I have issue with keepalived on Oracle Linux 8. The VIP is assigned to both nodes and both nodes are in MASTER mode.
**My keepalived configuration is: ** Node 1 cat /etc/keepalived/keepalived.conf
global_defs {
vrrp_priority -20
checker_priority -19
script_user root
}
vrrp_script chk_haproxy {
script "/usr/bin/killall -0 haproxy" # check the haproxy process
interval 2 # every 2 seconds
weight 2 # add 2 points if OK
timeout 3
fall 3
}
vrrp_instance VI_1 {
interface ens192 # interface to monitor
state BACKUP # MASTER on haproxy1, BACKUP on haproxy2
nopreempt
virtual_router_id 52
priority 101 # 101 on haproxy1, 100 on haproxy2
virtual_ipaddress {
VIP_adcat /vardress # virtual ip address
}
track_script {
chk_haproxy
}
}
Node 2 cat /etc/keepalived/keepalived.conf
global_defs {
vrrp_priority -20
checker_priority -19
script_user root
}
vrrp_script chk_haproxy {
script "/usr/bin/killall -0 haproxy" # check the haproxy process
interval 2 # every 2 seconds
weight 2 # add 2 points if OK
timeout 3
fall 3
}
vrrp_instance VI_1 {
interface ens192 # interface to monitor
state BACKUP # MASTER on haproxy1, BACKUP on haproxy2
nopreempt
virtual_router_id 52
priority 100 # 101 on haproxy1, 100 on haproxy2
virtual_ipaddress {
VIP_adress # virtual ip address
}
track_script {
chk_haproxy
}
}
I have added rules to firewall:
firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens192
sources: here are ip addreses of both nodes
services: cockpit dhcpv6-client ssh
ports: 3306/tcp 3305/tcp
protocols:
forward: no
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" destination address="224.1.0.0/16" accept
rule family="ipv4" destination address="224.0.0.18" protocol value="ip" accept
rule protocol value="vrrp" accept
When I disable firewalld everything is ok and working, but with started firewalld I get both nodes with VIP.
In the logs I can find log: Keepalived_vrrp[1077307]: (VI_1) Receive advertisement timeout
Any ideas?
