On 12/11/2010 07:26 PM, bluethundr wrote:
Sorry I forgot to finish the story!!! :)
And the interface doesn't appear to be sharing the address:
[root@VIRTCENT01:~]#ip addr sh eth0 2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:16:36:22:92:70 brd ff:ff:ff:ff:ff:ff inet 192.168.1.23/24 brd 192.168.1.255 scope global eth0 inet6 fe80::216:36ff:fe22:9270/64 scope link valid_lft forever preferred_lft forever
And I can't ping the virtual address I had tried to setup using heartbeat:
[root@VIRTCENT01:~]#ping 192.168.1.200 PING 192.168.1.200 (192.168.1.200) 56(84) bytes of data.
From 192.168.1.23 icmp_seq=1 Destination Host Unreachable From 192.168.1.23 icmp_seq=2 Destination Host Unreachable From 192.168.1.23 icmp_seq=3 Destination Host Unreachable
thanks again!!!
On Sat, Dec 11, 2010 at 10:13 PM, bluethundrbluethundr@gmail.com wrote:
hello list!
I am attempting to setup haproxy using a shared up I am trying to setup using the heartbeat package that I currently have installed:
[root@VIRTCENT01:~]#rpm -qa | grep heartbeat | grep -v -e stonith -e pils heartbeat-2.1.4-11.el5 heartbeat-2.1.4-11.el5
I have /etc/ha/.d authkeys setup this way:
# auth 2 #1 crc 2 sha1 {SHA}secret
I have /etc/ha.d/resources setup like this:
VIRTCENT01.summitnjhome.com 192.168.1.23
And I have /etc/ha.cf setup like this:
# What UDP port to use for udp or ppp-udp communication? # udpport 694 bcast eth0 mcast eth0 225.0.0.1 694 1 0 ucast eth0 192.168.1.200 # What interfaces to heartbeat over? udp eth0 # # Facility to use for syslog()/logger (alternative to log/debugfile) # logfacility local0 # # Tell what machines are in the cluster # node nodename ... -- must match uname -n node lb1.summitnjhome.com node lb2.summitnjhome.com
The service seems to start ok:
[root@VIRTCENT01:~]#service heartbeat restart Stopping High-Availability services: [ OK ] Waiting to allow resource takeover to complete: [ OK ] Starting High-Availability services: 2010/12/11_22:03:55 INFO: Resource is stopped [ OK ]
(tho I am unsure of that the INFO notice is of the resource being stopped).
And I have verified that it is running with ps:
[root@VIRTCENT01:~]#ps auxwww | grep heartbeat root 3646 0.1 4.6 12260 12256 ? SLs 22:03 0:00 heartbeat: master control process nobody 3648 0.0 2.1 5664 5660 ? SL 22:03 0:00 heartbeat: FIFO reader nobody 3649 0.0 2.1 5660 5656 ? SL 22:03 0:00 heartbeat: write: bcast eth0 nobody 3650 0.0 2.1 5660 5656 ? SL 22:03 0:00 heartbeat: read: bcast eth0 root 3653 0.0 0.2 61180 736 pts/1 S+ 22:04 0:00 grep heartbeat
And verified that the box is listening on port 694 (the port that I have set for heartbeat):
[root@VIRTCENT01:~]#netstat -tulpn | grep heartbeat udp 0 0 0.0.0.0:694 0.0.0.0:* 3649/heartbeat: wri udp 0 0 0.0.0.0:50550 0.0.0.0:* 3649/heartbeat: wri
However although I have the port enabled in iptables:
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 694 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT
An nmap scan does not see anything active on 694:
bluethundr@bluethundr-laptop:~$ sudo nmap -sT -A virt1
Starting Nmap 5.00 ( http://nmap.org ) at 2010-12-11 22:07 EST Warning: Traceroute does not support idle or connect scan, disabling... Interesting ports on 192.168.1.23: Not shown: 997 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 5.6 (protocol 2.0) | ssh-hostkey: 1024 b0:gu:s (DSA) |_ 2048 b0:gu:s (RSA) 80/tcp closed http 631/tcp closed ipp MAC Address: 00:16:36:22:92:70 (Quanta Computer) Device type: general purpose Running: Linux 2.6.X OS details: Linux 2.6.15 - 2.6.26 Network Distance: 1 hop
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 11.27 seconds
I am enclosing an archive of my /etc/ha.d directory in case this is of use to anyone. I would certainly appreciate any help anyone could provide!
Thanks!!
-- GPG me!!
gpg --keyserver pgp.mit.edu --recv-keys F186197B
The message you are seeing when you start heartbeat doesn't make any sense to me either, but it does indicate that it started correctly.
The line:
VIRTCENT01.summitnjhome.com 192.168.1.23
should be:
VIRTCENT01.summitnjhome.com 192.168.1.200
To cause that IP address to be available upon taking control.