[Openstack] Openstack Liberty & VRRP issue

Burman, Bill (Nokia - GB) bill.burman at nokia.com
Thu Aug 4 10:59:05 UTC 2016


I’ve set up a lab network to test Openstack with a load balanced solution that uses keepalived on linux, to provide load balanced & redundant services. I installed the ML2 plugin, and removed the security for the ports associated with the public and private ports of the load balanced servers with these commands:

neutron port-update --no-security-groups  <port UUID>
neutron port-update <port UUID> --port-security-enabled=False

This has allowed VRRP to function correctly, requests are correctly load balanced, and I can failover between the servers at will.

The issue I’m having, is when I try to simulate a hard crash of the server that is the master in the keepalived pool. If I shut it down in a way that simulates a power failure (I’m using ifdown to kill the interfaces, and shutdown in a one-liner), the server that was the backup becomes the master, takes over the load balanced IP, and starts responding to arp requests for that IP. I can see the arp responses with tcpdump on the new master, but these are obviously being filtered, as they don’t make it to the other servers.

So where am I going wrong? Why if I do a graceful reboot of the master, would the load balanced IP correctly shift to the other server, but if I simulate a crash, the arp responses are blocked?

Any help would be greatly appreciated.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160804/a8a06144/attachment.html>

More information about the Openstack mailing list