[DRBD-user] DRBD over floating IPs in HP Cloud Services

Ken Miles cheaprbytheduzn at gmail.com
Sun Aug 3 00:42:38 CEST 2014

Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.

We are having some grief getting DRBD to connect between subnets
in HP Cloud Services (http://www.hpcloud.com - Openstack 13.5 env).
In HPCS every node gets two IPs:

10.0.0.X private subnet
15.*.*.* /18 'floating IP'

Connecting on the private subnet works fine, but in one scenario
we want to connect between subnets and must use the floating IP.
Thus far this has been a non-starter.  It appears that DRBD does
something special with IP's that are not 'static' to the node.
We have set:

global {
   disable-ip-verification;
}

to try to get past that but to no avail.  Typical status of the two nodes:
 0: cs:WFConnection ro:Primary/Unknown ds:UpToDate/DUnknown C r----s
and:
 0: cs:WFConnection ro:Secondary/Unknown ds:Inconsistent/DUnknown C r----s

Other things we have done already include:
Ensure that iptables is stopped.
Opened HPCS security groups wide open between the two floating IPs
Tested ping, ssh, and a test program (see below) between the nodes.

When we run this netstat on the master shortly after starting a connection
attempt we can see that a SYN was sent to the secondary:

root at chefbe-east-z1(/root):
$ netstat -aptln
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address
State       PID/Program name
tcp        0      0 15.126.215.121:7788         0.0.0.0:*
LISTEN      -
tcp        0      0 0.0.0.0:22                  0.0.0.0:*
LISTEN      1098/sshd
tcp        0      0 127.0.0.1:25                0.0.0.0:*
LISTEN      1240/master
tcp        0      1 15.126.215.121:59527        15.126.215.156:7788
SYN_SENT    -
tcp        0      0 10.0.0.22:22                15.219.147.254:33194
 ESTABLISHED 17484/sshd

Likewise, the same netstat on the secondary shows a SYN sent to the master.
But each seems to be ignoring the SYN from the other and not starting
a connection.

We noticed this:
http://www.drbd.org/users-guide/s-pacemaker-floating-peers.html

And tried it replacing 'address' with 'floating' in our resource defintion
but it's
a no go for us:

  "/pc0.res:14: Parse error: 'disk | device | address | meta-disk |
flexible-meta-disk' expected,
    but got 'floating'"

We are not using Pacemaker so perhaps that syntax is Pacemaker specific - ?

We are running:
drbd84-8.4.4
CentOS 6.5

Finally, if we tear down DRBD and run our little client-server test program
between the two nodes over port 7788 it works just fine.

We are open to suggestions.

Thx.

Ken Miles
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linbit.com/pipermail/drbd-user/attachments/20140802/3dfb7b05/attachment.htm>

More information about the drbd-user mailing list