[ClusterLabs] Can packmaker launch haproxy from new network namespace automatically?
Hao QingFeng
haoqf at linux.vnet.ibm.com
Sat Dec 17 20:26:37 EST 2016
Hi Folks,
I am installing packmaker to manage the cluster of haproxy within
openstack on ubuntu 16.04.
I met the problem that haproxy can't start listening for some services
in vip because the related ports
were occupied by those native services which listened on 0.0.0.0.
I opened a bug to openstack team and a buddy told me that I should use
pacemaker to run haproxy in
a separate network namespace. I attached his description here(also in bug):
<<<
Fuel runs haproxy via pacemaker (not vis systemd/upstart) and pacemaker
runs haproxy in a separate network namespace.
So haproxy does not cause any problems by listedning on 0.0.0.0 since
it's listening in a separate network namespace.
You can see it via "ip netns ls" command and then "ip netns exec haproxy
ip a".
Did you try to restart haproxy via systemd/upstart? If so then you could
face this problem. You should use pacemaker to control haproxy service.
>>>
Here is the bug link:
https://bugs.launchpad.net/openstack-manuals/+bug/1649902
Actually I did start haproxy with pacemaker but "ip netns ls" show
nothing and haproxy can't bind some port like 9292 on vip .
I checked and found that openstack starts including this function from
fuel 5.0(released in May, 2014).
But after I downloaded pacemaker's code, did a rough check, I couldn't
find any related functions(keywords: ip netns, clone, CLONE_NEW...)
except in the test cases for neutron and ovs etc(if my understanding is
correct).
I didn't see any related configuration item in "crm configure show" either.
So I would like just to confirm that if pacemaker has such function to
create a new network namespace
for haproxy(or other manged service) automatically to avoid such socket
binding conflict?
If yes, how to configure it? If no such function, do you have any advice
on how to solve the problem?
BTW, you can see the detailed configuration information in the bug link,
if you need more, please let me know.
Thanks a lot!
Regards!
--
QingFeng Hao(Robin)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.clusterlabs.org/pipermail/users/attachments/20161218/0252ecd4/attachment-0002.html>
More information about the Users
mailing list