keepalived容器内部署安装后无法产生VIP的问题解决

时间:2025-03-31 08:45:25

容器内安装keepalived

yum -y install openssl-devel gcc gcc-c++ wget make
mkdir /etc/keepalived
wget /software/keepalived-2.2.

tar -zxvf keepalived-2.2.
mv keepalived-2.2.4 /usr/local/keepalived
cd /usr/local/keepalived


./configure --enable-log-file

make && make install

安装完之后

启动修改配置文件,,这里只是简单的测试配置,主要验证容器内的可行性

global_defs {
script_user root
enable_script_security
notification_email {
root@localhost #健康检查报告通知邮箱
}
notification_email_from keepalived@localhost #发送邮件的地址
smtp_server 127.0.0.1 #邮件服务器
smtp_connect_timeout 30
router_id LVS_DEVEL
}

vrrp_script check_nginx {
    interval 2 # 检测间隔2s
    weight -5 # 若检测失败权重减低5
    fall 3 # 检测失败3次就定义为down状态
    rise 2 # 检测失败后,检测成功超过2次就定义为up状态
    script "/root/"
}

vrrp_instance VI_1 {
    state BACKUP # backup_server
    interface ens192
    virtual_router_id 109
    priority 90 # 权重值,值大的优先级高
    advert_int 2 # 检测时间间隔2s
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.24.0.107 # VIP
    }
    track_script {
       check_nginx # 检测脚本
    }
}

vrrp_instance VI_2 {
    state MASTER # master_server
    interface ens192
    virtual_router_id 110
    priority 100 # 权重值,值大的优先级高
    advert_int 2 # 检测时间间隔2s
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.24.0.107 # VIP
    }
    track_script {
       check_nginx # 检测脚本
    }
}

启动keepalived

keepalived -f /etc/keepalived/ --log-file=/tmp/

pe -ef|grep keepalived 查看,keepalived服务已经起来,

但是ip a 并没有VIP产生

看日志/tmp/

Fri Sep 17 10:56:31.527068825 2021: Starting Keepalived v2.2.4 (08/21,2021)
Fri Sep 17 10:56:31.527280853 2021: Running on Linux 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 (built for Linux 3.10.0)
Fri Sep 17 10:56:31.527369755 2021: Command line: '/usr/local/keepalived/sbin/keepalived' '-f' '/etc/keepalived/' '-l' '-g'
Fri Sep 17 10:56:31.527692424 2021: Configuration file /etc/keepalived/
Fri Sep 17 10:56:31.528843263 2021: Failed to bind to process monitoring socket - errno 1 - Operation not permitted
Fri Sep 17 10:56:31.528988422 2021: Remove a zombie pid file /run/
Fri Sep 17 10:56:31.529245069 2021: Remove a zombie pid file /run/
Fri Sep 17 10:56:31.529873600 2021: NOTICE: setting config option max_auto_priority should result in better keepalived performance

查看应该是权限问题

大致意思就是用户态想绑定一个一个套接字,但是权限不够

然后在主机上docker inspect docker_name***

看到 "Privileged": false,该容器是普通用户执行的,特殊的套接字没有权限bind

重现创建或者重启容器加上--privileged=true即可

docker run --name docker_name*** --privileged=true -e ***

相关文章