我在 RHEL 7 中配置 Keepalived。它通过 snmp 正常工作。
snmpwalk -v2c -cpublic 10.18.0.8 KEEPALIVED-MIB::vrrpInstanceTable
KEEPALIVED-MIB::vrrpInstanceTable = No more variables left in this MIB View (It is past the end of the MIB tree)
Keepalived 版本和构建选项
Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
Build options: PIPE2 LIBNL3 RTA_ENCAP RTA_EXPIRES RTA_PREF FRA_OIFNAME FRA_TUN_ID RTAX_CC_ALGO RTAX_QUICKACK LIBIPTC LIBIPSET_DYNAMIC LVS LIBIPVS_NETLINK VRRP VRRP_AUTH VRRP_VMAC SOCK_NONBLOCK SOCK_CLOEXEC FIB_ROUTING INET6_ADDR_GEN_MODE SNMP_V3_FOR_V2 SNMP SNMP_KEEPALIVED SNMP_CHECKER SNMP_RFC SNMP_RFCV2 SNMP_RFCV3 SO_MARK
SNMP版本
NET-SNMP version: 5.7.2
Keepalived 日志:
Opening file '/etc/keepalived/keepalived.conf'.
Starting SNMP subagent
NET-SNMP version 5.7.2 AgentX subagent connected
VRRP_Instance(VI) removing protocol VIPs.
Using LinkWatch kernel netlink reflector...
VRRP sockpool: [ifindex(2), proto(112), unicast(1), fd(15,16)]
VRRP_Script(check_process) succeeded
VRRP_Instance(VI) Transition to MASTER STATE
VRRP_Instance(VI) Received advert with higher priority 109, ours 100
VRRP_Instance(VI) Entering BACKUP STATE
VRRP_Instance(VI): Sending SNMP notification
VRRP_Instance(VI) Changing effective priority from 100 to 110
/etc/snmp/snmpd.conf - 添加了以下内容
master agentx
agentXSocket /var/agentx/master
/etc/keepalived/keepalived.conf(global_defs 部分包含...)
enable_snmp_keepalived # enable SNMP handling of vrrp element of KEEPALIVED MIB
enable_snmp_checker # enable SNMP handling of checker element of KEEPALIVED MIB
enable_snmp_rfc # enable SNMP handling of RFC2787 and RFC6527 VRRP MIBs
enable_snmp_rfcv2 # enable SNMP handling of RFC2787 VRRP MIB
enable_snmp_rfcv3 # enable SNMP handling of RFC6527 VRRP MIB
enable_traps # enable SNMP traps
我已经浏览了几篇文章但没有成功。有什么帮助吗?谢谢!
答案1
我在 Debian 10 Buster 上遇到了同样的问题,终于在这里找到了答案:
https://unix.stackexchange.com/a/464030
显然,开箱即用的 snmpd 配置为仅允许访问这些子树:
view systemonly included .1.3.6.1.2.1.1
view systemonly included .1.3.6.1.2.1.25.1
rocommunity public default -V systemonly
您可以通过修改视图以多种方式修复它,例如添加
view systemonly included .1.3.6.1.4.1.9586
或添加另一个不受限制的社区等。