[ClusterLabs] Support for xt_cluster

Thu, 19 Dec 2019 07:02:22 -0800 

Hi, 
As I know, CLUSTERIP is deprecated for some time. Recent distributions doesn't 
have this module on their repositories at all (Red Hat 8)
It seems Pacemaker still use CLUSTERIP for clone an IP address.
For this reason, I have the following error on an Active/Active cluster VIP: 
Cenario: 
CentOS 8Pacemaker 2.0.1Kernel 4.18.0Iptables 1.8.2
# pcs resource create ClusterIP ocf:heartbeat:IPaddr2 ip=172.18.14.100 
nic=ens160 cidr_netmask=24 op monitor interval=2s# pcs resource clone 
ClusterIP# pcs status...Failed Resource Actions:* ClusterIP_start_0 on pcsnode1 
'unknown error' (1): call=40, status=complete, exitreason='iptables failed',    
last-rc-change='Thu Dec 19 12:30:40 2019', queued=0ms, exec=172ms
Logs: 
Dec 19 12:32:54 pcsnode1 IPaddr2(ClusterIP)[10245]: ERROR: iptables failedDec 
19 12:32:54 pcsnode1 pacemaker-execd[1436]: notice: 
ClusterIP_start_0:10245:stderr [ iptables v1.8.2 (nf_tables): chain name not 
allowed to start with `-' ]Dec 19 12:32:54 pcsnode1 pacemaker-execd[1436]: 
notice: ClusterIP_start_0:10245:stderr [  ]Dec 19 12:32:54 pcsnode1 
pacemaker-execd[1436]: notice: ClusterIP_start_0:10245:stderr [ Try `iptables 
-h' or 'iptables --help' for more information. ]Dec 19 12:32:54 pcsnode1 
pacemaker-execd[1436]: notice: ClusterIP_start_0:10245:stderr [ 
ocf-exit-reason:iptables failed ]Dec 19 12:32:54 pcsnode1 
pacemaker-controld[1439]: notice: Result of start operation for ClusterIP on 
pcsnode1: 1 (unknown error)
Any one can simulate the module problem, outside Pacemaker, with this command: 
Perfectly good for CentOS 7 installation with ipt_CLUSTERIP.ko: 
# iptables -A INPUT -d 172.18.14.100/32 -i ens192 -j CLUSTERIP --new --hashmode 
sourceip-sourceport --clustermac 43:0A:1F:80:58:36 --total-nodes 2 --local-node 
2 --hash-init 0
No good for a default CentOS 8 installation: 
# iptables -A INPUT -d 172.18.14.100/32 -i ens192 -j CLUSTERIP --new --hashmode 
sourceip-sourceport --clustermac 43:0A:1F:80:58:36 --total-nodes 2 --local-node 
2 --hash-init 0iptables v1.8.2 (nf_tables): chain name not allowed to start 
with `-'
Try `iptables -h' or 'iptables --help' for more information.

Is there any intention to abandon CLUSTERIP in favor of xt_cluster.ko? 
Thanks a lot!

Att,
Marcus Vinícius
_______________________________________________
Manage your subscription:
https://lists.clusterlabs.org/mailman/listinfo/users

ClusterLabs home: https://www.clusterlabs.org/

Reply via email to