Hi Fabiano, hope you're doing well these days.
This mailing list is focused on NGINX OSS distribution. For commercial support I'd recommend to raise a support ticket on MyF5 portal, https://my.f5.com/ Thank you. -- Sergey A. Osokin On Wed, Jan 12, 2022 at 05:00:35PM -0300, Fabiano Furtado Pessoa Coelho wrote: > Hi... > > I'm trying to configure keepalived in active-active mode, using 2 > nodes, based on the official documentation > https://docs.nginx.com/nginx/admin-guide/high-availability/ha-keepalived-nodes/, > but the environment became unstable. The TCP connection is closing all > the time and I don't know what's wrong with my keeepalived config. > > I'm using RHEL 8.5 with SELinux enabled and enforcing. > > The configuration of my first NGINX Plus node: > > global_defs { > vrrp_version 3 > router_id nginx_prod1 > } > > vrrp_script chk_manual_failover { > script "/usr/libexec/keepalived/nginx-ha-manual-failover" > interval 10 > weight 50 > } > > vrrp_script chk_nginx_service { > script "/usr/libexec/keepalived/nginx-ha-check" > interval 3 > weight 50 > } > > vrrp_instance VI_1 { > state MASTER > interface eth0 > priority 99 > virtual_router_id 31 > advert_int 1 > accept > garp_master_refresh 5 > garp_master_refresh_repeat 1 > unicast_src_ip x.y.z.48/26 > unicast_peer { > x.y.z.50 > } > virtual_ipaddress { > x.y.z.49/26 brd x.y.z.63 dev eth0 > } > track_script { > chk_nginx_service > chk_manual_failover > } > notify "/usr/libexec/keepalived/nginx-ha-notify" > } > > vrrp_instance VI_2 { > state BACKUP > interface eth0 > priority 98 > virtual_router_id 41 > advert_int 1 > accept > garp_master_refresh 5 > garp_master_refresh_repeat 1 > unicast_src_ip x.y.z.48/26 > unicast_peer { > x.y.z.50 > } > virtual_ipaddress { > x.y.z.51/26 brd x.y.z.63 dev eth0 > } > track_script { > chk_nginx_service > chk_manual_failover > } > notify "/usr/libexec/keepalived/nginx-ha-notify" > } > > And the "ip a" config: > eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel > state UP group default qlen 1000 > link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff > inet x.y.z.48/26 brd x.y.z.63 scope global noprefixroute eth0 > valid_lft forever preferred_lft forever > inet x.y.z.49/26 brd x.y.z.63 scope global secondary eth0 > valid_lft forever preferred_lft forever > inet x.y.z.51/26 brd x.y.z.63 scope global secondary eth0 > valid_lft forever preferred_lft forever > > > > The configuration of my second NGINX Plus node: > > global_defs { > vrrp_version 3 > router_id nginx_prod2 > } > > vrrp_script chk_manual_failover { > script "/usr/libexec/keepalived/nginx-ha-manual-failover" > interval 10 > weight 50 > } > > vrrp_script chk_nginx_service { > script "/usr/libexec/keepalived/nginx-ha-check" > interval 3 > weight 50 > } > > vrrp_instance VI_1 { > state MASTER > interface eth0 > priority 101 > virtual_router_id 51 > advert_int 1 > accept > garp_master_refresh 5 > garp_master_refresh_repeat 1 > unicast_src_ip x.y.z.50/26 > unicast_peer { > x.y.z.48 > } > virtual_ipaddress { > x.y.z.51/26 brd x.y.z.63 dev eth0 > } > track_script { > chk_nginx_service > chk_manual_failover > } > notify "/usr/libexec/keepalived/nginx-ha-notify" > } > > vrrp_instance VI_2 { > state BACKUP > interface eth0 > priority 100 > virtual_router_id 61 > advert_int 1 > accept > garp_master_refresh 5 > garp_master_refresh_repeat 1 > unicast_src_ip x.y.z.50/26 > unicast_peer { > x.y.z.48 > } > virtual_ipaddress { > x.y.z.49/26 brd x.y.z.63 dev eth0 > } > track_script { > chk_nginx_service > chk_manual_failover > } > notify "/usr/libexec/keepalived/nginx-ha-notify" > } > > And the "ip a" config: > eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel > state UP group default qlen 1000 > link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff > inet x.y.z.50/26 brd x.y.z.63 scope global noprefixroute eth0 > valid_lft forever preferred_lft forever > inet x.y.z.51/26 brd x.y.z.63 scope global secondary eth0 > valid_lft forever preferred_lft forever > inet x.y.z.49/26 brd x.y.z.63 scope global secondary eth0 > valid_lft forever preferred_lft forever > > What am I doing wrong? > Thanks in advance! > > Fabiano > _______________________________________________ > nginx mailing list -- nginx@nginx.org > To unsubscribe send an email to nginx-le...@nginx.org _______________________________________________ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org
