衡器的時候，內網必須正常工做，若是內網出問題了，這個均衡器也就沒法運做了，因此必須對內外網同時作健康檢查

vrrp_instance http {
state MASTER
interface eth0
dont_track_primary
track_interface {
eth0
eth1
}

 

官方原文

# Ignore VRRP interface faults (default unset)
           dont_track_primary

           # optional, monitor these as well.
           # go to FAULT state if any of these go down if unweighted.
           # When a weight is specified in track_interface, instead of setting the vrrp
           # instance to the FAULT state in case of failure, its priority will be
           # increased by the weight when the interface is up (for positive weights),
           # or decreased by the weight's absolute value when the interface is down
           # (for negative weights). The weight must be comprised between -254 and +254
           # inclusive. 0 is the default behaviour which means that a failure implies a
           # FAULT state. The common practice is to use positive weights to count a
           # limited number of good services so that the server with the highest count
           # becomes master. Negative weights are better to count unexpected failures
           # among a high number of interfaces, as it will not saturate even with high
           # number of interfaces.
           track_interface {
               eth0
               eth1
               eth2 weight <-253..253>
                ...
           }

           # add a tracking script to the interface
           # (<SCRIPT_NAME> is the name of the vrrp_track_script entry)
           # The same principle as track_interface can be applied to track_script entries,
           # except that an unspecified weight means that the default weight declared in
           # the script will be used (which itself defaults to 0).

 

參考

https://serverfault.com/questions/601670/keepalived-vip-removed-with-dhcp-renewal

https://www.keepalived.org/manpage.html