search

osixia / docker-keepalived

Keepalived container image 🐳🌴
MIT License
399 stars 146 forks source link

vrrp_script not working with killall in docker #48

Open defcon84 opened 3 years ago

defcon84 commented 3 years ago

My current Keepalived/Haproxy setup without docker uses the killall script to check if haproxy is still running. When i tried this in the docker setup it does not seem to work, i'm getting exit 127 errors in the logs.

Tue Feb 16 13:38:34 2021: Script `chk_haproxy` now returning 127,
Tue Feb 16 13:38:34 2021: VRRP_Script(chk_haproxy) failed (exited with status 127)

This is very weird because if I exec into the container the command runs as expected:

sudo docker exec keepalived /usr/bin/killall -0 haproxy
<no output>
sudo docker exec keepalived /usr/bin/killall -0 haproxyxxxx
killall: haproxyxxxx: no process killed

This is (almost) the same as on my current ubuntu server:

root@SKVLB01:/home/administrator# /usr/bin/killall -0 haproxy
<no output>
root@SKVLB01:/home/administrator# /usr/bin/killall -0 haproxyxxx
haproxyxxx: no process found

So I went back to the pidof version of the checker which works just fine, but im still curious why it wont work. Maybe because the killall programs arent the same: alpine:

sudo docker exec keepalived /usr/bin/killall --help
BusyBox v1.30.1 (2019-06-12 17:51:55 UTC) multi-call binary.

ubuntu:

/usr/bin/killall --version
killall (PSmisc) UNKNOWN
Copyright (C) 1993-2017 Werner Almesberger and Craig Small

My keepalived config:

global_defs {
    notification_email {
    script_user root root
    enable_script_security
}

vrrp_script chk_haproxy {
    script "/usr/bin/killall -0 haproxy"
    #script "/bin/pidof haproxy"
    weight 2
}

vrrp_instance VI_1 {
    interface ens18
    virtual_router_id 55
    state MASTER
    priority 10

    virtual_ipaddress {
        192.168.5.49
    }

    track_script {
        chk_haproxy
    }
}

My docker compose config:

  keepalived:
    container_name: keepalived
    image: osixia/keepalived:2.0.20
    network_mode: host
    pid: host
    volumes:
      - /srv/docker/keepalived/keepalived.conf:/container/service/keepalived/assets/keepalived.conf
    restart: always
    cap_add:
      - NET_ADMIN
      - NET_BROADCAST
      - NET_RAW
    command: [--copy-service, --loglevel, debug]
    environment:
      KEEPALIVED_COMMAND_LINE_ARGUMENTS: >-
        --log-detail
        --log-console