[Openstack] Openstack Liberty & VRRP issue
Burman, Bill (Nokia - GB)
bill.burman at nokia.com
Thu Aug 4 10:59:05 UTC 2016
I’ve set up a lab network to test Openstack with a load balanced solution that uses keepalived on linux, to provide load balanced & redundant services. I installed the ML2 plugin, and removed the security for the ports associated with the public and private ports of the load balanced servers with these commands:
neutron port-update --no-security-groups <port UUID>
neutron port-update <port UUID> --port-security-enabled=False
This has allowed VRRP to function correctly, requests are correctly load balanced, and I can failover between the servers at will.
The issue I’m having, is when I try to simulate a hard crash of the server that is the master in the keepalived pool. If I shut it down in a way that simulates a power failure (I’m using ifdown to kill the interfaces, and shutdown in a one-liner), the server that was the backup becomes the master, takes over the load balanced IP, and starts responding to arp requests for that IP. I can see the arp responses with tcpdump on the new master, but these are obviously being filtered, as they don’t make it to the other servers.
So where am I going wrong? Why if I do a graceful reboot of the master, would the load balanced IP correctly shift to the other server, but if I simulate a crash, the arp responses are blocked?
Any help would be greatly appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openstack