Oracle Linux 8环境下Keepalived脑裂问题求助:双节点均为MASTER模式且同时绑定VIP
2026-4-23
Oracle Linux 8环境下Keepalived脑裂问题求助:双节点均为MASTER模式且同时绑定VIP
大家好,我在Oracle Linux 8上部署Keepalived时碰到了脑裂问题:两台节点都进入了MASTER模式,VIP同时被分配到了两台机器上,实在头疼,想请各位大佬帮忙分析下原因!
问题核心细节
- 关闭firewalld服务后,Keepalived就能正常工作,主备切换正常;但一旦开启防火墙,立刻出现脑裂
- 日志中能看到关键报错:
Keepalived_vrrp[1077307]: (VI_1) Receive advertisement timeout
节点Keepalived配置
Node 1 的 /etc/keepalived/keepalived.conf:
global_defs { vrrp_priority -20 checker_priority -19 script_user root } vrrp_script chk_haproxy { script "/usr/bin/killall -0 haproxy" # 检查haproxy进程状态 interval 2 # 每2秒检查一次 weight 2 # 检查正常则优先级+2 timeout 3 fall 3 } vrrp_instance VI_1 { interface ens192 # 监听网卡 state BACKUP # haproxy1设为MASTER,haproxy2设为BACKUP nopreempt virtual_router_id 52 priority 101 # haproxy1优先级101,haproxy2为100 virtual_ipaddress { VIP_address # 虚拟IP地址 } track_script { chk_haproxy } }
Node 2 的 /etc/keepalived/keepalived.conf:
global_defs { vrrp_priority -20 checker_priority -19 script_user root } vrrp_script chk_haproxy { script "/usr/bin/killall -0 haproxy" # 检查haproxy进程状态 interval 2 # 每2秒检查一次 weight 2 # 检查正常则优先级+2 timeout 3 fall 3 } vrrp_instance VI_1 { interface ens192 # 监听网卡 state BACKUP # haproxy1设为MASTER,haproxy2设为BACKUP nopreempt virtual_router_id 52 priority 100 # haproxy1优先级101,haproxy2为100 virtual_ipaddress { VIP_address # 虚拟IP地址 } track_script { chk_haproxy } }
当前防火墙规则配置
我已经添加了VRRP相关规则,执行firewall-cmd --list-all的输出如下:
public (active) target: default icmp-block-inversion: no interfaces: ens192 sources: here are ip addreses of both nodes services: cockpit dhcpv6-client ssh ports: 3306/tcp 3305/tcp protocols: forward: no masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: rule family="ipv4" destination address="224.1.0.0/16" accept rule family="ipv4" destination address="224.0.0.18" protocol value="ip" accept rule protocol value="vrrp" accept
明明已经加了VRRP的放行规则,为啥开启防火墙还是会导致脑裂?有没有大佬能指点下排查方向?
备注:内容来源于stack exchange,提问作者zerozg
