配置

配置

我无法通过 snmp 查询 keepalived 状态信息,我得到的只是以下错误:

$ snmpwalk -v 2c -c public localhost 1.3.6.1.4.1.9586.100.5
1.3.6.1.4.1.9586.100.5 = No Such Object available on this agent at this OID

或者使用 mib 时:

$ snmpwalk -v 2c -c public 127.0.0.1 KEEPALIVED-MIB
KEEPALIVED-MIB: Unknown Object Identifier (Sub-id not found: (top) -> KEEPALIVED-MIB)

配置

SNMP守护进程

snmpd 版本是 5.7.3

/etc/snmp/snmpd.conf

master agentx
agentaddress udp:127.0.0.1:161
rocommunity public 127.0.0.1

trapcommunity public 
trap2sink 127.0.0.1

保活

Keepalived 版本为 1.3.2 构建SNMP_V3_FOR_V2 SNMP SNMP_KEEPALIVED SNMP_CHECKER SNMP_RFC SNMP_RFCV2 SNMP_RFCV3

/etc/keepalived/keepalived.conf

# Managed by Puppet
global_defs {
  [...]

  snmp_socket udp:127.0.0.1:161
  enable_snmp_keepalived
  enable_traps
}

[...]

/etc/default/keepalived

DAEMON_ARGS="--snmp"

服务

以下是日志输出,对我来说看起来不错。这是以下结果:systemctl start snmpd; systemctl restart keepalived

# Here snmpd is starting
Jun 07 18:12:42 vhrz1250 systemd[1]: Starting Simple Network Management Protocol (SNMP) Daemon....
Jun 07 18:12:42 vhrz1250 systemd[1]: Started Simple Network Management Protocol (SNMP) Daemon..
Jun 07 18:12:42 vhrz1250 snmpd[41254]: error on subcontainer 'ia_addr' insert (-1)
Jun 07 18:12:42 vhrz1250 snmpd[41254]: Turning on AgentX master support.
Jun 07 18:12:42 vhrz1250 snmpd[41254]: NET-SNMP version 5.7.3

# Here keepalived seems to be preparing for shutdown
Jun 07 18:12:56 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:58059->[127.0.0.1]:161
Jun 07 18:12:56 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:44178->[127.0.0.1]:161
Jun 07 18:13:05 vhrz1250 systemd[1]: Stopping Keepalive Daemon (LVS and VRRP)...
Jun 07 18:13:05 vhrz1250 Keepalived[38575]: Stopping
Jun 07 18:13:05 vhrz1250 Keepalived_healthcheckers[38576]: Stopped
Jun 07 18:13:05 vhrz1250 Keepalived_vrrp[38578]: VRRP_Instance(VI_10) sent 0 priority
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[38578]: Stopped
Jun 07 18:13:06 vhrz1250 Keepalived[38575]: Stopped Keepalived v1.3.2 (12/03,2016)
Jun 07 18:13:06 vhrz1250 systemd[1]: Stopped Keepalive Daemon (LVS and VRRP).

# Here keepalived stopped and spins back up again
Jun 07 18:13:06 vhrz1250 systemd[1]: Starting Keepalive Daemon (LVS and VRRP)...
Jun 07 18:13:06 vhrz1250 Keepalived[41293]: Starting Keepalived v1.3.2 (12/03,2016)
Jun 07 18:13:06 vhrz1250 Keepalived[41293]: Setting default script user to 'keepalived_script', uid:gid 1000:1000
Jun 07 18:13:06 vhrz1250 Keepalived[41293]: Opening file '/etc/keepalived/keepalived.conf'.
Jun 07 18:13:06 vhrz1250 Keepalived[41295]: Starting Healthcheck child process, pid=41296
Jun 07 18:13:06 vhrz1250 Keepalived[41295]: Starting VRRP child process, pid=41297
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Registering Kernel netlink reflector
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Registering Kernel netlink command channel
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Registering gratuitous ARP shared channel
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Opening file '/etc/keepalived/keepalived.conf'.
Jun 07 18:13:06 vhrz1250 systemd[1]: Started Keepalive Daemon (LVS and VRRP).
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Initializing ipvs

# Here keepalived starts SNMP subagent for vrrp
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Starting SNMP subagent
Jun 07 18:13:06 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:52941->[127.0.0.1]:161

# Keepalived continues starting up
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Registering Kernel netlink reflector
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Registering Kernel netlink command channel
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Opening file '/etc/keepalived/keepalived.conf'.

# Here keepalived starts SNMP subagent for healthchecks
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Starting SNMP subagent
Jun 07 18:13:06 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:53980->[127.0.0.1]:161

# Keepalived continues starting up
Jun 07 18:13:07 vhrz1250 Keepalived_healthcheckers[41296]: Using LinkWatch kernel netlink reflector...
Jun 07 18:13:07 vhrz1250 Keepalived_vrrp[41297]: Using LinkWatch kernel netlink reflector...
Jun 07 18:13:08 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10) Transition to MASTER STATE
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10) Entering MASTER STATE
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: Opening script file /usr/local/bin/keepalived_statechange
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10): Sending SNMP notification
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10): Sending SNMP notification vrrpTrapNewMaster
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10): Sending SNMP notification vrrpv3NotifyNewMaster, reason 2
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: Remote SMTP server [137.248.1.36]:25 connected.
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: SMTP alert successfully sent.

# This might be connections from the VRRP instance snmp subagents
Jun 07 18:13:12 vhrz1250 snmpd[41254]: error on subcontainer 'ia_addr' insert (-1)
Jun 07 18:13:22 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:50917->[127.0.0.1]:161
Jun 07 18:13:22 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:38560->[127.0.0.1]:161

答案1

好吧我发现了问题。我一直认为snmpd.conf交换机master agentx启用了 AgentX 功能,该功能将在与普通代理相同的地址上实现(例如,由 配置agentaddress)。

然而事实并非如此,AgentX 地址/套接字是通过控制的agentXSocket


因此最小配置应如下所示:

/etc/snmp/snmpd.conf

rocommunity public
master agentx

# Note: This is the AgentX address/socket
agentXSocket tcp:127.0.0.1:700

# Note: This is the address/socket used for snmpwalk and such
# agentaddress udp:127.0.0.1:161

/etc/snmp/snmp.conf

# Note: This is optional!
#  To enable keepalived mib, download
#  https://github.com/acassen/keepalived/blob/master/doc/KEEPALIVED-MIB.txt
#  to /usr/share/snmp/mibs (keep the .txt extension) and enable
#  it with the following line
mibs +KEEPALIVED-MIB

/etc/keepalived/keepalived.conf

global_defs {
  [...]

  # Note: This is the AgentX address/socket
  snmp_socket tcp:127.0.0.1:700
}
[...]

/etc/default/keepalived

DAEMON_ARGS="--snmp"

相关内容