[MCCS] Linux8.x vip outbound

Symptoms

  • Linux 8.x에서는 METRIC (네트워크 부팅순서) 이라는 것이 ip route 정보에 나옴

Environment

  • RHEL, CENTOS 8.x 등

Cause

  • 기존 linux 6,7.x 와 다르게 NetworkManager를 필수로 써야됨
  • METRIC 정보는 리부팅 되며 바뀔 가능성이 있어, 기존에 등록된 route change 스크립트가 적용 안될 수 있음

Solution

  • 1. ip route 정보 예시
    [root@linux8.2 ~]# ip route
    default via 10.20.0.1 dev ens192 proto static metric 100
    10.20.0.0/16 dev ens192 proto kernel scope link src 10.20.74.1 metric 100
  • 2. NetworkManager를 이용해서 METRIC 을 STATIC으로 설정해 주어야 함
    [root@linux8.2 ~]# nmcli connection edit ens192
    nmcli > set ipv4.route-metric 100
    nmcli > save
    nmcli > quit
    [root@linux8.2 ~]# systemctl restart NetworkManager
  • 3. Static Metric 설정확인
    [root@linux8.2 ~]# cat /etc/sysconfic/network-script/ifcfg-ens192 | grep METRICIPV4_ROUTE_METRIC=100 
  • 4. VIP OUTBOUND 스크립트 작성 (1번/2번서버 각각 설정해주어야 함)
    예시 ) 1번서버 IP 10.20.74.1 / 2번서버 IP 10.20.74.2 / VIP : 10.20.74.3
     
  • 1번서버 ChangeRoute_1.sh  -> MCCS VIP 1번서버 BatchAfterOnline 적용
    #!/bin/bash
    sleep 3
    ip route change default via 10.20.0.1 dev ens192 proto static metric 100 src 10.20.74.3
    ip route change 10.20.0.0/16 dev ens192 proto kernel scope link src 10.20.74.1 metric 100 src 10.20.74.3
    exit 0
  • 1번서버 RestoreRoute_1.sh  -> MCCS VIP 1번서버 BatchBeforeOffline 적용
    #!/bin/bash
    ip route change default via 10.20.0.1 dev ens192 proto static metric 100
    ip route change 10.20.0.0/16 dev ens192 proto kernel scope link src 10.20.74.3 metric 100 src 10.20.74.1
    sleep 3
    exit 0
  • 2번서버 ChangeRoute_2.sh  -> MCCS VIP 2번서버 BatchAfterOnline 적용
    #!/bin/bash
    sleep 3
    ip route change default via 10.20.0.1 dev ens192 proto static metric 100 src 10.20.74.3
    ip route change 10.20.0.0/16 dev ens192 proto kernel scope link src 10.20.74.2 metric 100 src 10.20.74.3
    exit 0
  • 2번서버 RestoreRoute_2.sh  -> MCCS VIP 2번서버 BatchBeforeOffline 적용
    #!/bin/bash
    ip route change default via 10.20.0.1 dev ens192 proto static metric 100
    ip route change 10.20.0.0/16 dev ens192 proto kernel scope link src 10.20.74.3 metric 100 src 10.20.74.2
    sleep 3
    exit 0
  • 5. VIP OUTBOUND 적용 확인
    [root@linux8.2 ~]# ip route
    default via 10.20.0.1 dev ens192 proto static src 10.20.74.3 metric 100
    10.20.0.0/16 dev ens192 proto kernel scope link src 10.20.74.3 metric 100

    – tcpdump 로 확인 방법
    1. 대기서버에서 tcpdump -v -i ens192 |grep ICMP 실행
    2. 운영서버(VIP online)에서 standby쪽으로 ping
    3. 대기서버에서 들어오는 IP 확인
    기타설명: default via gateway의 경우 망(10.20.0.0외)이 다른 서버가 필요함