我正在尝试在非特权 lxc 容器中运行 keepalived,但是在系统日志中收到以下错误。
May 8 10:56:01 dnsmasq Keepalived_vrrp[11025]: Initializing ipvs 2.6
May 8 10:56:01 dnsmasq modprobe: ERROR: ../libkmod/libkmod.c:556 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.0-22-generic/modules.dep.bin'
May 8 10:56:01 dnsmasq Keepalived_vrrp[11025]: IPVS: Can't initialize ipvs: No space left on device
我遗漏了什么?我尝试在主机上加载 ip_vs 内核模块,但没有成功。
答案1
由于容器与主机共享内核,因此不允许加载模块。一旦您在硬件节点上加载模块,它将在所有容器上可用。OpenVZ 虚拟化也遵循同样的规则。
答案2
如果您正在运行 LXD,则需要允许 LXC 容器加载 Linux 内核模块。
lxc config set CONTAINERNAME linux.kernel_modules ip_vs_wrr,ip_vs_wlc,ip_vs_sh,ip_vs_sed,ip_vs_rr,ip_vs_nq,ip_vs_lc,ip_vs_lblcr,ip_vs_lblc,ip_vs_ftp,nf_nat,ip_vs_dh,ip_vs,nf_conntrack,libcrc32c
在容器内部,您需要设置-Pkeepalived 选项才能正确使用 keepalived。
要在 Ubuntu 16.04 上执行此操作,您可以编辑/etc/defaults/keepalived并设置以下行:
DAEMON_ARGS="-P"
如果您使用 liblxc 在主机容器上加载内核模块,您应该能够在 LXC 容器内加载它。
答案3
我在 Centos 8 容器上的 lxc 4.0.9 上遇到了类似的问题,其中 keepalived 1.1.19 分享了这个解决方案,也许可以为您节省几个小时的时间。
注意:所有命令均从 root acc 运行
软件包:wgethttp://www.keepalived.org/software/keepalived-1.1.19.tar.gz
默认情况下,此版本的 keepalived 期望其配置位于 /etc/keepalived/keepalived.conf 中
配置:
-----start of file on LB1 box ------
vrrp_instance lb1 {
state MASTER
interface eth0
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
192.168.12.123/24 dev eth0
}
}
--- start of file on LB2 box -----
vrrp_instance lb1 {
interface eth0
state BACKUP
virtual_router_id 51
priority 100
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
192.168.12.123/24 dev eth0
}
}
如果您尝试通过“/etc/init.d/keepalived start”加载配置或使用“systemctl start keepalived”,它将抛出错误“keepalived.service:无法重置 devices.list:操作不允许”
而是注册您自己的服务。
vi /etc/systemd/system/keepalived.service
--- start of systemd service file ----
[Unit]
Description = running keepalived service
After = network.target
[Service]
User=root
ExecStart = /usr/local/sbin/keepalived
Restart=on-failure
RestartSec=5s
[Install]
WantedBy = multi-user.target
然后重新加载 systemd 守护进程 systemctl daemon-reload
并照常
systemctl start keepalived
systemctl enable keepalived #if you want it running on reboot
systemctl status keepalived
keepalived.service - running keepalived service
Loaded: loaded (/etc/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Drop-In: /run/systemd/system/keepalived.service.d
└─zzz-lxc-service.conf
Active: deactivating (stop-sigterm) since Tue 2022-06-07 21:21:18 UTC; 50s ago
Process: 2652 ExecStart=/usr/local/sbin/keepalived (code=exited, status=0/SUCCESS)
Main PID: 2652 (code=exited, status=0/SUCCESS)
Tasks: 1 (limit: 49660)
Memory: 668.0K
享受!