[FAILED]
keepalived在启动的时候默认是读取/etc/keepalived/下的配置文件,当我们的配置文件不在这里时。我们就要复制一份配置文件过来过来
解决方法:cp keepalived-1.4.4/keepalived/etc/keepalived/ /etc/keepalived/
2、keepalived+nginx架构:nginx宕机后VIP还在,查看keepalived错误日志发现,但是selinux机制是关闭的:
SELinux is preventing /usr/sbin/keepalived from name_connect access on the tcp_socket port 63781. For complete SELinux messages run: sealert -l e1ae27e5-04c5-42d2-a015-aa5580237c22
Jul 6 15:10:34 localhost python: SELinux is preventing /usr/sbin/keepalived from name_connect access on the tcp_socket port 63781.#012#012***** Plugin connect_ports (92.2 confidence) suggests *********************#012#012If you want to allow /usr/sbin/keepalived to connect to network port 63781#012Then you need to modify the port type.#012Do#012# semanage port -a -t PORT_TYPE -p tcp 63781#012 where PORT_TYPE is one of the following: agentx_port_t, connlcli_port_t, dns_port_t, dnssec_port_t, http_port_t, kerberos_port_t, mysqld_port_t, ocsp_port_t, smtp_port_t, snmp_port_t, squid_port_t.#012#012***** Plugin catchall_boolean (7.83 confidence) suggests ******************#012#012If you want to allow nis to enabled#012Then you must tell SELinux about this by enabling the 'nis_enabled' boolean.#012You can read 'None' man page for more details.#012Do#012setsebool -P nis_enabled 1#012#012***** Plugin catchall (1.41 confidence) suggests **************************#012#012If you believe that keepalived should be allowed name_connect access on the port 63781 tcp_socket by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'keepalived' --raw | audit2allow -M my-keepalived#012# semodule -i #012
错误原因:
解决方法: