On Thu, Oct 28, 2021 at 3:43 PM Paul Warwicker <paul.warwic...@gmail.com> wrote: > > Hello, > > I originally posted this in the Azure forums first but have had no replies. > Trying here instead in case anyone has encountered it. > > I am trying to setup up a High Availability Cluster in Azure using CentOS 8, > Pacemaker and Corosync. Everything is deployed using terraform. > > For our application, we need to migrate a floating IP address, a shared > storage and our daemon between nodes. These resources are grouped into a > service and these are successfully migrating between nodes as required. We > are also using a private DNS zone and there is no firewall on either server. > There is a DNS entry for the floating IP and that is resolvable by both > servers and client. > > The problem is that floating IP address is only pingable on the server which > has the floating IP address assigned as a secondary address. All other nodes > in the same subnet will get the error Destination Host Unreachable, but pings > to the primary address will succeed. All the IP addresses are in the same > subnet (172.16.31.0/24). Auto-registration is enabled for the servers and > client which makes up the test environment. The floating address was a > somewhat arbitrary choice, but remains in that same subnet and would not be > otherwise allocated. I mentioned the auto registration because the floating > IP is not auto-registered. >
My understanding is that Azure does not have Layer 2 and it must know every IP each VM is using. For virtual IP you can (should?) use Azure load balancers - basically, you create a pool of one address, Azure probes each node and detects which node has IP active. See as example this RH documentation: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/deploying_red_hat_enterprise_linux_8_on_public_cloud_platforms/configuring-rhel-high-availability-on-azure_cloud-content#azure-create-internal-load-balancer-in-azure-ha_configuring-rhel-high-availability-on-azure Maybe it is possible to use a resource agent that configures IP in Azure on demand (i.e. assigns it to correct VM when resource is activated). I believe I have seen it mentioned somewhere. > If I migrate the service to the other server node, the roles are reversed, > the server which could not ping the address can now do so and the server > which could, cannot. > Accessing local IP is done entirely inside one single server. _______________________________________________ Manage your subscription: https://lists.clusterlabs.org/mailman/listinfo/users ClusterLabs home: https://www.clusterlabs.org/
