You need to set net.ipv4.ip_nonlocal_bind=1 to allow processes to bind to an IP address not currently on the host.
-Bryan On Thu, Apr 2, 2015 at 2:19 PM, Tim Dunphy <[email protected]> wrote: > Hey folks, > > I'm setting up HAProxy and keepalived on 2 nodes today. And I'm able to > start HAProxy on the first node, but not on the 2nd node. > > I've tested failover of the VIP for keepalived and it stays up if either > node is running keepalived. > > I have the same haproxy config on both nodes. This is the config I have > setup: > > global > log 127.0.0.1 local0 notice > user haproxy > group haproxy > > defaults > log global > retries 2 > timeout connect 3000 > timeout server 5000 > timeout client 5000 > > listen web-cluster > bind 3.3.87.23:80 > mode http > balance roundrobin > server web-1 3.3.86.246:8080 check > server web-2 3.3.86.247:8080 check > > listen 3.3.87.23:80 > bind 3.3.87.23:80 > mode http > stats enable > stats uri / > stats realm Strictly\ Private > stats auth admin:wouldntYouLikeToKnow > > > And I notice that on the first node if I do a netstat I can see the > keepalived vip listening on the port I specify. > > [root@aoaapld00130la haproxy]# netstat -tulpn | grep -i listen | grep > haproxy > tcp 0 0 3.3.87.23:80 0.0.0.0:* > LISTEN > 57332/haproxy > > And on the first node haproxy runs without complaint: > > [root@aoaapld00130la haproxy]# service haproxy status > haproxy (pid 57332) is running... > > But on the second node, I'm getting an error saying that HAProxy cannot > bind to socket. > > [root@aoaapld00130lb haproxy]# service haproxy start > Starting haproxy: [ALERT] 091/171840 (22084) : Starting proxy web-cluster: > cannot bind socket [3.3.87.23:80] > [ALERT] 091/171840 (22084) : Starting proxy 3.3.87.23:80: cannot bind > socket [3.3.87.23:80] > [FAILED] > > Can someone please help me understsand why haproxy is failing on the > second node? > > Thanks! > Tim > > > > > > -- > GPG me!! > > gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B > >

