On 02/12/19 09:50 -0600, Ken Gaillot wrote: > On Sat, 2019-11-30 at 18:58 +0300, Andrei Borzenkov wrote: >> 29.11.2019 17:46, Jan Pokorný пишет: >>> "Clone" feature for IPAddr2 is actually sort of an overloading that >>> agent with an alternative functionality -- trivial low-level load >>> balancing. You can ignore that if you don't need any such. >>> >> >> I would say IPaddr2 in clone mode does something similar to >> SharedAddress. > > Just a side note about something that came up recently: > > IPaddr2 cloning utilizes the iptables "clusterip" feature, which has > been deprecated in the Linux kernel since 2015. IPaddr2 cloning > therefore must be considered deprecated as well. (Using it for a single > floating IP is still fully supported.) > > IPaddr2 could be modified to use a newer iptables capability called > "xt_cluster", but someone would have to volunteer to do that as it's > not a priority.
You likely refer to https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=43270b1bc5f1e33522dacf3d3b9175c29404c36c however this extension is activelly maintained to this day, so don't see any immediate risks other than something related to containers as referred to from said commit -- that is good to know about in such scenarios nonetheless. My up2date Fedora Rawhide iptables installation, or rather its iptables-extensions(8) man page does not mention any deprecation at all (unlike with ULOG extension). OTOH, what may be a true show stopper is a support for IPv4 only, which xt_cluster seems to rectify. -- Jan (Poki)
pgpBadtkZA8r0.pgp
Description: PGP signature
_______________________________________________ Manage your subscription: https://lists.clusterlabs.org/mailman/listinfo/users ClusterLabs home: https://www.clusterlabs.org/