Squid 集群中的慢速故障轉移

我用 Corosync/Pacemaker 創建了一個集群。在集群中，我配置了兩個資源，一個虛擬 IP 和 Squid。集群中有 2 個節點在 Debian 8 上工作。

crm_status顯示，兩個節點都線上，一切正常。

出於測試目的，我停止了節點一。CRM 顯示資源已遷移到第二個節點，但是當我在客戶端瀏覽器上使用虛擬 IP 時，我沒有得到任何響應。大多數情況下，大約需要 10 分鐘，直到客戶端能夠通過第二個節點使用虛擬 IP 進行瀏覽。

我認為（希望）這是一個小錯誤配置，但此刻我不知道在哪裡定位故障。這是我的配置：

節點

Node 1                 Node 2
eth0 10.0.0.234        eth0 10.0.0.235
eth1 x.x.x.134         eth1 x.x.x.135

Virtual IP: 10.0.0.233

同步

totem {
   version: 2
   cluster_name: SQUID
   token: 3000
   token_retransmits_before_loss_const: 10
   clear_node_high_bit: yes
   crypto_cipher: aes256
   crypto_hash: sha1

   interface {
           ringnumber: 0
           bindnetaddr: x.x.x.0
           mcastaddr: 239.255.1.1
           mcastport: 5405
           ttl: 1
   }
}
logging {
   fileline: off
   to_stderr: no
   to_logfile: no
   to_syslog: yes
   syslog_facility: daemon
   debug: off
   timestamp: on
   logger_subsys {
           subsys: QUORUM
           debug: off
   }
}
quorum {
   provider: corosync_votequorum
   expected_votes: 2
   two_node: 1
}

起搏器

primitive SQUID-IP IPaddr2 \
   params ip=10.0.0.233 cidr_netmask=24 nic=eth0 \
   op monitor interval=30s \
   meta target-role=Started
primitive SQUID-Service Squid \
   params squid_exe="/usr/sbin/squid3" squid_conf="/etc/squid3/squid.conf" squid_pidfile="/run/squid3.pid" squid_port=3128 squid_stop_timeout=10 debug_mode=v debug_log="/var/log/cluster.log" \
   op start interval=0 timeout=60s \
   op stop interval=0 timeout=120s \
   op monitor interval=10s timeout=30s \
   meta target-role=Started
colocation lb-loc inf: SQUID-IP SQUID-Service
order lb-ord inf: SQUID-IP SQUID-Service
property cib-bootstrap-options: \
   have-watchdog=false \
   dc-version=1.1.15-e174ec8 \
   cluster-infrastructure=corosync \
   cluster-name=Squid \
   stonith-enabled=no \
   no-quorum-policy=ignore
rsc_defaults rsc-options: \
   resource-stickiness=200

烏賊

#Networks
acl net_client src 192.168.1.0/24
acl net_cus src 10.0.200.0/24

#ACLs
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

#Rules
http_access deny !Safe_ports
http_access allow net_client
http_access allow net_cus
#http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
http_access deny all

#Proxy Port
http_port 3128

#Cache Size
cache_mem 512 MB

#Cache Directory
cache_dir ufs /var/spool/squid3 100 16 256

#PID File
pid_filename /var/run/squid3.pid

#Cache Log
cache_log /var/log/squid3/cache.log

#Leave coredumps in the first cache dir
coredump_dir /var/spool/squid3

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

#Notification Address
cache_mgr my@address.com

問題是中間防火牆上的 ARP 記憶體/刷新間隔。重新配置後，故障轉移按預期工作。

引用自：https://serverfault.com/questions/849055