Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
All VIPs managed by ipfailover always move to the just rebooted node #21188
I have OpenShift Origin 3.10 installed by openshift-ansible. The setup includes 3 masters, 2 infra (registry, routers), app nodes and glusterfs+heketi. It's a pretty standard configuration.
One more thing. Openshift is deployed on the OpenStack instances. VIPs are made as
What I need
I want to distribute a workload coming to *.apps.example.com between the infra nodes. So my idea is to have 2 VIPs, where each of the IPs should assign on its infra node. So every of infra nodes should have about 50/50 of traffic at each.
What I do
How I test the ipfailover
The problems which I see
Once any of the infra nodes is rebooted/crashed/shutdown/etc and is run again, both VIPs move to this just rebooted node.
Providing that both infra nodes are up, I expect that VIP-1 is always assigned to infra-1 and VIP-2 is to infra-2 and traffic is being load balanced between both infra nodes. But actually I have that both VIPs are assigned at a single infra node after this one just rebooted.
VIP-1 is bound to infra-1 and VIP-2 is to infra-2 are just given as an example. If VIP-1 selects infra-2 as its master and VIP-2 selects infra-1, the situation doesn't change at all. Everything still works the same.
Delete and re-create ipfailover
I did the same test many times by deleting the failover
Testing Keepalived out of OpenShift
After a lot of attempts of the above I reinstalled OpenShift and run keepalived on bare metal, not using the OpenShift built-in ipfailover. I just configured it manually on the same infra nodes. Rebooting the infra nodes one by one, VIPs migrate between the nodes only when it really needs. And each of the VIPs assigns on its master correctly.
I know that a best setup would include an odd number of infra nodes to avoid the split brain situation. But in my case only two are needed and I'm not sure that split brain takes the place because of both ipfailover pods communicate to each other very well, including vrrp protocol.
So please help me to sort out in where I have misconfiguration.