search

acassen / keepalived

Keepalived
https://www.keepalived.org
GNU General Public License v2.0
4k stars 737 forks source link

Configuration residue when using virtual_server_group #1226

Closed HW-lj closed 5 years ago

HW-lj commented 5 years ago 
# keepalived -v
Keepalived v2.0.14 (04/03,2019), git commit +

Copyright(C) 2001-2019 Alexandre Cassen, <acassen@gmail.com>

Built with kernel headers for Linux 4.19.30
Running on Linux 4.19.30-vhulk1903.5.1.h152.eulerosv3r1.aarch64 #1 SMP Tue Feb 12 00:00:00 UTC 2019

configure options: 

Config options:  LVS VRRP VRRP_AUTH OLD_CHKSUM_COMPAT FIB_ROUTING EINTR_CHECK

System options:  PIPE2 SIGNALFD INOTIFY_INIT1 VSYSLOG EPOLL_CREATE1 IPV4_DEVCONF IPV6_ADVANCED_API LIBNL3 RTA_ENCAP RTA_EXPIRES RTA_NEWDST RTA_PREF FRA_SUPPRESS_PREFIXLEN FRA_SUPPRESS_IFGROUP FRA_TUN_ID RTAX_CC_ALGO RTAX_QUICKACK RTEXT_FILTER_SKIP_STATS FRA_L3MDEV FRA_UID_RANGE RTAX_FASTOPEN_NO_COOKIE RTA_VIA FRA_OIFNAME FRA_PROTOCOL FRA_IP_PROTO FRA_SPORT_RANGE FRA_DPORT_RANGE RTA_TTL_PROPAGATE IFA_FLAGS IP_MULTICAST_ALL LWTUNNEL_ENCAP_MPLS LWTUNNEL_ENCAP_ILA NET_LINUX_IF_H_COLLISION LIBIPTC_LINUX_NET_IF_H_COLLISION LIBIPVS_NETLINK IPVS_DEST_ATTR_ADDR_FAMILY IPVS_SYNCD_ATTRIBUTES IPVS_64BIT_STATS VRRP_VMAC CN_PROC SOCK_NONBLOCK SOCK_CLOEXEC O_PATH GLOB_BRACE INET6_ADDR_GEN_MODE VRF SO_MARK SCHED_RT SCHED_RESET_ON_FORK

config:

! Configuration File for keepalived

virtual_server_group tcp1 {
    22.22.1.78 80
    22.22.71.142 80
 }

virtual_server group tcp1 {
    delay_loop 6
    lb_algo rr
    lb_kind NAT
    protocol TCP
    persistence_timeout 120
    alpha

    real_server 33.33.65.226 80 {
        weight 1
        TCP_CHECK {
            connect_port 80 
            connect_timeout 10
            retry 3
            delay_before_retry 3
        }
    }
}

step to reproduce: 1、start the keepalived until real server online 2、reload the keepalived and wait for a while 3、stop the keepalived and watch 'ipvsadm -ln' The virtual server will still there. : (

HW-lj commented 5 years ago

@pqarmitage

pqarmitage commented 5 years ago

@HW-lj ?

Commit ad95140, in conjunction with the proceeding commits, resolves this issue.

HW-lj commented 5 years ago

Many thanks for your work on this. It works well while the solution seems a bit complicated. And I got the following solution to solve this.

diff --git a/keepalived/check/ipvswrapper.c b/keepalived/check/ipvswrapper.c
index 2861889..6ab3448 100644
--- a/keepalived/check/ipvswrapper.c
+++ b/keepalived/check/ipvswrapper.c
@@ -474,8 +474,8 @@ ipvs_group_cmd(int cmd, ipvs_service_t *srule, ipvs_dest_t *drule, virtual_serve
                                if (ipvs_talk(cmd, srule, drule, NULL, false))
                                        return -1;
                        }
+                       ipvs_set_vsge_alive_state(cmd, vsg_entry, vs);
                }
-               ipvs_set_vsge_alive_state(cmd, vsg_entry, vs);
        }

        /* visit vfwmark list */
@@ -494,8 +494,8 @@ ipvs_group_cmd(int cmd, ipvs_service_t *srule, ipvs_dest_t *drule, virtual_serve
                if (ipvs_change_needed(cmd, vsg_entry, vs, rs)) {
                        if (ipvs_talk(cmd, srule, drule, NULL, false))
                                return -1;
+                       ipvs_set_vsge_alive_state(cmd, vsg_entry, vs);
                }
-               ipvs_set_vsge_alive_state(cmd, vsg_entry, vs);
        }

        return 0;
--
pqarmitage commented 5 years ago

The reason it is a bit complicated is that that was what was necessary to ensure that it all worked properly. The changes also resolved some other, related, issues.

HW-lj commented 5 years ago

The reason it is a bit complicated is that that was what was necessary to ensure that it all worked properly. The changes also resolved some other, related, issues

In fact, according to the commit d010df02 , I think maybe it's better to move ipvs_set_vsge_alive_state into the condition ipvs_change_needed. As to the other, related, issues, we should modify they in another dependent commit.