I've a ubuntu machine hosting two VMs, each of them running an application, for which i need to provide high availability, so i implemented a floating IP using keepalived and VRRP, But i cannot ping the master VM using the virtual IP from the host, it says destination host unreachable.
keepalived.conf for VM1:
vrrp_instance VI_1 {
interface enp1s0
state MASTER #BACKUP here for VM2
virtual_router_id 51
priority 200 #100 in case of VM2
advert_int 2
authentication {
auth_type PASS
auth_pass monkey
}
virtual_ipaddress {
192.168.122.150/24
}
}
when i start keepalived service , it shows below messages:
Dec 19 14:31:37 secondaryvm Keepalived_vrrp[1419]: Unknown keyword '}'
Dec 19 14:31:37 secondaryvm Keepalived_vrrp[1419]: Unknown keyword 'virtual_ipaddress'
Dec 19 14:31:37 secondaryvm Keepalived_vrrp[1419]: Unknown keyword '192.168.122.150'
Dec 19 14:31:37 secondaryvm Keepalived_vrrp[1419]: Unknown keyword '}'
Dec 19 14:31:37 secondaryvm Keepalived_vrrp[1419]: Unknown keyword '}'
Dec 19 14:31:37 secondaryvm Keepalived_vrrp[1419]: Using LinkWatch kernel netlink reflector...
Dec 19 14:31:37 secondaryvm systemd[1]: Started Keepalive Daemon (LVS and VRRP).
Dec 19 14:31:39 secondaryvm Keepalived_vrrp[1419]: VRRP_Instance(VI_1) Transition to MASTER STATE
Dec 19 14:31:41 secondaryvm Keepalived_vrrp[1419]: VRRP_Instance(VI_1) Entering MASTER STATE
Dec 20 01:55:40 secondaryvm Keepalived_vrrp[1419]: VRRP_Instance(VI_1) Received advert with lower priori
~
A little late to answer, but ran into similar issue myself. I kept receiving an error saying "vrrp_track_process" is an unknown keyword, even though if worked on 1 VM and not other.
On looking in "man keepalived.conf", I noticed one VM had "vrrp_track_process" in it's documentation and other did not. Hence package / repo needed to be updated.
Very likely the current version of package installed doesn't support the keyword used.
Related
i have a problem with usb modem & armbian on Rock64.
I have fresh image of Armbian 22.08 Jammy on my Rock64 hardware.
I plugged in DWM-222 (D-link usb gsm modem), installed usb-modeswitch & modem-manager
and i have created connection with modem-manager.
The connection was working successfully for one day, but then it lost connection.
I made a restart and it was up again for few minutes. Then got down.
Now i am unable to get it working at all.
I tried again total clean image with just the steps above, and it keeps reporting
netlink operation failed: netlink support not available
I couldn't find anything about this error on the internet.
Power supply is proper one (3A) and DWM-222 is working normally on my Ubuntu desktop PC.
This is full log:
Nov 16 20:17:45 rock64 NetworkManager[1630]: <warn> [1668626265.2333] modem-broadband[cdc-wdm0]: failed to connect modem: Couldn't reset interface before setting up data format: netlink operation failed: netlink support not available
Nov 16 20:17:45 rock64 NetworkManager[1630]: <info> [1668626265.2335] device (cdc-wdm0): state change: prepare -> failed (reason 'unknown', sys-iface-state: 'managed')
Nov 16 20:17:45 rock64 NetworkManager[1630]: <warn> [1668626265.2388] device (cdc-wdm0): Activation: failed for connection 'DLINK_modem'
Nov 16 20:17:45 rock64 NetworkManager[1630]: <info> [1668626265.2400] device (cdc-wdm0): state change: failed -> disconnected (reason 'none', sys-iface-state: 'managed')
Do you have any suggestions ?
Thank you
I have been trying to run clickhouse on ec2 instance from terraform. So far the ec2 instance runs well and I have access to the http localhost:8123. However when I try to access the localhost:8123/play I get the following message:
There is no handle /play
Use / or /ping for health checks.
Or /replicas_status for more sophisticated health checks.
Send queries from your program with POST method or GET /?query=...
Use clickhouse-client:
For interactive data analysis:
clickhouse-client
For batch query processing:
clickhouse-client --query='SELECT 1' > result
clickhouse-client < query > result
I don't understand why this is happening as I was not getting that error when running in local.
When I check the status of the clickhouse server I get the following output:
● clickhouse-server.service - ClickHouse Server
Loaded: loaded (/lib/systemd/system/clickhouse-server.service; enabled; vendor preset: enabled)
Mar 25 12:14:35 systemd[1]: Started ClickHouse Server.
Mar 25 12:14:35 clickhouse-server[11774]: Include not found: clickhouse_remote_servers
Mar 25 12:14:35 clickhouse-server[11774]: Include not found: clickhouse_compression
Mar 25 12:14:35 clickhouse-server[11774]: Logging warning to /var/log/clickhouse-server/clickhouse-server.log
Mar 25 12:14:35 clickhouse-server[11774]: Logging errors to /var/log/clickhouse-server/clickhouse-server.err.log
Mar 25 12:14:35 clickhouse-server[11774]: Include not found: networks
Mar 25 12:14:35 clickhouse-server[11774]: Include not found: networks
Mar 25 12:14:37 clickhouse-server[11774]: Include not found: clickhouse_remote_servers
Mar 25 12:14:37 clickhouse-server[11774]: Include not found: clickhouse_compression
I don't know if this will help but maybe it is related to the problem.(logs file are empty)
Another question that I have and that has nothing to do with the problem above, is about the understanding of how clickhouse works because we hear many different articles talking about clickhouse but none seem very clear to me. We often hear about "nodes" in the articles that I've been reading. So far I think that clickhouse works with servers on which we put clusters. Inside those clusters we put shards and in each of those shards we put replicas, the so called "nodes". As we will be running in production I just want to make sure that when we talk about "nodes" we are talking about container which act as compute units or it is completely something else.
So far I've tried to open all port ingress and egress but it did not fix the problem. I've checked the clickhouse documentation which mention custom http endpoint but none talk about this error.
I am trying to connect openldap nodes in cluster but I receive the
following message (The password is update on all different openldap).
What password is failing and how can I force to be update?
Feb 25 18:57:01 ldap03 slapd[9556]: slapd starting
Feb 25 18:57:01 ldap03 slapd[9556]: slap_client_connect: URI=ldap://ldap01 DN="cn=admin,dc=clients,dc=enterprise,dc=com" ldap_sasl_bind_s failed (-1)
Feb 25 18:57:01 ldap03 slapd[9556]: do_syncrepl: rid=001 rc -1 retrying (4 retries left)
Thanks in advance.
I am met same issue...
625cf83c slapd starting
625cf83c slap_client_connect: URI=ldaps://ldap.example.com:636 DN="cn=admin,dc=example,dc=com" ldap_sasl_bind_s failed (-1)
625cf83c do_syncrepl: rid=123 rc -1 retrying
But in my case, the issue was on transport layer. The OpenLDAP server was built without SSL support. Re-installation the OpenLDAP server with SSL support solved my issue.
I have device that i want to autorize to using TACACS+ server.
I have TACACS version: tac_plus version F4.0.4.26
I have tacacs server with next configuration
accounting file = /var/log/tac_plus.acct
key = testing123
default authentication = file /etc/passwd
user = sf {
default service = permit
login = cleartext 1234
}
user = DEFAULT {
# login = PAM
service = ppp protocol = ip {}
}
on device i have NSS with config:
/etc/nsswitch.conf
passwd: files rf
group: files
shadow: files
hosts: files dns
networks: files dns
protocols: files
services: files
ethers: files
rpc: files
and pam.d with sshd file in it
# SERVER 1
auth required /lib/security/pam_rf.so
auth [success=done auth_err=die default=ignore] /lib/security/pam_tacplus.so server=172.18.177.162:49 secret=testing123 timeout=5
account sufficient /lib/security/pam_tacplus.so server=172.18.177.162:49 service=ppp protocol=ip timeout=5
session required /lib/security/pam_rf.so
session sufficient /lib/security/pam_tacplus.so server=172.18.177.162:49 service=ppp protocol=ip timeout=5
password required /lib/security/pam_rf.so
# PAM configuration for the Secure Shell service
# Standard Un*x authentication.
auth include common-auth
# Disallow non-root logins when /etc/nologin exists.
account required pam_nologin.so
# Standard Un*x authorization.
account include common-account
# Set the loginuid process attribute.
session required pam_loginuid.so
# Standard Un*x session setup and teardown.
session include common-session
# Standard Un*x password updating.
password include common-password
and the problem, while i connect to device first time vie TeraTerm, i see that inputed user name was added in session start to /etc/passwd and /etc/shadow
but logging not succeed and in tacacs server i see in logs
Mon Dec 17 19:00:05 2018 [25418]: session.peerip is 172.17.236.2
Mon Dec 17 19:00:05 2018 [25418]: forked 5385
Mon Dec 17 19:00:05 2018 [5385]: connect from 172.17.236.2 [172.17.236.2]
Mon Dec 17 19:00:05 2018 [5385]: Found entry for alex in shadow file
Mon Dec 17 19:00:05 2018 [5385]: verify
IN $6$DUikjB1i$4.cM87/pWRZg2lW3gr3TZorAReVL7JlKGA/2.BRi7AAyHQHz6bBenUxGXsrpzXkVvpwp0CrtNYAGdQDYT2gaZ/
Mon Dec 17 19:00:05 2018 [5385]:
IN encrypts to $6$DUikjB1i$AM/ZEXg6UAoKGrFQOzHC6/BpkK0Rw4JSmgqAc.xJ9S/Q7n8.bT/Ks73SgLdtMUAGbLAiD9wnlYlb84YGujaPS/
Mon Dec 17 19:00:05 2018 [5385]: Password is incorrect
Mon Dec 17 19:00:05 2018 [5385]: Authenticating ACLs for user 'DEFAULT' instead of 'alex'
Mon Dec 17 19:00:05 2018 [5385]: pap-login query for 'alex' ssh from 172.17.236.2 rejected
Mon Dec 17 19:00:05 2018 [5385]: login failure: alex 172.17.236.2 (172.17.236.2) ssh
after that if i close TeraTerm and opening it again and trying to connect, connection established successfully, after that if i close TeraTerm and open again, the same problem appears each seccond try.
what may be a problem with it, i am driving crazy already
after deeply discovering problem, i fount out that iit was my fault, i compiled my name service using g++ instead of gcc.
Because of name service using
#include <pwd.h>
that defines interface for functions like nss_service_getpwnam_r and others, that was written in C, therefore i was must to:
extern "C" {
#include <pwd.h>
}
or to compile my program using GCC, hope in once someone will face same problem it will help him / her. good luck
I have a simple 4 server setup running jMeter (3 slaves, 1 master):
Slave 1: 10.135.62.18 running ./jmeter-server -Djava.rmi.server.hostname=10.135.62.18
Slave 2: 10.135.62.22 running ./jmeter-server -Djava.rmi.server.hostname=10.135.62.22
Slave 3: 10.135.62.20 running ./jmeter-server -Djava.rmi.server.hostname=10.135.62.20
Master: 10.135.62.11 with remote_hosts=10.135.62.18,10.135.62.22,10.135.62.20
I start the test with ./jmeter -n -t /root/jmeter/simple.jmx -l /root/jmeter/result.jtl -r
With the following output:
Writing log file to: /root/apache-jmeter-3.0/bin/jmeter.log
Creating summariser <summary>
Created the tree successfully using /root/jmeter/simple.jmx
Configuring remote engine: 10.135.62.18
Configuring remote engine: 10.135.62.22
Configuring remote engine: 10.135.62.20
Starting remote engines
Starting the test # Mon Aug 29 11:22:38 UTC 2016 (1472469758410)
Remote engines have been started
Waiting for possible Shutdown/StopTestNow/Heapdump message on port 4445
The Slaves print:
Starting the test on host 10.135.62.22 # Mon Aug 29 11:22:39 UTC 2016 (1472469759257)
Finished the test on host 10.135.62.22 # Mon Aug 29 11:22:54 UTC 2016 (1472469774871)
Starting the test on host 10.135.62.18 # Mon Aug 29 11:22:39 UTC 2016 (1472469759519)
Finished the test on host 10.135.62.18 # Mon Aug 29 11:22:57 UTC 2016 (1472469777173)
Starting the test on host 10.135.62.20 # Mon Aug 29 11:22:39 UTC 2016 (1472469759775)
Finished the test on host 10.135.62.20 # Mon Aug 29 11:22:56 UTC 2016 (1472469776670)
Unfortunately the master waits for messages on port 4445 indefinitely event though all slaves finished the test.
Is there anything I have missed?
I figured it out myself just before submitting the question. I guess the solution could be useful nonetheless:
Once I start the test (on the main server) with this:
./jmeter -n -t /root/jmeter/simple.jmx -l /root/jmeter/result.jtl -r -Djava.rmi.server.hostname=10.135.62.11 -Dclient.rmi.localport=4001
It works just fine. I wonder why the documentation doesn't mention something like this.