这是从Qiita迁移过来的内容。
在某处使用keepalived,作为VRRP配置+LVS的负载均衡器。
这个负载均衡器的配置如下,设置了许多IP地址(由于SSL证书等原因)进行运作。
在此过程中发生了添加的IP地址无法连通的悲惨事件。
keepalived负载均衡器的构成(DSR构成)
为VIP使用的IP地址通过静态路由从路由器进行路由,并且
正在逐步添加IP地址。(根据需要进行添加)
→ 因此,逐渐增加了负载均衡器的keepalived中添加的IP地址数量。
※为了方便起见,这里使用了私有IP地址。
无法在VRRP中设置超过20个IP地址
- 在配置文件中设置了21个IP地址(※配置示例)
vrrp_instance BOND0 {
state MASTER
interface bond0
virtual_router_id 100
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.4 dev bond0
192.168.2.1 dev bond0
192.168.2.2 dev bond0
192.168.2.3 dev bond0
192.168.2.4 dev bond0
192.168.2.5 dev bond0
192.168.2.6 dev bond0
192.168.2.7 dev bond0
192.168.2.8 dev bond0
192.168.2.9 dev bond0
192.168.2.10 dev bond0
192.168.2.11 dev bond0
192.168.2.12 dev bond0
192.168.2.13 dev bond0
192.168.2.14 dev bond0
192.168.2.15 dev bond0
192.168.2.16 dev bond0
192.168.2.17 dev bond0
192.168.2.18 dev bond0
192.168.2.19 dev bond0
192.168.2.20 dev bond0
}
}
- 明明设置了21个IP地址,但却没有全部添加!!
# ip addr show bond0 | grep "inet 192"
inet 192.168.1.4/32 scope global bond0
inet 192.168.2.1/32 scope global bond0
inet 192.168.2.2/32 scope global bond0
inet 192.168.2.3/32 scope global bond0
inet 192.168.2.4/32 scope global bond0
inet 192.168.2.5/32 scope global bond0
inet 192.168.2.6/32 scope global bond0
inet 192.168.2.7/32 scope global bond0
inet 192.168.2.8/32 scope global bond0
inet 192.168.2.9/32 scope global bond0
inet 192.168.2.10/32 scope global bond0
inet 192.168.2.11/32 scope global bond0
inet 192.168.2.12/32 scope global bond0
inet 192.168.2.13/32 scope global bond0
inet 192.168.2.14/32 scope global bond0
inet 192.168.2.15/32 scope global bond0
inet 192.168.2.16/32 scope global bond0
inet 192.168.2.17/32 scope global bond0
inet 192.168.2.18/32 scope global bond0
inet 192.168.2.19/32 scope global bond0
其实这在keepalived的文档中就有说明。。。
http://www.keepalived.org/pdf/UserGuide.pdf
virtual_ipaddress { # Block limited to 20 IP addresses
@IP
@IP
@IP
}
最多支持20个IP地址!这是明确规定的,令人尴尬!
设置超过20个IP地址的方法
- 在配置文件中使用virtual_ipaddress_excluded来设置额外的IP地址(※配置示例)
vrrp_instance BOND0 {
state MASTER
interface bond0
virtual_router_id 100
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.4 dev bond0
}
virtual_ipaddress_excluded {
192.168.2.1 dev bond0
192.168.2.2 dev bond0
192.168.2.3 dev bond0
192.168.2.4 dev bond0
192.168.2.5 dev bond0
192.168.2.6 dev bond0
192.168.2.7 dev bond0
192.168.2.8 dev bond0
192.168.2.9 dev bond0
192.168.2.10 dev bond0
192.168.2.11 dev bond0
192.168.2.12 dev bond0
192.168.2.13 dev bond0
192.168.2.14 dev bond0
192.168.2.15 dev bond0
192.168.2.16 dev bond0
192.168.2.17 dev bond0
192.168.2.18 dev bond0
192.168.2.19 dev bond0
192.168.2.20 dev bond0
}
}
- 成功设置了超过20个IP地址。
# ip addr show bond0 | grep "inet 192"
inet 192.168.1.4/32 scope global bond0
inet 192.168.2.1/32 scope global bond0
inet 192.168.2.2/32 scope global bond0
inet 192.168.2.3/32 scope global bond0
inet 192.168.2.4/32 scope global bond0
inet 192.168.2.5/32 scope global bond0
inet 192.168.2.6/32 scope global bond0
inet 192.168.2.7/32 scope global bond0
inet 192.168.2.8/32 scope global bond0
inet 192.168.2.9/32 scope global bond0
inet 192.168.2.10/32 scope global bond0
inet 192.168.2.11/32 scope global bond0
inet 192.168.2.12/32 scope global bond0
inet 192.168.2.13/32 scope global bond0
inet 192.168.2.14/32 scope global bond0
inet 192.168.2.15/32 scope global bond0
inet 192.168.2.16/32 scope global bond0
inet 192.168.2.17/32 scope global bond0
inet 192.168.2.18/32 scope global bond0
inet 192.168.2.19/32 scope global bond0
inet 192.168.2.20/32 scope global bond0