Mailing List Archive: OpenStack: Dev

Can not use keepalived in vms

Index | Next | Previous | View Threaded

zhang.lei.fly at gmail

Aug 7, 2013, 7:48 PM

Post #1 of 4 (42 views)
Permalink

Can not use keepalived in vms

Hi all

Is anybody using keepalived in the vms in the Openstack environment
successfully? I failed to set it up. And the two of the vm became MASTER
status.

Could anybody know why it happened? and how to fix this issue?

Openstack: Folsom + nova-network
OS: ubuntu 12.04

--
Lei Zhang

Blog: http://jeffrey4l.github.io
twitter/weibo: @jeffrey4l

jford at blackmesh

Aug 7, 2013, 8:33 PM

Post #2 of 4 (40 views)
Permalink

Re: Can not use keepalived in vms [In reply to]

Lei,

It is probably because iptables is filtering out the heartbeat traffic at the compute node level. If you are using vlans, it should work without issue however if you are using the flat network model, you need to allow vrrp in your compute node iptable rule sets. See this link..

http://stackoverflow.com/questions/12908701/keepalived-works-well-without-iptables

See if that helps you out.

Regards,

Jason

--------------------------
Jason Ford
jford [at] blackmesh
Drupal/Magento/OpenStack Hosting Solutions
http://www.blackmesh.com

From: Lei Zhang <zhang.lei.fly [at] gmail<mailto:zhang.lei.fly [at] gmail>>
Date: Wednesday, August 7, 2013 10:48 PM
To: openstack <openstack [at] lists<mailto:openstack [at] lists>>
Subject: [Openstack] Can not use keepalived in vms

Hi all

Is anybody using keepalived in the vms in the Openstack environment successfully? I failed to set it up. And the two of the vm became MASTER status.

Could anybody know why it happened? and how to fix this issue?

Openstack: Folsom + nova-network
OS: ubuntu 12.04

--
Lei Zhang

Blog: http://jeffrey4l.github.io
twitter/weibo: @jeffrey4l

jiajun at unitedstack

Aug 7, 2013, 10:37 PM

Post #3 of 4 (37 views)
Permalink

Re: Can not use keepalived in vms [In reply to]

openstack implemented mac/ip spoofing, so the vrrp packets will be drop by
iptables/ebtables. There is a blueprint (
https://blueprints.launchpad.net/neutron/+spec/allowed-address-pairs) for
binding multiple mac/ip on a port.

On Thu, Aug 8, 2013 at 11:33 AM, Jason Ford <jford [at] blackmesh> wrote:

> Lei,
>
> It is probably because iptables is filtering out the heartbeat traffic
> at the compute node level. If you are using vlans, it should work without
> issue however if you are using the flat network model, you need to allow
> vrrp in your compute node iptable rule sets. See this link..
>
>
> http://stackoverflow.com/questions/12908701/keepalived-works-well-without-iptables
>
> See if that helps you out.
>
> Regards,
>
> Jason
>
> --------------------------
> Jason Ford
> jford [at] blackmesh
> Drupal/Magento/OpenStack Hosting Solutions
> http://www.blackmesh.com
>
>
> From: Lei Zhang <zhang.lei.fly [at] gmail>
> Date: Wednesday, August 7, 2013 10:48 PM
> To: openstack <openstack [at] lists>
> Subject: [Openstack] Can not use keepalived in vms
>
> Hi all
>
> Is anybody using keepalived in the vms in the Openstack environment
> successfully? I failed to set it up. And the two of the vm became MASTER
> status.
>
> Could anybody know why it happened? and how to fix this issue?
>
> Openstack: Folsom + nova-network
> OS: ubuntu 12.04
>
> --
> Lei Zhang
>
> Blog: http://jeffrey4l.github.io
> twitter/weibo: @jeffrey4l
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack [at] lists
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>

--
家军@ljjjustin

zhang.lei.fly at gmail

Aug 12, 2013, 8:55 PM

Post #4 of 4 (3 views)
Permalink

Re: Can not use keepalived in vms [In reply to]

@Jason Ford, it turn out be the iptables issue. Thx a lot.
@Jiajun Liu, I am using the nova-network. So this BP is not helpful. But I
am expecting this feature.

What I done:
1. using virsh to disable the nwfilter for the two vms.
2. stop the iptables in the vms
3. configure the keepalived.
4. works well.

It is a hack method rather than a solution. When the Vm is hard reboot, the
nwfilter is back and keepalived will be not work.

On Thu, Aug 8, 2013 at 1:37 PM, Jiajun Liu <jiajun [at] unitedstack> wrote:

> openstack implemented mac/ip spoofing, so the vrrp packets will be drop by
> iptables/ebtables. There is a blueprint (
> https://blueprints.launchpad.net/neutron/+spec/allowed-address-pairs) for
> binding multiple mac/ip on a port.
>
>
> On Thu, Aug 8, 2013 at 11:33 AM, Jason Ford <jford [at] blackmesh> wrote:
>
>> Lei,
>>
>> It is probably because iptables is filtering out the heartbeat traffic
>> at the compute node level. If you are using vlans, it should work without
>> issue however if you are using the flat network model, you need to allow
>> vrrp in your compute node iptable rule sets. See this link..
>>
>>
>> http://stackoverflow.com/questions/12908701/keepalived-works-well-without-iptables
>>
>> See if that helps you out.
>>
>> Regards,
>>
>> Jason
>>
>> --------------------------
>> Jason Ford
>> jford [at] blackmesh
>> Drupal/Magento/OpenStack Hosting Solutions
>> http://www.blackmesh.com
>>
>>
>> From: Lei Zhang <zhang.lei.fly [at] gmail>
>> Date: Wednesday, August 7, 2013 10:48 PM
>> To: openstack <openstack [at] lists>
>> Subject: [Openstack] Can not use keepalived in vms
>>
>> Hi all
>>
>> Is anybody using keepalived in the vms in the Openstack environment
>> successfully? I failed to set it up. And the two of the vm became MASTER
>> status.
>>
>> Could anybody know why it happened? and how to fix this issue?
>>
>> Openstack: Folsom + nova-network
>> OS: ubuntu 12.04
>>
>> --
>> Lei Zhang
>>
>> Blog: http://jeffrey4l.github.io
>> twitter/weibo: @jeffrey4l
>>
>> _______________________________________________
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : openstack [at] lists
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>
>
> --
> 家军@ljjjustin
>

--
Lei Zhang

Blog: http://jeffrey4l.github.io
twitter/weibo: @jeffrey4l

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads