strzelecki.maciek's questions

我正在遵循https://fuga.cloud/academy/tutorials/ha-vip-with-corosync-on-openstack/中的步骤。

我错过了为什么进入外部浮动 IP 的流量没有正确到达绑定到相关网络端口的机器上的原因。

下面的代码将创建：

• 3 台具有外部 ips 的 LB 机器（curl port80 显示 nginx 响应）
• 3 个额外的网络端口，用于内部故障转移 IP 10.0.0.20{1,2,3}
• 3 个额外的外部 IP 绑定到这些网络端口（curl port80 超时）

在内部 ping/curl 10.0.0.20{1,2,3} ips 工作得很好。但是，如果我尝试通过外部 IP 访问它 - 超时。此外：tcpdump 显示没有流量到达机器上。

负载均衡器网络端口和机器创建：

vars：子网 10.0.0.0/24，vip = [201,202,203]，lb_count = 3 个安全组：全局允许端口 80

resource "opentelekomcloud_networking_port_v2" "port_lb" {
  depends_on     = ["opentelekomcloud_networking_router_interface_v2.router_interface_1"]
  count          = "${var.lb_count}"
  name           = "${var.environment}-${var.name}-port-lb-${format("%02d", count.index+1)}"
  network_id     = "${opentelekomcloud_networking_network_v2.network_lb.id}"
  admin_state_up = "true"

  security_group_ids = ["${opentelekomcloud_compute_secgroup_v2.secgroup_lb.id}"]

  # all 3 IPs need to be allowed on each port. They are rotating on failover.
  allowed_address_pairs {      
    ip_address = "${cidrhost(var.lb_subnet, element(var.vips, 0))}"
  }
  allowed_address_pairs {      
    ip_address = "${cidrhost(var.lb_subnet, element(var.vips, 1))}"
  }
  allowed_address_pairs {      
    ip_address = "${cidrhost(var.lb_subnet, element(var.vips, 2))}"
  } 
}   

resource "opentelekomcloud_networking_floatingip_v2" "ip_lb" {
  depends_on  = ["opentelekomcloud_networking_port_v2.port_lb"]
  count       = "${var.lb_count}" 
  pool        = "admin_external_net"
  port_id     = "${element(opentelekomcloud_networking_port_v2.port_lb.*.id, count.index)}"
}   

resource "opentelekomcloud_compute_instance_v2" "lb" {
  depends_on        = ["opentelekomcloud_networking_floatingip_v2.ip_lb", "opentelekomcloud_networking_port_v2.port_lb"]

  count             = "${var.lb_count}"             
  name              = "${var.environment}-${var.name}-lb-${format("%02d", count.index+1)}"
  key_pair          = "${var.keypair_name}"         
  availability_zone = "${element(var.azs, count.index)}"

  flavor_name       = "${var.lb_flavour_name}"
  block_device {               
    uuid                  = "${var.lb_image_id}"          
    source_type           = "image" 
    volume_size           = "${var.lb_disk_size_gb}"      
    boot_index            = 0  
    destination_type      = "volume"
    delete_on_termination = true
  }

  network {
    port = "${element(opentelekomcloud_networking_port_v2.port_lb.*.id, count.index)}"
  }
}

网络端口 - 10.0.0.20{1,2,3} 的虚拟 ip

resource "opentelekomcloud_networking_port_v2" "port_vip" {
  count          = "${var.lb_count}"
  name           = "${var.environment}-${var.name}-port-vip-${format("%02d", count.index+1)}"
  network_id     = "${opentelekomcloud_networking_network_v2.network_lb.id}"
  admin_state_up = "true"      

  security_group_ids = ["${opentelekomcloud_compute_secgroup_v2.secgroup_lb.id}"]

  fixed_ip = [ { 
    subnet_id = "${opentelekomcloud_networking_subnet_v2.subnet_lb.id}"
    ip_address = "${cidrhost(var.lb_subnet, element(var.vips, count.index))}"
   }]
} 

resource "opentelekomcloud_networking_floatingip_v2" "vip_ip" {
  count    = "${var.lb_count}" 
  pool     = "admin_external_net" 
  port_id  = "${element(opentelekomcloud_networking_port_v2.port_vip.*.id, count.index)}"
} 

端口的 Openstack 输出：

root@dev-test-lb-01:~# openstack port list
+--------------------------------------+----------------------+-------------------+---------------------------------------------------------------------------+--------+
| ID                                   | Name                 | MAC Address       | Fixed IP Addresses                                                        | Status |
+--------------------------------------+----------------------+-------------------+---------------------------------------------------------------------------+--------+
| 053532a8-903f-463c-99ac-2aec93660993 | dev-test-port-vip-03 | fa:16:3e:ec:e1:56 | ip_address='10.0.0.203', subnet_id='761956cc-43e9-4748-a13a-c2523b6ab244' | DOWN   |
| 0ac8bfc2-781d-4d28-83e2-0005a5652fa4 | dev-test-port-lb-01  | fa:16:3e:57:6f:4e | ip_address='10.0.0.97', subnet_id='761956cc-43e9-4748-a13a-c2523b6ab244'  | ACTIVE |
| 0bc734b3-e6ff-4903-bd7c-f5e01d6278c9 | dev-test-port-lb-02  | fa:16:3e:35:2d:fd | ip_address='10.0.0.65', subnet_id='761956cc-43e9-4748-a13a-c2523b6ab244'  | ACTIVE |
| 2028f949-d8ad-4e72-bd7f-5911f3324c17 |                      | fa:16:3e:45:25:d3 | ip_address='10.0.0.179', subnet_id='761956cc-43e9-4748-a13a-c2523b6ab244' | ACTIVE |
| 3f41f038-8693-4fbc-8fd2-e5fb9e156262 |                      | fa:16:3e:22:60:43 | ip_address='10.0.0.254', subnet_id='761956cc-43e9-4748-a13a-c2523b6ab244' | DOWN   |
| 416e82f0-78f2-4ab4-8742-8827c1c7c787 |                      | fa:16:3e:b0:e2:ac | ip_address='10.0.0.151', subnet_id='761956cc-43e9-4748-a13a-c2523b6ab244' | ACTIVE |
| a3f8aaf6-5861-4849-a9cc-3047e069738b | dev-test-port-vip-01 | fa:16:3e:fd:9f:a2 | ip_address='10.0.0.201', subnet_id='761956cc-43e9-4748-a13a-c2523b6ab244' | DOWN   |
| cdc339a9-ec0a-41d5-ab3a-da7cb5fea848 |                      | fa:16:3e:11:b3:c3 | ip_address='10.0.0.1', subnet_id='761956cc-43e9-4748-a13a-c2523b6ab244'   | DOWN   |
| e41086f2-1164-4711-b4c0-e9e927fab956 | dev-test-port-vip-02 | fa:16:3e:2f:32:8b | ip_address='10.0.0.202', subnet_id='761956cc-43e9-4748-a13a-c2523b6ab244' | DOWN   |
| e8e087be-ec43-4c6e-909f-be0288a544ea |                      | fa:16:3e:ad:4b:be | ip_address='10.0.0.187', subnet_id='761956cc-43e9-4748-a13a-c2523b6ab244' | ACTIVE |
| f65c1e26-7e53-4c4a-9fb9-f8d657b6742b |                      | fa:16:3e:e8:3b:4b | ip_address='10.0.0.40', subnet_id='761956cc-43e9-4748-a13a-c2523b6ab244'  | ACTIVE |
| ff74621b-55a8-4cf1-852d-b340687348a3 | dev-test-port-lb-03  | fa:16:3e:ab:74:6e | ip_address='10.0.0.112', subnet_id='761956cc-43e9-4748-a13a-c2523b6ab244' | ACTIVE |
+--------------------------------------+----------------------+-------------------+---------------------------------------------------------------------------+--------+

浮动 ips 的 Openstack 输出

root@dev-test-lb-01:~# openstack floating ip list
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
| ID                                   | Floating IP Address | Fixed IP Address | Port                                 | Floating Network                     | Project                          |
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
| 083b21f0-1603-4a30-8f2c-8f0300843640 | 80.158.34.243       | 10.0.0.179       | 2028f949-d8ad-4e72-bd7f-5911f3324c17 | 0a2228f2-7f8a-45f1-8e09-9039e1d09975 | 2d2df22319544c04a9f2fe3d6c9fa949 |
| 17af78fb-ef37-4175-8bf0-0f65f862ffbd | 80.158.32.83        | 10.0.0.97        | 0ac8bfc2-781d-4d28-83e2-0005a5652fa4 | 0a2228f2-7f8a-45f1-8e09-9039e1d09975 | 2d2df22319544c04a9f2fe3d6c9fa949 |
| 3d044a5b-a85d-40bb-939e-a365a6b32d34 | 80.158.47.178       | 10.0.0.203       | 053532a8-903f-463c-99ac-2aec93660993 | 0a2228f2-7f8a-45f1-8e09-9039e1d09975 | 2d2df22319544c04a9f2fe3d6c9fa949 |
| 43186ec8-603a-4f8a-8442-07c15dedc3d5 | 80.158.47.12        | 10.0.0.65        | 0bc734b3-e6ff-4903-bd7c-f5e01d6278c9 | 0a2228f2-7f8a-45f1-8e09-9039e1d09975 | 2d2df22319544c04a9f2fe3d6c9fa949 |
| 4700b406-ee3a-4f51-8e0e-a76c882a960f | 80.158.39.53        | 10.0.0.201       | a3f8aaf6-5861-4849-a9cc-3047e069738b | 0a2228f2-7f8a-45f1-8e09-9039e1d09975 | 2d2df22319544c04a9f2fe3d6c9fa949 |
| 55f5850c-2100-400d-b2b0-7d9695a5bead | 80.158.35.7         | 10.0.0.202       | e41086f2-1164-4711-b4c0-e9e927fab956 | 0a2228f2-7f8a-45f1-8e09-9039e1d09975 | 2d2df22319544c04a9f2fe3d6c9fa949 |
| c0b6b56c-7c9d-4087-87e3-54f7ea0af1ba | 80.158.43.231       | 10.0.0.112       | ff74621b-55a8-4cf1-852d-b340687348a3 | 0a2228f2-7f8a-45f1-8e09-9039e1d09975 | 2d2df22319544c04a9f2fe3d6c9fa949 |
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+

对于单个节点上的 haproxy 配置，多少个监听指令太多了？最重要的监控资源是什么？

是 50 倍

listen qwerty213
  bind *:9124
  mode tcp
  option tcplog
  balance leastconn
     server zxcv 10.20.0.13:31527 check inter 3000
     [...]

太多？还是100？（每个也有几个后端服务器）

由于有大量连接到后端服务器的开放本地端口，在 haproxy 性能下降之后是否有任何限制？

我有两个节点，完整的 IP 故障转移对它们非常有效 - 当节点 1 关闭时，节点 2 获取 IP 并启动服务。

我想知道的是：

如果服务器1没有完全崩溃，只是其中一个服务意外停止，是否可以配置heartbeat来监视它并启动它？

编辑：起搏器有可能吗？

引自http://clusterlabs.org/wiki/FAQ#Organizational

Pacemaker 在您的应用程序或运行它们的机器发生故障时让您的应用程序保持运行