Ubuntu 18.04 netplan apply 中断网络重启修复它

tag-icon tag-icon ubuntu networking netplan
Ubuntu 18.04 netplan apply 中断网络重启修复它

设置如下:

host1-ip iface: ens192: 10.100.0.11/16
host1-gateway:  ens192: 10.100.0.1
host1-ip iface: ens224: 10.0.0.11/16
host1-gateway:  ens224: 10.0.0.1

host2-ip iface: ens192: 10.100.0.12/16
host2-gateway:  ens192: 10.100.0.1
host2-ip iface: ens224: 10.0.0.12/16
host2-gateway:  ens224: 10.0.0.1

keepalived-vip1 on iface: ens192: 10.100.100.1
keepalived-vip2 on iface: ens224: 10.0.100.1

dns1: 10.100.0.21
dns2: 10.100.0.22

/etc/netplan/01-netcfg.yaml:

# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
  version: 2
  renderer: networkd
  ethernets:
    ens192:
      addresses: [ 10.100.0.11/16 ]
      gateway4: 10.100.0.1
      nameservers:
          search: [ example.com ]
          addresses:
              - "10.100.0.21"
              - "10.100.0.22"
    ens224:
      addresses: [ 10.0.0.11/16 ]
      nameservers:
          search: [ example.com ]
          addresses:
              - "10.100.0.21"
              - "10.100.0.22"

有了这个配置

keepalived-vip1 on iface: ens192: 10.100.100.1 <-- works
keepalived-vip2 on iface: ens224: 10.0.100.1 <-- dead, not pingable

从逻辑上讲,没有为 ens224 接口设置网关,因此网络调度程序过来并使用以下脚本为我们设置 iface ens224 的网关和 keepalived 地址:

/usr/lib/networkd-dispatcher/routable.d/00up:

#!/bin/bash
## INITIALISIERUNG
#Diese Werte werden vom netword-dispatcher an das Skript übergeben
set -x
INTERFACE=${IFACE}
ACTION=${STATE}
case "${INTERFACE}" in
("ens224")
        case "${ACTION}" in
        ("routable")
                /bin/ip route add table 2 default via 10.0.0.1
                /bin/ip rule add from 10.0.100.1 table 2
                ;;
        (*)
                ;;
        esac

(*)
        ;;
esac

可以重新启动服务器,一切按预期工作,使用我的两个地址并重新启动,它仍然有效:

keepalived-vip1 on iface: ens192: 10.100.100.1 <-- works
keepalived-vip2 on iface: ens224: 10.0.100.1 <-- works

现在我执行一些命令:

netplan apply
systemctl restart systemd-networkd

现在地址消失了(keepalived 健康检查,仍然成功,因此不会发生故障转移,但在这种情况下,需要调试此 netplan // 网络 // 重新启动行为)

keepalived-vip1 on iface: ens192: 10.100.100.1 <-- dead, not pingable
keepalived-vip2 on iface: ens224: 10.0.100.1 <-- dead, not pingable

尝试使用脚本中的手动步骤修复它:

ip route add table 2 default via 10.0.0.1
ip rule add from 10.0.100.1 table 2

仍然:

keepalived-vip1 on iface: ens192: 10.100.100.1 <-- dead, not pingable
keepalived-vip2 on iface: ens224: 10.0.100.1 <-- dead, not pingable

重新启动服务器:它恢复正常:

keepalived-vip1 on iface: ens192: 10.100.100.1 <-- works
keepalived-vip2 on iface: ens224: 10.0.100.1 <-- works

还用 netplan 尝试过,已经在Netplan 具有 2 个 NIC,每个 NIC 连接到不同的网关但这样我就无法让第二个 keepalived-vip 工作。

答案1

将回答我自己的问题,经过大量调查后,我偶然发现了一个 keepalived 问题:https://github.com/acassen/keepalived/issues/836

“systemd-networkd 正在删除不‘属于’它的地址”,keepalived 在 ubuntu 或 rhel 上发布的版本中无法检测到这一点,

对我来说,解决方案是构建一个版本为 2.0.20 的 keepalived 容器,它能够处理这种情况

(keepalived >= v2 可以处理)

答案2

另一种选择是尝试向接口添加“关键”标志:

network:
  version: 2
  renderer: networkd
  ethernets:
    ens192:
      addresses: [ 10.100.0.11/16 ]
      gateway4: 10.100.0.1
      nameservers:
          search: [ example.com ]
          addresses:
              - "10.100.0.21"
              - "10.100.0.22"
      critical: true
    ens224:
      addresses: [ 10.0.0.11/16 ]
      nameservers:
          search: [ example.com ]
          addresses:
              - "10.100.0.21"
              - "10.100.0.22"
      critical: true

相关内容